Google Git
Sign in
boringssl/boringssl.git/81138bc861023edda4816e1a89398f32c3b68e23^!/./pki/verify_certificate_chain.cc
commit
81138bc861023edda4816e1a89398f32c3b68e23
[log]
author
David Benjamin <davidben@google.com>
Tue Jan 23 14:53:40 2024 -0500
committer
Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Tue Jan 23 21:42:57 2024 +0000
tree
db4c1d6d7957e2381c720d214504b32760d9cc3b
parent
90ceeb021579cdec2c1dd663a5f993e7161f5082 [diff] [blame]
Stop passing der::Input by const-ref

Span/view types are small enough that the guidance these days is to pass
by value. This CL is the result of two sed lines:

  sed -i -e 's/const Input &/Input /g' pki/*.*
  sed -i -e 's/const der::Input &/der::Input /g' pki/*.*

Plus one manual fix inside a comment in pki/parser.h where the spacing
didn't match. Then a clang-format -i

Change-Id: I29c9ffc7ddf2df5822e5335f108c85ecbf496a3c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/65669
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Matt Mueller <mattm@google.com>

diff --git a/pki/verify_certificate_chain.cc b/pki/verify_certificate_chain.cc
index da37d62..1d3d0c0 100644
--- a/pki/verify_certificate_chain.cc
+++ b/pki/verify_certificate_chain.cc

@@ -150,8 +150,8 @@
 // compatibility sake.
 bool VerifySignatureAlgorithmsMatch(const ParsedCertificate &cert,
                                     CertErrors *errors) {
-  const der::Input &alg1_tlv = cert.signature_algorithm_tlv();
-  const der::Input &alg2_tlv = cert.tbs().signature_algorithm_tlv;
+  der::Input alg1_tlv = cert.signature_algorithm_tlv();
+  der::Input alg2_tlv = cert.tbs().signature_algorithm_tlv;
 
   // Ensure that the two DER-encoded signature algorithms are byte-for-byte
   // equal.
@@ -690,7 +690,7 @@
   // Parses |spki| to an EVP_PKEY and checks whether the public key is accepted
   // by |delegate_|. On failure parsing returns nullptr. If either parsing the
   // key or key policy failed, adds a high-severity error to |errors|.
-  bssl::UniquePtr<EVP_PKEY> ParseAndCheckPublicKey(const der::Input &spki,
+  bssl::UniquePtr<EVP_PKEY> ParseAndCheckPublicKey(der::Input spki,
                                                    CertErrors *errors);
 
   ValidPolicyGraph valid_policy_graph_;
@@ -799,7 +799,7 @@
     //          for policy P and P-Q denote the qualifier set for policy
     //          P.  Perform the following steps in order:
     bool cert_has_any_policy = false;
-    for (const der::Input &p_oid : cert.policy_oids()) {
+    for (der::Input p_oid : cert.policy_oids()) {
       if (p_oid == der::Input(kAnyPolicyOid)) {
         cert_has_any_policy = true;
         continue;
@@ -1431,7 +1431,7 @@
 }
 
 bssl::UniquePtr<EVP_PKEY> PathVerifier::ParseAndCheckPublicKey(
-    const der::Input &spki, CertErrors *errors) {
+    der::Input spki, CertErrors *errors) {
   // Parse the public key.
   bssl::UniquePtr<EVP_PKEY> pkey;
   if (!ParsePublicKey(spki, &pkey)) {