Pass write buffer to cert verifier

src/asynch.rs

@@ -52,8 +52,8 @@ where
     /// The write record buffer can be smaller than the read buffer. During write [`TLS_RECORD_OVERHEAD`] over overhead
     /// is added per record, so the buffer must at least be this large. Large writes are split into multiple records if
     /// depending on the size of the write buffer.
-    /// The largest of the two buffers will be used to encode the TLS handshake record, hence either of the
-    /// buffers must at least be large enough to encode a handshake.
+    /// The read buffer will also be used to encode the TLS handshake record. The write buffer may
+    /// be resued by the certificate verifier.
     pub fn new(
         delegate: Socket,
         record_read_buf: &'a mut [u8],
@@ -74,16 +74,19 @@ where
     ///
     /// Returns an error if the handshake does not proceed. If an error occurs, the connection
     /// instance must be recreated.
-    pub async fn open<'v, RNG, Verifier>(
-        &mut self,
-        context: TlsContext<'v, CipherSuite, RNG>,
+    pub async fn open<'v, 'c, RNG, Verifier>(
+        &'v mut self,
+        context: TlsContext<'c, CipherSuite, RNG>,
     ) -> Result<(), TlsError>
     where
         RNG: CryptoRng + RngCore,
-        Verifier: TlsVerifier<'v, CipherSuite>,
+        Verifier: TlsVerifier<'v, 'c, CipherSuite>,
+        'a: 'v,
     {
-        let mut handshake: Handshake<CipherSuite, Verifier> =
-            Handshake::new(Verifier::new(context.config.server_name));
+        let mut handshake: Handshake<CipherSuite, Verifier> = Handshake::new(Verifier::new(
+            self.record_write_buf.take_buffer()?,
+            context.config.server_name,
+        ));
         let mut state = State::ClientHello;
 
         loop {

src/blocking.rs

@@ -52,8 +52,8 @@ where
     /// The write record buffer can be smaller than the read buffer. During write [`TLS_RECORD_OVERHEAD`] over overhead
     /// is added per record, so the buffer must at least be this large. Large writes are split into multiple records if
     /// depending on the size of the write buffer.
-    /// The largest of the two buffers will be used to encode the TLS handshake record, hence either of the
-    /// buffers must at least be large enough to encode a handshake.
+    /// The read buffer will also be used to encode the TLS handshake record. The write buffer may
+    /// be resued by the certificate verifier.
     pub fn new(
         delegate: Socket,
         record_read_buf: &'a mut [u8],
@@ -74,16 +74,18 @@ where
     ///
     /// Returns an error if the handshake does not proceed. If an error occurs, the connection
     /// instance must be recreated.
-    pub fn open<'v, RNG, Verifier>(
-        &mut self,
-        context: TlsContext<'v, CipherSuite, RNG>,
+    pub fn open<'v, 'c, RNG, Verifier>(
+        &'v mut self,
+        context: TlsContext<'c, CipherSuite, RNG>,
     ) -> Result<(), TlsError>
     where
         RNG: CryptoRng + RngCore,
-        Verifier: TlsVerifier<'v, CipherSuite>,
+        Verifier: TlsVerifier<'v, 'c, CipherSuite>,
     {
-        let mut handshake: Handshake<CipherSuite, Verifier> =
-            Handshake::new(Verifier::new(context.config.server_name));
+        let mut handshake: Handshake<CipherSuite, Verifier> = Handshake::new(Verifier::new(
+            self.record_write_buf.take_buffer()?,
+            context.config.server_name,
+        ));
         let mut state = State::ClientHello;
 
         loop {

src/config.rs

@@ -65,7 +65,7 @@ impl TlsCipherSuite for Aes256GcmSha384 {
 /// The verifier is responsible for verifying certificates and signatures. Since certificate verification is
 /// an expensive process, this trait allows clients to choose how much verification should take place,
 /// and also to skip the verification if the server is verified through other means (I.e. a pre-shared key).
-pub trait TlsVerifier<'a, CipherSuite>
+pub trait TlsVerifier<'a, 'c, CipherSuite>
 where
     CipherSuite: TlsCipherSuite,
 {
@@ -74,7 +74,7 @@ where
     /// This method is called for every TLS handshake.
     ///
     /// Host verification is enabled by passing a server hostname.
-    fn new(host: Option<&'a str>) -> Self;
+    fn new(buffer: &'a mut [u8], host: Option<&'c str>) -> Self;
 
     /// Verify a certificate.
     ///
@@ -96,11 +96,11 @@ where
 
 pub struct NoVerify;
 
