Skip to content

Commit

Permalink
Move digest and label blobs to stack
Browse files Browse the repository at this point in the history
  • Loading branch information
Mark-Simulacrum committed Oct 2, 2023
1 parent 1926988 commit 59e7f68
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions tls/s2n_tls13_secrets.c
Original file line number Diff line number Diff line change
Expand Up @@ -720,8 +720,11 @@ int s2n_connection_tls_exporter(struct s2n_connection *conn,
POSIX_ENSURE_REF(conn->secure->cipher_suite);
s2n_hmac_algorithm hmac_alg = conn->secure->cipher_suite->prf_alg;

uint8_t label_bytes[249] = { 0 };
struct s2n_blob label = { 0 };
POSIX_GUARD(s2n_blob_init(&label, (uint8_t *) label_in, label_length));
POSIX_ENSURE_LTE(label_length, sizeof(label_bytes));
POSIX_CHECKED_MEMCPY(label_bytes, label_in, label_length);
POSIX_GUARD(s2n_blob_init(&label, label_bytes, label_length));

uint8_t derived_secret_bytes[S2N_TLS13_SECRET_MAX_LEN] = { 0 };
struct s2n_blob derived_secret = { 0 };
Expand All @@ -738,7 +741,10 @@ int s2n_connection_tls_exporter(struct s2n_connection *conn,

s2n_hash_algorithm hash_alg = { 0 };
POSIX_GUARD(s2n_hmac_hash_alg(hmac_alg, &hash_alg));
struct s2n_blob digest = EMPTY_CONTEXT(hmac_alg);
uint8_t digest_bytes[S2N_MAX_DIGEST_LEN] = { 0 };
struct s2n_blob digest = { 0 };
POSIX_ENSURE_LTE(s2n_get_hash_len(CONN_HMAC_ALG(conn)), S2N_MAX_DIGEST_LEN);
POSIX_GUARD(s2n_blob_init(&digest, digest_bytes, s2n_get_hash_len(CONN_HMAC_ALG(conn))));

POSIX_GUARD(s2n_hash_init(&hash, hash_alg));
POSIX_GUARD(s2n_hash_update(&hash, context, context_length));
Expand Down

0 comments on commit 59e7f68

Please sign in to comment.