Simplify tls1_channel_id_hash. Rather than iterate over handshake_dgsts itself, it can just call tls1_handshake_digest. Change-Id: Ia518da540e47e65b13367eb1af184c0885908488 Reviewed-on: https://boringssl-review.googlesource.com/5617 Reviewed-by: Adam Langley <agl@google.com>

commit: d6a4ae97cdc118d2505a10acf613706c9ae32a54 [log] [tgz]
author: David Benjamin <davidben@chromium.org> Thu Aug 06 11:10:51 2015 -0400
committer: Adam Langley <agl@google.com> Fri Aug 07 01:16:33 2015 +0000
tree: 18276dff39cfb691cff120e345639733eef7f889
parent: 5375fd594beb5dd2b979cf704b964e4704d23309 [diff] [blame]
diff --git a/ssl/internal.h b/ssl/internal.h
index 1d6426b..a898422 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h

@@ -1142,7 +1142,11 @@
 int tls12_get_sigid(int pkey_type);
 const EVP_MD *tls12_get_hash(uint8_t hash_alg);
 
-int tls1_channel_id_hash(EVP_MD_CTX *ctx, SSL *s);
+/* tls1_channel_id_hash computes the hash to be signed by Channel ID and writes
+ * it to |out|, which must contain at least |EVP_MAX_MD_SIZE| bytes. It returns
+ * one on success and zero on failure. */
+int tls1_channel_id_hash(SSL *ssl, uint8_t *out, size_t *out_len);
+
 int tls1_record_handshake_hashes_for_channel_id(SSL *s);
 
 int tls1_set_sigalgs_list(CERT *c, const char *str, int client);
commit	d6a4ae97cdc118d2505a10acf613706c9ae32a54	[log] [tgz]
author	David Benjamin <davidben@chromium.org>	Thu Aug 06 11:10:51 2015 -0400
committer	Adam Langley <agl@google.com>	Fri Aug 07 01:16:33 2015 +0000
tree	18276dff39cfb691cff120e345639733eef7f889
parent	5375fd594beb5dd2b979cf704b964e4704d23309 [diff] [blame]