Convert SSL_ECDH_CTX to C++.
SSLECDHContext has the acronyms problem, so I went with SSLKeyShare to
match the TLS 1.3 terminology. It's also a little shorter. Accept and
Finish, for now, take raw output pointers in anticipation of some
bssl::Array and maybe bssl::CleansedArray types.
Bug: 132
Change-Id: I427c7c0eac95704f3ad093676c504c2848f5acb9
Reviewed-on: https://boringssl-review.googlesource.com/18265
Reviewed-by: Steven Valdez <svaldez@google.com>
diff --git a/ssl/handshake_client.cc b/ssl/handshake_client.cc
index cac65f6..260d3cd0 100644
--- a/ssl/handshake_client.cc
+++ b/ssl/handshake_client.cc
@@ -1277,7 +1277,8 @@
}
/* Initialize ECDH and save the peer public key for later. */
- if (!SSL_ECDH_CTX_init(&hs->ecdh_ctx, group_id) ||
+ hs->key_share = SSLKeyShare::Create(group_id);
+ if (!hs->key_share ||
!CBS_stow(&point, &hs->peer_key, &hs->peer_key_len)) {
return -1;
}
@@ -1599,8 +1600,8 @@
/* Compute the premaster. */
uint8_t alert = SSL_AD_DECODE_ERROR;
- if (!SSL_ECDH_CTX_accept(&hs->ecdh_ctx, &child, &pms, &pms_len, &alert,
- hs->peer_key, hs->peer_key_len)) {
+ if (!hs->key_share->Accept(&child, &pms, &pms_len, &alert, hs->peer_key,
+ hs->peer_key_len)) {
ssl3_send_alert(ssl, SSL3_AL_FATAL, alert);
goto err;
}
@@ -1609,7 +1610,7 @@
}
/* The key exchange state may now be discarded. */
- SSL_ECDH_CTX_cleanup(&hs->ecdh_ctx);
+ hs->key_share.reset();
OPENSSL_free(hs->peer_key);
hs->peer_key = NULL;
hs->peer_key_len = 0;