Remove SSL_(CTX_)?set_ecdh_callback.
It has no callers. I prepped for its removal earlier with
https://android.googlesource.com/platform/external/conscrypt/+/c05697c2c50fe1331f08c6f32d0bc9636eecdc2d
and then completely forgot.
Thanks to upstream's 6f78b9e824c053d062188578635c575017b587c5 for
the reminder. Quoth them:
> This only gets used to set a specific curve without actually checking
> that the peer supports it or not and can therefor result in handshake
> failures that can be avoided by selecting a different cipher.
It's also a very confusing API since it does NOT pass ownership of the
EC_KEY to the caller.
Change-Id: I6a00643b3a2d6746e9e0e228b47c2bc9694b0084
Reviewed-on: https://boringssl-review.googlesource.com/6621
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 4c720d5..a62108b 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1805,34 +1805,6 @@
* preferences. (This is recommended.) */
OPENSSL_EXPORT int SSL_set_tmp_ecdh(SSL *ssl, const EC_KEY *ec_key);
-/* SSL_CTX_set_tmp_ecdh_callback configures |ctx| to use |callback| to determine
- * the curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
- * |keylength| and return an |EC_KEY| of the selected curve or NULL on
- * error. Only the curve is used, so the |EC_KEY| needn't have a generated
- * keypair.
- *
- * If the callback is unset, an appropriate curve will be chosen based on curve
- * preferences. (This is recommended.)
- *
- * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_CTX_set_tmp_ecdh_callback(
- SSL_CTX *ctx, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
-
-/* SSL_set_tmp_ecdh_callback configures |ssl| to use |callback| to determine the
- * curve for ephemeral ECDH keys. |callback| should ignore |is_export| and
- * |keylength| and return an |EC_KEY| of the selected curve or NULL on
- * error. Only the curve is used, so the |EC_KEY| needn't have a generated
- * keypair.
- *
- * If the callback is unset, an appropriate curve will be chosen based on curve
- * preferences. (This is recommended.)
- *
- * WARNING: The caller does not take ownership of the resulting |EC_KEY|, so
- * |callback| must save and release the object elsewhere. */
-OPENSSL_EXPORT void SSL_set_tmp_ecdh_callback(
- SSL *ssl, EC_KEY *(*callback)(SSL *ssl, int is_export, int keylength));
-
/* SSL_get_curve_name returns a human-readable name for the elliptic curve
* specified by the given TLS curve id, or NULL if the curve if unknown. */
OPENSSL_EXPORT const char *SSL_get_curve_name(uint16_t curve_id);
diff --git a/ssl/internal.h b/ssl/internal.h
index 225c828..73387a0 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -727,12 +727,8 @@
DH *(*dh_tmp_cb)(SSL *ssl, int is_export, int keysize);
/* ecdh_nid, if not |NID_undef|, is the NID of the curve to use for ephemeral
- * ECDH keys. If unset, |ecdh_tmp_cb| is consulted. */
+ * ECDH keys. */
int ecdh_nid;
- /* ecdh_tmp_cb is a callback for selecting the curve to use for ephemeral ECDH
- * keys. If NULL, a curve is selected automatically. See
- * |SSL_CTX_set_tmp_ecdh_callback|. */
- EC_KEY *(*ecdh_tmp_cb)(SSL *ssl, int is_export, int keysize);
/* peer_sigalgs are the algorithm/hash pairs that the peer supports. These
* are taken from the contents of signature algorithms extension for a server
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 002bacf..04cae2e 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1302,13 +1302,6 @@
int nid = NID_undef;
if (cert->ecdh_nid != NID_undef) {
nid = cert->ecdh_nid;
- } else if (cert->ecdh_tmp_cb != NULL) {
- /* Note: |ecdh_tmp_cb| does NOT pass ownership of the result
- * to the caller. */
- EC_KEY *template = s->cert->ecdh_tmp_cb(s, 0, 1024);
- if (template != NULL && EC_KEY_get0_group(template) != NULL) {
- nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(template));
- }
} else {
nid = tls1_get_shared_curve(s);
}
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 4094b27..8788152 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -186,7 +186,6 @@
ret->dh_tmp_cb = cert->dh_tmp_cb;
ret->ecdh_nid = cert->ecdh_nid;
- ret->ecdh_tmp_cb = cert->ecdh_tmp_cb;
if (cert->x509 != NULL) {
ret->x509 = X509_up_ref(cert->x509);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 839cf94..379fd4f 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -2128,18 +2128,6 @@
ssl->cert->dh_tmp_cb = callback;
}
-void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
- EC_KEY *(*callback)(SSL *ssl, int is_export,
- int keylength)) {
- ctx->cert->ecdh_tmp_cb = callback;
-}
-
-void SSL_set_tmp_ecdh_callback(SSL *ssl,
- EC_KEY *(*callback)(SSL *ssl, int is_export,
- int keylength)) {
- ssl->cert->ecdh_tmp_cb = callback;
-}
-
int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint) {
if (identity_hint != NULL && strlen(identity_hint) > PSK_MAX_IDENTITY_LEN) {
OPENSSL_PUT_ERROR(SSL, SSL_R_DATA_LENGTH_TOO_LONG);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d312a52..0e78594 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -611,11 +611,6 @@
tls1_check_curve_id(s, curve_id);
}
- if (s->cert->ecdh_tmp_cb != NULL) {
- /* Assume the callback will provide an acceptable curve. */
- return 1;
- }
-
/* Otherwise, the curve gets selected automatically. ECDH is acceptable iff
* there is a shared curve. */
return tls1_get_shared_curve(s) != NID_undef;