LibTLS: Remove all uses of VLAs

3 files changed, 15 insertions, 15 deletions

diff --git a/Userland/Libraries/LibTLS/ClientHandshake.cpp b/Userland/Libraries/LibTLS/ClientHandshake.cpp
index 8fd60ef2cc..1032c904b0 100644
--- a/Userland/Libraries/LibTLS/ClientHandshake.cpp
+++ b/Userland/Libraries/LibTLS/ClientHandshake.cpp
@@ -275,8 +275,9 @@ void TLSv12::build_random(PacketBuilder& builder)
 
     Crypto::PK::RSA_PKCS1_EME rsa(certificate.public_key.modulus(), 0, certificate.public_key.public_exponent());
 
-    u8 out[rsa.output_size()];
-    auto outbuf = Bytes { out, rsa.output_size() };
+    Vector<u8, 32> out;
+    out.resize(rsa.output_size());
+    auto outbuf = out.span();
     rsa.encrypt(m_context.premaster_key, outbuf);
 
     if constexpr (TLS_DEBUG) {
diff --git a/Userland/Libraries/LibTLS/Exchange.cpp b/Userland/Libraries/LibTLS/Exchange.cpp
index 45e52e2bc2..fa15badcd1 100644
--- a/Userland/Libraries/LibTLS/Exchange.cpp
+++ b/Userland/Libraries/LibTLS/Exchange.cpp
@@ -101,28 +101,27 @@ void TLSv12::pseudorandom_function(Bytes output, ReadonlyBytes secret, const u8*
     //            document and in TLS documents published prior to this document when
     //            TLS 1.2 is negotiated."
     // Apparently this PRF _always_ uses SHA256
-    Crypto::Authentication::HMAC<Crypto::Hash::SHA256> hmac(secret);
 
-    auto l_seed_size = label_length + seed.size() + seed_b.size();
-    u8 l_seed[l_seed_size];
-    auto label_seed_buffer = Bytes { l_seed, l_seed_size };
-    label_seed_buffer.overwrite(0, label, label_length);
-    label_seed_buffer.overwrite(label_length, seed.data(), seed.size());
-    if (seed_b.size() > 0)
-        label_seed_buffer.overwrite(label_length + seed.size(), seed_b.data(), seed_b.size());
+    auto append_label_seed = [&](auto& hmac) {
+        hmac.update(label, label_length);
+        hmac.update(seed);
+        if (seed_b.size() > 0)
+            hmac.update(seed_b);
+    };
 
-    auto digest_size = hmac.digest_size();
+    Crypto::Authentication::HMAC<Crypto::Hash::SHA256> hmac(secret);
+    append_label_seed(hmac);
 
+    constexpr auto digest_size = hmac.digest_size();
     u8 digest[digest_size];
-
     auto digest_0 = Bytes { digest, digest_size };
 
-    digest_0.overwrite(0, hmac.process(label_seed_buffer).immutable_data(), digest_size);
+    digest_0.overwrite(0, hmac.digest().immutable_data(), digest_size);
 
     size_t index = 0;
     while (index < output.size()) {
         hmac.update(digest_0);
-        hmac.update(label_seed_buffer);
+        append_label_seed(hmac);
         auto digest_1 = hmac.digest();
 
         auto copy_size = min(digest_size, output.size() - index);
diff --git a/Userland/Libraries/LibTLS/Handshake.cpp b/Userland/Libraries/LibTLS/Handshake.cpp
index 6fefbf7e1e..3b515a4fab 100644
--- a/Userland/Libraries/LibTLS/Handshake.cpp
+++ b/Userland/Libraries/LibTLS/Handshake.cpp
@@ -141,7 +141,7 @@ ByteBuffer TLSv12::build_finished()
     PacketBuilder builder { MessageType::Handshake, m_context.options.version, 12 + 64 };
     builder.append((u8)HandshakeType::Finished);
 
-    u32 out_size = 12;
+    constexpr u32 out_size = 12;
 
     builder.append_u24(out_size);