commit 31b0c9be305147a7a47d05fb4cfa53247b6203dc
author David Benjamin <davidben@google.com> Thu Jul 20 14:49:15 2017 -0400
committer David Benjamin <davidben@google.com> Thu Jul 20 20:38:55 2017 +0000
tree 265bc3f47d50384aa60b5a79fabc94e3aa5739c9
parent 8f28886817f5b9e1156c6e1e24e1aac20c40908a

Add a bunch of scopers.

I started by switching a couple fields to SSL_HANDSHAKE and then kept
following transitive bits.

Bug: 132
Change-Id: I640dadd3558615fa38c7e8498d4efe7449b0658f
Reviewed-on: https://boringssl-review.googlesource.com/18245
Reviewed-by: Steven Valdez <svaldez@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>

ssl/ssl_privkey.cc

diff --git a/ssl/ssl_privkey.cc b/ssl/ssl_privkey.cc
index 0660714..3e3fa94 100644
--- a/ssl/ssl_privkey.cc
+++ b/ssl/ssl_privkey.cc
@@ -288,7 +288,7 @@
 int ssl_private_key_supports_signature_algorithm(SSL_HANDSHAKE *hs,
                                                  uint16_t sigalg) {
   SSL *const ssl = hs->ssl;
-  if (!pkey_supports_algorithm(ssl, hs->local_pubkey, sigalg)) {
+  if (!pkey_supports_algorithm(ssl, hs->local_pubkey.get(), sigalg)) {
     return 0;
   }
 
@@ -299,9 +299,8 @@
    * SHA-512. 1024-bit RSA is sometimes used for test credentials, so check the
    * size so that we can fall back to another algorithm in that case. */
   const SSL_SIGNATURE_ALGORITHM *alg = get_signature_algorithm(sigalg);
-  if (alg->is_rsa_pss &&
-      (size_t)EVP_PKEY_size(hs->local_pubkey) <
-          2 * EVP_MD_size(alg->digest_func()) + 2) {
+  if (alg->is_rsa_pss && (size_t)EVP_PKEY_size(hs->local_pubkey.get()) <
+                             2 * EVP_MD_size(alg->digest_func()) + 2) {
     return 0;
   }