Remove SSL_get_(shared_)sigalgs.
These are new as of 1.0.2, not terribly useful of APIs, and are the only reason we have to retain so many NIDs in the TLS_SIGALGS structure. Change-Id: I7237becca09acc2ec2be441ca17364f062253893 Reviewed-on: https://boringssl-review.googlesource.com/5347 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin
Adam Langley
parent
a31c5bf2cc
commit
ba16a1e405
@ -291,14 +291,6 @@ OPENSSL_EXPORT int SSL_export_keying_material(
|
||||
SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len,
|
||||
const uint8_t *context, size_t context_len, int use_context);
|
||||
|
||||
OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash,
|
||||
int *psignandhash, uint8_t *rsig,
|
||||
uint8_t *rhash);
|
||||
|
||||
OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
|
||||
int *phash, int *psignandhash,
|
||||
uint8_t *rsig, uint8_t *rhash);
|
||||
|
||||
/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
|
||||
* in the server_name extension. It returns one on success and zero on error. */
|
||||
OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);
|
||||
|
||||
54
ssl/t1_lib.c
54
ssl/t1_lib.c
@ -2668,60 +2668,6 @@ const EVP_MD *tls1_choose_signing_digest(SSL *s, EVP_PKEY *pkey) {
|
||||
return EVP_sha1();
|
||||
}
|
||||
|
||||
int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash,
|
||||
uint8_t *rsig, uint8_t *rhash) {
|
||||
const uint8_t *psig = s->cert->peer_sigalgs;
|
||||
|
||||
if (psig == NULL) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (idx >= 0) {
|
||||
idx <<= 1;
|
||||
if (idx >= (int)s->cert->peer_sigalgslen) {
|
||||
return 0;
|
||||
}
|
||||
psig += idx;
|
||||
if (rhash) {
|
||||
*rhash = psig[0];
|
||||
}
|
||||
if (rsig) {
|
||||
*rsig = psig[1];
|
||||
}
|
||||
tls1_lookup_sigalg(phash, psign, psignhash, psig);
|
||||
}
|
||||
|
||||
return s->cert->peer_sigalgslen / 2;
|
||||
}
|
||||
|
||||
int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, int *phash,
|
||||
int *psignhash, uint8_t *rsig, uint8_t *rhash) {
|
||||
TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
|
||||
|
||||
if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
shsigalgs += idx;
|
||||
if (phash) {
|
||||
*phash = shsigalgs->hash_nid;
|
||||
}
|
||||
if (psign) {
|
||||
*psign = shsigalgs->sign_nid;
|
||||
}
|
||||
if (psignhash) {
|
||||
*psignhash = shsigalgs->signandhash_nid;
|
||||
}
|
||||
if (rsig) {
|
||||
*rsig = shsigalgs->rsign;
|
||||
}
|
||||
if (rhash) {
|
||||
*rhash = shsigalgs->rhash;
|
||||
}
|
||||
|
||||
return s->cert->shared_sigalgslen;
|
||||
}
|
||||
|
||||
/* tls1_channel_id_hash calculates the signed data for a Channel ID on the
|
||||
* given SSL connection and writes it to |md|. */
|
||||
int tls1_channel_id_hash(EVP_MD_CTX *md, SSL *s) {
|
||||
|
||||
Loading…
Reference in New Issue
Block a user