Use Span and Array for the curve list. There seems to be a GCC bug that requires kDefaultGroups having an explicit cast, but this is still much nicer than void(const uint16_t **, size_t *) functions. Bug: 132 Change-Id: Id586d402ca0b8a01370353ff17295e71ee219ff3 Reviewed-on: https://boringssl-review.googlesource.com/20668 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: cf0ce676d6aad0ec19f3a661f6903ea36bacdf91 [log] [tgz]
author: David Benjamin <davidben@google.com> Thu Sep 21 02:25:59 2017 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Sep 27 18:00:05 2017 +0000
tree: b762999d7d29981e2f324cac9f55d2aba37e4db8
parent: 499742c60f84572f0f35454f645606dfcdf79b23 [diff] [blame]
diff --git a/ssl/tls13_client.cc b/ssl/tls13_client.cc
index 38df531..2ac6195 100644
--- a/ssl/tls13_client.cc
+++ b/ssl/tls13_client.cc

@@ -113,18 +113,7 @@
     }
 
     // The group must be supported.
-    const uint16_t *groups;
-    size_t groups_len;
-    tls1_get_grouplist(ssl, &groups, &groups_len);
-    int found = 0;
-    for (size_t i = 0; i < groups_len; i++) {
-      if (groups[i] == group_id) {
-        found = 1;
-        break;
-      }
-    }
-
-    if (!found) {
+    if (!tls1_check_group_id(ssl, group_id)) {
       ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_ILLEGAL_PARAMETER);
       OPENSSL_PUT_ERROR(SSL, SSL_R_WRONG_CURVE);
       return ssl_hs_error;
commit	cf0ce676d6aad0ec19f3a661f6903ea36bacdf91	[log] [tgz]
author	David Benjamin <davidben@google.com>	Thu Sep 21 02:25:59 2017 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Wed Sep 27 18:00:05 2017 +0000
tree	b762999d7d29981e2f324cac9f55d2aba37e4db8
parent	499742c60f84572f0f35454f645606dfcdf79b23 [diff] [blame]