-impl<'a, CipherSuite> TlsVerifier<'a, CipherSuite> for NoVerify
+impl<'a, 'c, CipherSuite> TlsVerifier<'a, 'c, CipherSuite> for NoVerify
 where
     CipherSuite: TlsCipherSuite,
 {
-    fn new(_host: Option<&str>) -> Self {
+    fn new(_buffer: &'a mut [u8], _host: Option<&'c str>) -> Self {
         Self
     }
 

src/connection.rs

@@ -181,10 +181,10 @@ where
     verifier: Verifier,
 }
 
-impl<'v, CipherSuite, Verifier> Handshake<CipherSuite, Verifier>
+impl<'v, 'c, CipherSuite, Verifier> Handshake<CipherSuite, Verifier>
 where
     CipherSuite: TlsCipherSuite,
-    Verifier: TlsVerifier<'v, CipherSuite>,
+    Verifier: TlsVerifier<'v, 'c, CipherSuite>,
 {
     pub fn new(verifier: Verifier) -> Handshake<CipherSuite, Verifier> {
         Handshake {
@@ -210,20 +210,20 @@ pub enum State {
 impl<'a> State {
     #[cfg(feature = "async")]
     #[allow(clippy::too_many_arguments)]
-    pub async fn process<'v, Transport, CipherSuite, RNG, Verifier>(
+    pub async fn process<'v, 'c, Transport, CipherSuite, RNG, Verifier>(
         self,
         transport: &mut Transport,
         handshake: &mut Handshake<CipherSuite, Verifier>,
         record_reader: &mut RecordReader<'_, CipherSuite>,
         key_schedule: &mut KeySchedule<CipherSuite>,
-        config: &TlsConfig<'a, CipherSuite>,
+        config: &TlsConfig<'c, CipherSuite>,
         rng: &mut RNG,
     ) -> Result<State, TlsError>
     where
-        Transport: AsyncRead + AsyncWrite + 'a,
-        RNG: CryptoRng + RngCore + 'a,
+        Transport: AsyncRead + AsyncWrite,
+        RNG: CryptoRng + RngCore,
         CipherSuite: TlsCipherSuite,
-        Verifier: TlsVerifier<'v, CipherSuite>,
+        Verifier: TlsVerifier<'v, 'c, CipherSuite>,
     {
         match self {
             State::ClientHello => {
@@ -272,20 +272,20 @@ impl<'a> State {
     }
 
     #[allow(clippy::too_many_arguments)]
-    pub fn process_blocking<'v, Transport, CipherSuite, RNG, Verifier>(
+    pub fn process_blocking<'v, 'c, Transport, CipherSuite, RNG, Verifier>(
         self,
         transport: &mut Transport,
         handshake: &mut Handshake<CipherSuite, Verifier>,
         record_reader: &mut RecordReader<'_, CipherSuite>,
         key_schedule: &mut KeySchedule<CipherSuite>,
-        config: &TlsConfig<'a, CipherSuite>,
+        config: &TlsConfig<'c, CipherSuite>,
         rng: &mut RNG,
     ) -> Result<State, TlsError>
     where
-        Transport: BlockingRead + BlockingWrite + 'a,
+        Transport: BlockingRead + BlockingWrite,
         RNG: CryptoRng + RngCore,
         CipherSuite: TlsCipherSuite + 'static,
-        Verifier: TlsVerifier<'v, CipherSuite>,
+        Verifier: TlsVerifier<'v, 'c, CipherSuite>,
     {
         match self {
             State::ClientHello => {
@@ -425,15 +425,15 @@ where
     }
 }
 
-fn process_server_verify<'a, 'v, CipherSuite, Verifier>(
+fn process_server_verify<'a, 'v, 'c, CipherSuite, Verifier>(
     handshake: &mut Handshake<CipherSuite, Verifier>,
     key_schedule: &mut KeySchedule<CipherSuite>,
     config: &TlsConfig<'a, CipherSuite>,
     record: ServerRecord<'_, HashOutputSize<CipherSuite>>,
 ) -> Result<State, TlsError>
 where
     CipherSuite: TlsCipherSuite,
-    Verifier: TlsVerifier<'v, CipherSuite>,
+    Verifier: TlsVerifier<'v, 'c, CipherSuite>,
 {
     let mut state = State::ServerVerify;
     decrypt_record(key_schedule.read_state(), record, |key_schedule, record| {

src/webpki.rs

@@ -30,13 +30,13 @@ where
     _clock: PhantomData<Clock>,
 }
 
-impl<'a, CipherSuite, Clock, const CERT_SIZE: usize> TlsVerifier<'a, CipherSuite>
-    for CertVerifier<'a, CipherSuite, Clock, CERT_SIZE>
+impl<'a, 'c, CipherSuite, Clock, const CERT_SIZE: usize> TlsVerifier<'a, 'c, CipherSuite>
+    for CertVerifier<'c, CipherSuite, Clock, CERT_SIZE>
 where
     CipherSuite: TlsCipherSuite,
     Clock: TlsClock,
 {
-    fn new(host: Option<&'a str>) -> Self {
+    fn new(_buffer: &'a mut [u8], host: Option<&'c str>) -> Self {
         Self {
             host,
             certificate_transcript: None,

src/write_buffer.rs

@@ -26,6 +26,14 @@ impl<'a> WriteBuffer<'a> {
         }
     }
 
+    pub(crate) fn take_buffer(&mut self) -> Result<&mut [u8], TlsError> {
+        if self.pos > 0 {
+            return Err(TlsError::InternalError);
+        }
+
+        Ok(self.buffer)
+    }
+
     fn max_block_size(&self) -> usize {
         self.buffer.len() - TLS_RECORD_OVERHEAD
     }