kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove SSL_get_(shared_)sigalgs.

Browse Source 
These are new as of 1.0.2, not terribly useful of APIs, and are the only
reason we have to retain so many NIDs in the TLS_SIGALGS structure.

Change-Id: I7237becca09acc2ec2be441ca17364f062253893
Reviewed-on: https://boringssl-review.googlesource.com/5347
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2015-07-04 16:14:33 -04:00 committed by Adam Langley
parent a31c5bf2cc
commit ba16a1e405
2 changed files with 0 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/openssl/tls1.h
View File

@ -291,14 +291,6 @@ OPENSSL_EXPORT int SSL_export_keying_material(
SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len, SSL *s, uint8_t *out, size_t out_len, const char *label, size_t label_len,
const uint8_t *context, size_t context_len, int use_context); const uint8_t *context, size_t context_len, int use_context);
OPENSSL_EXPORT int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash,
int *psignandhash, uint8_t *rsig,
uint8_t *rhash);
OPENSSL_EXPORT int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign,
int *phash, int *psignandhash,
uint8_t *rsig, uint8_t *rhash);
/* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name| /* SSL_set_tlsext_host_name, for a client, configures |ssl| to advertise |name|
* in the server_name extension. It returns one on success and zero on error. */ * in the server_name extension. It returns one on success and zero on error. */
OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name); OPENSSL_EXPORT int SSL_set_tlsext_host_name(SSL *ssl, const char *name);

54
ssl/t1_lib.c
View File

@ -2668,60 +2668,6 @@ const EVP_MD *tls1_choose_signing_digest(SSL *s, EVP_PKEY *pkey) {
return EVP_sha1(); return EVP_sha1();
} }
int SSL_get_sigalgs(SSL *s, int idx, int *psign, int *phash, int *psignhash,
uint8_t *rsig, uint8_t *rhash) {
const uint8_t *psig = s->cert->peer_sigalgs;
if (psig == NULL) {
return 0;
}
if (idx >= 0) {
idx <<= 1;
if (idx >= (int)s->cert->peer_sigalgslen) {
return 0;
}
psig += idx;
if (rhash) {
*rhash = psig[0];
}
if (rsig) {
*rsig = psig[1];
}
tls1_lookup_sigalg(phash, psign, psignhash, psig);
}
return s->cert->peer_sigalgslen / 2;
}
int SSL_get_shared_sigalgs(SSL *s, int idx, int *psign, int *phash,
int *psignhash, uint8_t *rsig, uint8_t *rhash) {
TLS_SIGALGS *shsigalgs = s->cert->shared_sigalgs;
if (!shsigalgs || idx >= (int)s->cert->shared_sigalgslen) {
return 0;
}
shsigalgs += idx;
if (phash) {
*phash = shsigalgs->hash_nid;
}
if (psign) {
*psign = shsigalgs->sign_nid;
}
if (psignhash) {
*psignhash = shsigalgs->signandhash_nid;
}
if (rsig) {
*rsig = shsigalgs->rsign;
}
if (rhash) {
*rhash = shsigalgs->rhash;
}
return s->cert->shared_sigalgslen;
}
/* tls1_channel_id_hash calculates the signed data for a Channel ID on the /* tls1_channel_id_hash calculates the signed data for a Channel ID on the
* given SSL connection and writes it to |md|. */ * given SSL connection and writes it to |md|. */
int tls1_channel_id_hash(EVP_MD_CTX *md, SSL *s) { int tls1_channel_id_hash(EVP_MD_CTX *md, SSL *s) {