Only reserve EVP_MAX_MD_SIZE for the Finished, not twice of it.

EVP_MAX_MD_SIZE is large enough to fit a MD5/SHA1 concatenation, and necessarily is because EVP_md5_sha1 exists. This shaves 128 bytes of per-connection state. Change-Id: I848a8563dfcbac14735bb7b302263a638528f98e Reviewed-on: https://boringssl-review.googlesource.com/6804 Reviewed-by: Adam Langley <agl@google.com>
author: David Benjamin <davidben@chromium.org> 2015-12-20 04:54:07 +0300
committer: Adam Langley <agl@google.com> 2015-12-23 02:29:21 +0300
commit: fe5f7c7b56e1d54478d2983c26153ead80e0322a (patch)
tree: c68a3e72c32890e81a74e55a6dcd88fbd2d2e2ba /include
parent: 0d56f888c3f748f276249e0733acfc31851a9443 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index af484195..dcfee915 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3986,10 +3986,9 @@ typedef struct ssl3_state_st {
    * pending handshake state here so it can be managed separately from
    * established connection state in case of renegotiations. */
   struct {
-    /* actually only need to be 16+20 for SSLv3 and 12 for TLS */
-    uint8_t finish_md[EVP_MAX_MD_SIZE * 2];
+    uint8_t finish_md[EVP_MAX_MD_SIZE];
     int finish_md_len;
-    uint8_t peer_finish_md[EVP_MAX_MD_SIZE * 2];
+    uint8_t peer_finish_md[EVP_MAX_MD_SIZE];
     int peer_finish_md_len;
 
     unsigned long message_size;
author	David Benjamin <davidben@chromium.org>	2015-12-20 04:54:07 +0300
committer	Adam Langley <agl@google.com>	2015-12-23 02:29:21 +0300
commit	fe5f7c7b56e1d54478d2983c26153ead80e0322a (patch)
tree	c68a3e72c32890e81a74e55a6dcd88fbd2d2e2ba /include
parent	0d56f888c3f748f276249e0733acfc31851a9443 (diff)