mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

internal.c: refactoring DoCertificateVerify to reduce stack usage:

Browse Source 
--- variable encodedSig moved to the heap (512 bytes saved)
This commit is contained in:
Moisés Guimarães 2014-10-18 14:38:57 -03:00
parent 9368c8d1e8
commit 949094cfbc
1 changed files with 15 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/internal.c
View File

@ -12333,12 +12333,23 @@ int DoSessionTicket(CYASSL* ssl,
} }
if (IsAtLeastTLSv1_2(ssl)) { if (IsAtLeastTLSv1_2(ssl)) {
#ifdef CYASSL_SMALL_STACK
byte* encodedSig = NULL;
#else
byte encodedSig[MAX_ENCODED_SIG_SZ]; byte encodedSig[MAX_ENCODED_SIG_SZ];
#endif
word32 sigSz; word32 sigSz;
byte* digest = ssl->certHashes.sha; byte* digest = ssl->certHashes.sha;
int typeH = SHAh; int typeH = SHAh;
int digestSz = SHA_DIGEST_SIZE; int digestSz = SHA_DIGEST_SIZE;
#ifdef CYASSL_SMALL_STACK
encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL,
DYNAMIC_TYPE_TMP_BUFFER);
if (encodedSig == NULL)
return MEMORY_E;
#endif
if (sigAlgo != rsa_sa_algo) { if (sigAlgo != rsa_sa_algo) {
CYASSL_MSG("Oops, peer sent RSA key but not in verify"); CYASSL_MSG("Oops, peer sent RSA key but not in verify");
} }
@ -12363,6 +12374,10 @@ int DoSessionTicket(CYASSL* ssl,
if (outLen == (int)sigSz && out && XMEMCMP(out, encodedSig, if (outLen == (int)sigSz && out && XMEMCMP(out, encodedSig,
min(sigSz, MAX_ENCODED_SIG_SZ)) == 0) min(sigSz, MAX_ENCODED_SIG_SZ)) == 0)
ret = 0; /* verified */ ret = 0; /* verified */
#ifdef CYASSL_SMALL_STACK
XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
} }
else { else {
if (outLen == FINISHED_SZ && out && XMEMCMP(out, if (outLen == FINISHED_SZ && out && XMEMCMP(out,