Remove a few unnecessary SSL3_ENC_METHOD hooks.
As things stand now, they don't actually do anything.
Change-Id: I9f8b4cbf38a0dffabfc5265805c52bb8d7a8fb0d
Reviewed-on: https://boringssl-review.googlesource.com/6837
Reviewed-by: Adam Langley <alangley@gmail.com>
diff --git a/ssl/internal.h b/ssl/internal.h
index 58dca0f..8a4f708 100644
--- a/ssl/internal.h
+++ b/ssl/internal.h
@@ -854,7 +854,6 @@
struct ssl3_enc_method {
int (*prf)(SSL *, uint8_t *, size_t, const uint8_t *, size_t, const char *,
size_t, const uint8_t *, size_t, const uint8_t *, size_t);
- int (*generate_master_secret)(SSL *, uint8_t *, const uint8_t *, size_t);
int (*final_finish_mac)(SSL *, const char *, int, uint8_t *);
int (*cert_verify_mac)(SSL *, int, uint8_t *);
const char *client_finished_label;
@@ -862,8 +861,6 @@
const char *server_finished_label;
int server_finished_label_len;
int (*alert_value)(int);
- int (*export_keying_material)(SSL *, uint8_t *, size_t, const char *, size_t,
- const uint8_t *, size_t, int use_context);
/* Various flags indicating protocol version requirements */
unsigned int enc_flags;
};
@@ -1179,10 +1176,6 @@
int tls1_cert_verify_mac(SSL *ssl, int md_nid, uint8_t *p);
int tls1_generate_master_secret(SSL *ssl, uint8_t *out, const uint8_t *premaster,
size_t premaster_len);
-int tls1_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
- const char *label, size_t label_len,
- const uint8_t *context, size_t context_len,
- int use_context);
int tls1_alert_code(int code);
int ssl3_alert_code(int code);
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 569599d..2c1a32f 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1754,8 +1754,8 @@
}
ssl->state = SSL3_ST_CW_KEY_EXCH_B;
- ssl->session->master_key_length = ssl->enc_method->generate_master_secret(
- ssl, ssl->session->master_key, pms, pms_len);
+ ssl->session->master_key_length =
+ tls1_generate_master_secret(ssl, ssl->session->master_key, pms, pms_len);
if (ssl->session->master_key_length == 0) {
goto err;
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 6b132ed..1e18e54 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -165,13 +165,11 @@
const SSL3_ENC_METHOD SSLv3_enc_data = {
ssl3_prf,
- tls1_generate_master_secret,
ssl3_final_finish_mac,
ssl3_cert_verify_mac,
SSL3_MD_CLIENT_FINISHED_CONST, 4,
SSL3_MD_SERVER_FINISHED_CONST, 4,
ssl3_alert_code,
- tls1_export_keying_material,
0,
};
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c0b2d80..eee7b0c 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1700,7 +1700,7 @@
}
/* Compute the master secret */
- ssl->session->master_key_length = ssl->enc_method->generate_master_secret(
+ ssl->session->master_key_length = tls1_generate_master_secret(
ssl, ssl->session->master_key, premaster_secret, premaster_secret_len);
if (ssl->session->master_key_length == 0) {
goto err;
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 6b9e6ba..3e2b156 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1636,18 +1636,6 @@
}
}
-int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
- const char *label, size_t label_len,
- const uint8_t *context, size_t context_len,
- int use_context) {
- if (ssl->version < TLS1_VERSION) {
- return 0;
- }
-
- return ssl->enc_method->export_keying_material(
- ssl, out, out_len, label, label_len, context, context_len, use_context);
-}
-
void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
int (*cb)(X509_STORE_CTX *store_ctx,
void *arg),
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 8c4b6d8..92a8489 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -513,12 +513,11 @@
return SSL3_MASTER_SECRET_SIZE;
}
-int tls1_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
- const char *label, size_t label_len,
- const uint8_t *context, size_t context_len,
- int use_context) {
+int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
+ const char *label, size_t label_len,
+ const uint8_t *context, size_t context_len,
+ int use_context) {
if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) {
- OPENSSL_PUT_ERROR(SSL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
}
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 2d0a4fb..d2fc8af 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -132,37 +132,31 @@
const SSL3_ENC_METHOD TLSv1_enc_data = {
tls1_prf,
- tls1_generate_master_secret,
tls1_final_finish_mac,
tls1_cert_verify_mac,
TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
- tls1_export_keying_material,
0,
};
const SSL3_ENC_METHOD TLSv1_1_enc_data = {
tls1_prf,
- tls1_generate_master_secret,
tls1_final_finish_mac,
tls1_cert_verify_mac,
TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
- tls1_export_keying_material,
SSL_ENC_FLAG_EXPLICIT_IV,
};
const SSL3_ENC_METHOD TLSv1_2_enc_data = {
tls1_prf,
- tls1_generate_master_secret,
tls1_final_finish_mac,
tls1_cert_verify_mac,
TLS_MD_CLIENT_FINISH_CONST,TLS_MD_CLIENT_FINISH_CONST_SIZE,
TLS_MD_SERVER_FINISH_CONST,TLS_MD_SERVER_FINISH_CONST_SIZE,
tls1_alert_code,
- tls1_export_keying_material,
SSL_ENC_FLAG_EXPLICIT_IV|SSL_ENC_FLAG_SIGALGS|SSL_ENC_FLAG_SHA256_PRF,
};