Remove deprecated cipher property APIs.

Consumers have been switched to the new ones.

Change-Id: I7a8ec6308775a105a490882c97955daed12a2c2c
Reviewed-on: https://boringssl-review.googlesource.com/19605
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

include/openssl/ssl.h

@@ -3967,64 +3967,6 @@ OPENSSL_EXPORT SSL_SESSION *SSL_get_session(const SSL *ssl);
 // the session.
 OPENSSL_EXPORT SSL_SESSION *SSL_get1_session(SSL *ssl);
 
-// TODO(davidben): Convert all the callers of these old |SSL_CIPHER| functions
-// and remove them.
-
-// SSL_CIPHER_is_AEAD calls |SSL_CIPHER_is_aead|.
-OPENSSL_EXPORT int SSL_CIPHER_is_AEAD(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_AES returns one if |cipher| uses AES (either GCM or CBC
-// mode). Use |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_AES(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_has_SHA1_HMAC returns one if |cipher| uses HMAC-SHA1. Use
-// |SSL_CIPHER_get_digest_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_has_SHA256_HMAC returns one if |cipher| uses HMAC-SHA256. Use
-// |SSL_CIPHER_get_digest_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_has_SHA256_HMAC(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_has_SHA384_HMAC returns one if |cipher| uses HMAC-SHA384. Use
-// |SSL_CIPHER_get_digest_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_has_SHA384_HMAC(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_AESGCM returns one if |cipher| uses AES-GCM. Use
-// |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_AES128GCM returns one if |cipher| uses 128-bit AES-GCM. Use
-// |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_AES128CBC returns one if |cipher| uses 128-bit AES in CBC
-// mode. Use |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_AES128CBC(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_AES256CBC returns one if |cipher| uses 256-bit AES in CBC
-// mode. Use |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_AES256CBC(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_CHACHA20POLY1305 returns one if |cipher| uses
-// CHACHA20_POLY1305. Use |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_NULL returns one if |cipher| does not encrypt. Use
-// |SSL_CIPHER_get_cipher_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_ECDSA returns one if |cipher| uses ECDSA. Use
-// |SSL_CIPHER_get_auth_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_ECDHE returns one if |cipher| uses ECDHE. Use
-// |SSL_CIPHER_get_kx_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher);
-
-// SSL_CIPHER_is_static_RSA returns one if |cipher| uses the static RSA key
-// exchange. Use |SSL_CIPHER_get_kx_nid| instead.
-OPENSSL_EXPORT int SSL_CIPHER_is_static_RSA(const SSL_CIPHER *cipher);
-
 
 // Private structures.
 //

ssl/ssl_cipher.cc

@@ -1439,22 +1439,6 @@ const SSL_CIPHER *SSL_get_cipher_by_value(uint16_t value) {
 
 uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *cipher) { return cipher->id; }
 
-int SSL_CIPHER_is_AES(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_AES) != 0;
-}
-
-int SSL_CIPHER_has_SHA1_HMAC(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mac & SSL_SHA1) != 0;
-}
-
-int SSL_CIPHER_has_SHA256_HMAC(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mac & SSL_SHA256) != 0;
-}
-
-int SSL_CIPHER_has_SHA384_HMAC(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mac & SSL_SHA384) != 0;
-}
-
 int SSL_CIPHER_is_aead(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_mac & SSL_AEAD) != 0;
 }
@@ -1525,51 +1509,11 @@ int SSL_CIPHER_get_auth_nid(const SSL_CIPHER *cipher) {
   return NID_undef;
 }
 
-int SSL_CIPHER_is_AEAD(const SSL_CIPHER *cipher) {
-  return SSL_CIPHER_is_aead(cipher);
-}
-
-int SSL_CIPHER_is_AESGCM(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & (SSL_AES128GCM | SSL_AES256GCM)) != 0;
-}
-
-int SSL_CIPHER_is_AES128GCM(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_AES128GCM) != 0;
-}
-
-int SSL_CIPHER_is_AES128CBC(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_AES128) != 0;
-}
-
-int SSL_CIPHER_is_AES256CBC(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_AES256) != 0;
-}
-
-int SSL_CIPHER_is_CHACHA20POLY1305(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_CHACHA20POLY1305) != 0;
-}
-
-int SSL_CIPHER_is_NULL(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_enc & SSL_eNULL) != 0;
-}
-
 int SSL_CIPHER_is_block_cipher(const SSL_CIPHER *cipher) {
   return (cipher->algorithm_enc & SSL_eNULL) == 0 &&
       cipher->algorithm_mac != SSL_AEAD;
 }
 
-int SSL_CIPHER_is_ECDSA(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_auth & SSL_aECDSA) != 0;
-}
-
-int SSL_CIPHER_is_ECDHE(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mkey & SSL_kECDHE) != 0;
-}
-
-int SSL_CIPHER_is_static_RSA(const SSL_CIPHER *cipher) {
-  return (cipher->algorithm_mkey & SSL_kRSA) != 0;
-}
-
 uint16_t SSL_CIPHER_get_min_version(const SSL_CIPHER *cipher) {
   if (cipher->algorithm_mkey == SSL_kGENERIC ||
       cipher->algorithm_auth == SSL_aGENERIC) {

ssl/ssl_test.cc

@@ -476,7 +476,7 @@ TEST(SSLTest, CipherRules) {
 
     ASSERT_TRUE(SSL_CTX_set_strict_cipher_list(ctx.get(), rule));
     for (const SSL_CIPHER *cipher : SSL_CTX_get_ciphers(ctx.get())) {
-      EXPECT_FALSE(SSL_CIPHER_is_NULL(cipher));
+      EXPECT_NE(NID_undef, SSL_CIPHER_get_cipher_nid(cipher));
     }
   }
 }