Closed qmuntal closed 1 year ago
This PR updates TLS1PRF to accept a byte slice parameter where to write the output. This avoids allocating a new slice on each function call and integrates better with the standard library, which expects the PRF to update an already existing slice: https://github.com/golang/go/blob/2f0b28da1900909a2c3ddf646bb508fc7effb8f2/src/crypto/tls/prf.go#L68.
TLS1PRF
To make is clear, the current code would have to be integrated like this:
func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) error { return func(result, secret, label, seed []byte) error { if backend.Enabled && backend.SupportsTLS1PRF() { out, err := backend.TLS1PRF(secret, label, seed, len(result), hashFunc) if err != nil { return fmt.Errorf("crypto/tls: prf12: %v", err) } copy(result, out) return nil } ... } }
While with the new approach, it would like this:
func prf12(hashFunc func() hash.Hash) func(result, secret, label, seed []byte) error { return func(result, secret, label, seed []byte) error { if backend.Enabled && backend.SupportsTLS1PRF() { err := backend.TLS1PRF(result, secret, label, seed, len(result), hashFunc) if err != nil { return fmt.Errorf("crypto/tls: prf12: %v", err) } return nil } ... } }
This PR updates
TLS1PRF
to accept a byte slice parameter where to write the output. This avoids allocating a new slice on each function call and integrates better with the standard library, which expects the PRF to update an already existing slice: https://github.com/golang/go/blob/2f0b28da1900909a2c3ddf646bb508fc7effb8f2/src/crypto/tls/prf.go#L68.To make is clear, the current code would have to be integrated like this:
While with the new approach, it would like this: