--- variable shaOutput moved to the heap (20 bytes saved)
--- variable md5Input moved to the heap (68 bytes saved)
--- variable shaInput moved to the heap (119 bytes saved)
--- variable keyData moved to the heap (112 bytes saved)
--- variable md5 moved to the heap (sizeof(Md5) saved)
--- variable sha moved to the heap (sizeof(Sha) saved)
--- variable md5_hash moved to the heap (up to 256 bytes saved)
--- variable sha_hash moved to the heap (up to 256 bytes saved)
--- variable labelSeed moved to the heap (up to 128 bytes saved)
--- variable md5_result moved to the heap (up to 224 bytes saved)
--- variable sha_result moved to the heap (up to 224 bytes saved)
tls: refactoring PRF to reduce stack usage:
--- variable labelSeed moved to the heap (up to 128 bytes saved)
--- variable previous moved to the heap (up to 48 bytes saved)
--- variable current moved to the heap (up to 48 bytes saved)
--- variable hmac moved to the heap (sizeof(Hmac) bytes saved)
The DTLS sequence number used when decrypting CCM/GCM was taken from
the internal state, instead of from the actual message record.
If any DTLS messages were dropped, the expectation of the next
sequence number was wrong. This lead to a failed MAC check on the next
message to arrive, and an alert was generated.
--- single return point
--- changed stack reduction MEMORY_E to -1 to match XMALLOC fail at httpBuf
--- variable written removed
--- variable ocspRespSz renamed to ret (initialized with -1 and set only once with process_http_response result)
--- use ShaHash instead of InitSha, ShaUpdate and ShaFinal (sizeof(Sha) saved)
io: refactoring EmbedOcspLookup to reduce stack usage:
--- variable domainName moved to the heap (80 bytes saved)
--- variable path moved to the heap (80 bytes saved)
--- variable newStatus moved to the heap (sizeof(CertStatus) saved)
--- variable ocspRequest moved to the heap (sizeof(OcspRequest) saved)
--- variable ocspResponse moved to the heap (sizeof(OcspResponse) saved)
