Google Git
Sign in
boringssl / boringssl / ba16a1e405c617f4179bd780ad15522fb25b0a65^! / .
commitba16a1e405c617f4179bd780ad15522fb25b0a65[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Sat Jul 04 16:14:33 2015 -0400
committerAdam Langley <agl@google.com>Tue Jul 07 01:12:24 2015 +0000
treeb8bd4b73ae2bede2914e5e1f9bcd95d7a3b46a07
parenta31c5bf2cc4e2a740fdf9f6ce44c40df73eef3ed [diff]
Remove SSL_get_(shared_)sigalgs.

These are new as of 1.0.2, not terribly useful of APIs, and are the only
reason we have to retain so many NIDs in the TLS_SIGALGS structure.

Change-Id: I7237becca09acc2ec2be441ca17364f062253893
Reviewed-on: https://boringssl-review.googlesource.com/5347
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index e15a8af..ad8c130 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h

@@ -291,14 +291,6 @@
     SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len,
     const uint8_t *context, size_t context_len, int use_context);
 
-OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash,
-                                   int *psignandhash, uint8_t *rsig,
-                                   uint8_t *rhash);
-
-OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
-                                          int *phash, int *psignandhash,
-                                          uint8_t *rsig, uint8_t *rhash);
-
 /* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
  * in the server_name extension. It returns one on success and zero on error. */
 OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d5aa8d5..318662c 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c

@@ -2668,60 +2668,6 @@
   return EVP_sha1();
 }
 
-int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash,
-                    uint8_t *rsig, uint8_t *rhash) {
-  const uint8_t *psig = s->cert->peer_sigalgs;
-
-  if (psig == NULL) {
-    return 0;
-  }
-
-  if (idx >= 0) {
-    idx <<= 1;
-    if (idx >= (int)s->cert->peer_sigalgslen) {
-      return 0;
-    }
-    psig += idx;
-    if (rhash) {
-      *rhash = psig[0];
-    }
-    if (rsig) {
-      *rsig = psig[1];
-    }
-    tls1_lookup_sigalg(phash, psign, psignhash, psig);
-  }
-
-  return s->cert->peer_sigalgslen / 2;
-}
-
-int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, int *phash,
-                           int *psignhash, uint8_t *rsig, uint8_t *rhash) {
-  TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
-
-  if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen) {
-    return 0;
-  }
-
-  shsigalgs += idx;
-  if (phash) {
-    *phash = shsigalgs->hash_nid;
-  }
-  if (psign) {
-    *psign = shsigalgs->sign_nid;
-  }
-  if (psignhash) {
-    *psignhash = shsigalgs->signandhash_nid;
-  }
-  if (rsig) {
-    *rsig = shsigalgs->rsign;
-  }
-  if (rhash) {
-    *rhash = shsigalgs->rhash;
-  }
-
-  return s->cert->shared_sigalgslen;
-}
-
 /* tls1_channel_id_hash calculates the signed data for a Channel ID on the
  * given SSL connection and writes it to |md|. */
 int tls1_channel_id_hash(EVP_MD_CTX *md, SSL *s) {