From ba16a1e405c617f4179bd780ad15522fb25b0a65 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Sat, 4 Jul 2015 16:14:33 -0400
Subject: [PATCH] Remove SSL_get_(shared_)sigalgs.

These are new as of 1.0.2, not terribly useful of APIs, and are the only
reason we have to retain so many NIDs in the TLS_SIGALGS structure.

Change-Id: I7237becca09acc2ec2be441ca17364f062253893
Reviewed-on: https://boringssl-review.googlesource.com/5347
Reviewed-by: Adam Langley <agl@google.com>
---
 include/openssl/tls1.h |  8 -------
 ssl/t1_lib.c           | 54 ------------------------------------------
 2 files changed, 62 deletions(-)

diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index e15a8af9..ad8c1307 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -291,14 +291,6 @@ OPENSSL_EXPORT int SSL_export_keying_material(
     SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len,
     const uint8_t *context, size_t context_len, int use_context);
 
-OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash,
-                                   int *psignandhash, uint8_t *rsig,
-                                   uint8_t *rhash);
-
-OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
-                                          int *phash, int *psignandhash,
-                                          uint8_t *rsig, uint8_t *rhash);
-
 /* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
  * in the server_name extension. It returns one on success and zero on error. */
 OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index d5aa8d52..318662c5 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2668,60 +2668,6 @@ const EVP_MD *tls1_choose_signing_digest(SSL *s, EVP_PKEY *pkey) {
   return EVP_sha1();
 }
 
-int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash,
-                    uint8_t *rsig, uint8_t *rhash) {
-  const uint8_t *psig = s->cert->peer_sigalgs;
-
-  if (psig == NULL) {
-    return 0;
-  }
-
-  if (idx >= 0) {
-    idx <<= 1;
-    if (idx >= (int)s->cert->peer_sigalgslen) {
-      return 0;
-    }
-    psig += idx;
-    if (rhash) {
-      *rhash = psig[0];
-    }
-    if (rsig) {
-      *rsig = psig[1];
-    }
-    tls1_lookup_sigalg(phash, psign, psignhash, psig);
-  }
-
-  return s->cert->peer_sigalgslen / 2;
-}
-
-int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, int *phash,
-                           int *psignhash, uint8_t *rsig, uint8_t *rhash) {
-  TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
-
-  if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen) {
-    return 0;
-  }
-
-  shsigalgs += idx;
-  if (phash) {
-    *phash = shsigalgs->hash_nid;
-  }
-  if (psign) {
-    *psign = shsigalgs->sign_nid;
-  }
-  if (psignhash) {
-    *psignhash = shsigalgs->signandhash_nid;
-  }
-  if (rsig) {
-    *rsig = shsigalgs->rsign;
-  }
-  if (rhash) {
-    *rhash = shsigalgs->rhash;
-  }
-
-  return s->cert->shared_sigalgslen;
-}
-
 /* tls1_channel_id_hash calculates the signed data for a Channel ID on the
  * given SSL connection and writes it to |md|. */
 int tls1_channel_id_hash(EVP_MD_CTX *md, SSL *s) {