commit b244e3a5fc9767f6aa0ea717b45598222c8d2ada
author David Benjamin <davidben@google.com> Fri Aug 16 19:33:15 2019 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Aug 20 13:52:38 2019 +0000
tree 85a9859894746efee5597419ffaf2877cb650fc9
parent 79b8b3a41982f9760faaea706378a78d40c16b62

Switch another low-level function to spans.

Get this out of the way for the various TLS 1.3 secrets to use spans.

Change-Id: Ia6c3fa4b35ecfad721af665f54bde5ab16baf7ca
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/37126
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>

ssl/tls13_enc.cc

diff --git a/ssl/tls13_enc.cc b/ssl/tls13_enc.cc
index 19ae052..c07afd1 100644
--- a/ssl/tls13_enc.cc
+++ b/ssl/tls13_enc.cc
@@ -233,7 +233,7 @@
   if (!derive_secret(hs, MakeSpan(hs->early_traffic_secret, hs->hash_len),
                      label_to_span(kTLS13LabelClientEarlyTraffic)) ||
       !ssl_log_secret(ssl, "CLIENT_EARLY_TRAFFIC_SECRET",
-                      hs->early_traffic_secret, hs->hash_len)) {
+                      MakeConstSpan(hs->early_traffic_secret, hs->hash_len))) {
     return false;
   }
 
@@ -262,12 +262,14 @@
   SSL *const ssl = hs->ssl;
   if (!derive_secret(hs, MakeSpan(hs->client_handshake_secret, hs->hash_len),
                      label_to_span(kTLS13LabelClientHandshakeTraffic)) ||
-      !ssl_log_secret(ssl, "CLIENT_HANDSHAKE_TRAFFIC_SECRET",
-                      hs->client_handshake_secret, hs->hash_len) ||
+      !ssl_log_secret(
+          ssl, "CLIENT_HANDSHAKE_TRAFFIC_SECRET",
+          MakeConstSpan(hs->client_handshake_secret, hs->hash_len)) ||
       !derive_secret(hs, MakeSpan(hs->server_handshake_secret, hs->hash_len),
                      label_to_span(kTLS13LabelServerHandshakeTraffic)) ||
-      !ssl_log_secret(ssl, "SERVER_HANDSHAKE_TRAFFIC_SECRET",
-                      hs->server_handshake_secret, hs->hash_len)) {
+      !ssl_log_secret(
+          ssl, "SERVER_HANDSHAKE_TRAFFIC_SECRET",
+          MakeConstSpan(hs->server_handshake_secret, hs->hash_len))) {
     return false;
   }
 
@@ -297,16 +299,20 @@
   ssl->s3->exporter_secret_len = hs->hash_len;
   if (!derive_secret(hs, MakeSpan(hs->client_traffic_secret_0, hs->hash_len),
                      label_to_span(kTLS13LabelClientApplicationTraffic)) ||
-      !ssl_log_secret(ssl, "CLIENT_TRAFFIC_SECRET_0",
-                      hs->client_traffic_secret_0, hs->hash_len) ||
+      !ssl_log_secret(
+          ssl, "CLIENT_TRAFFIC_SECRET_0",
+          MakeConstSpan(hs->client_traffic_secret_0, hs->hash_len)) ||
       !derive_secret(hs, MakeSpan(hs->server_traffic_secret_0, hs->hash_len),
                      label_to_span(kTLS13LabelServerApplicationTraffic)) ||
-      !ssl_log_secret(ssl, "SERVER_TRAFFIC_SECRET_0",
-                      hs->server_traffic_secret_0, hs->hash_len) ||
-      !derive_secret(hs, MakeSpan(ssl->s3->exporter_secret, hs->hash_len),
-                     label_to_span(kTLS13LabelExporter)) ||
-      !ssl_log_secret(ssl, "EXPORTER_SECRET", ssl->s3->exporter_secret,
-                      hs->hash_len)) {
+      !ssl_log_secret(
+          ssl, "SERVER_TRAFFIC_SECRET_0",
+          MakeConstSpan(hs->server_traffic_secret_0, hs->hash_len)) ||
+      !derive_secret(
+          hs, MakeSpan(ssl->s3->exporter_secret, ssl->s3->exporter_secret_len),
+          label_to_span(kTLS13LabelExporter)) ||
+      !ssl_log_secret(ssl, "EXPORTER_SECRET",
+                      MakeConstSpan(ssl->s3->exporter_secret,
+                                    ssl->s3->exporter_secret_len))) {
     return false;
   }