diff options
| author | Matt Caswell <matt@openssl.org> | 2016-12-14 16:50:14 +0000 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2017-01-10 23:02:50 +0000 |
| commit | 63c1df098316fdd3090631b31c64c7f4a6ae7aca (patch) | |
| tree | b6583d6bab5d0bb28d941ea01826e06ef6df9f1a /ssl | |
| parent | 536199ece0469e6ee2d6d0c0d19c01adeae4c6fb (diff) | |
Remove some unneeded functions
The sigalgs work has made some old lookup tables and functions redundant
so remove them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/ssl_locl.h | 1 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 63 |
2 files changed, 14 insertions, 50 deletions
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 750219fdc1..06c1a09f52 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -2145,7 +2145,6 @@ __owur int tls_use_ticket(SSL *s); __owur int tls12_get_sigandhash(SSL *s, WPACKET *pkt, const EVP_PKEY *pk, const EVP_MD *md); -__owur int tls12_get_sigid(const EVP_PKEY *pk); __owur const EVP_MD *tls12_get_hash(int hash_nid); void ssl_set_sig_mask(uint32_t *pmask_a, SSL *s, int op); diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 1b82b6e001..da5797228a 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -1287,44 +1287,6 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick, return ret; } -/* Tables to translate from NIDs to TLS v1.2 ids */ - -typedef struct { - int nid; - int id; -} tls12_lookup; - -static const tls12_lookup tls12_md[] = { - {NID_md5, TLSEXT_hash_md5}, - {NID_sha1, TLSEXT_hash_sha1}, - {NID_sha224, TLSEXT_hash_sha224}, - {NID_sha256, TLSEXT_hash_sha256}, - {NID_sha384, TLSEXT_hash_sha384}, - {NID_sha512, TLSEXT_hash_sha512}, - {NID_id_GostR3411_94, TLSEXT_hash_gostr3411}, - {NID_id_GostR3411_2012_256, TLSEXT_hash_gostr34112012_256}, - {NID_id_GostR3411_2012_512, TLSEXT_hash_gostr34112012_512}, -}; - -static const tls12_lookup tls12_sig[] = { - {EVP_PKEY_RSA, TLSEXT_signature_rsa}, - {EVP_PKEY_DSA, TLSEXT_signature_dsa}, - {EVP_PKEY_EC, TLSEXT_signature_ecdsa}, - {NID_id_GostR3410_2001, TLSEXT_signature_gostr34102001}, - {NID_id_GostR3410_2012_256, TLSEXT_signature_gostr34102012_256}, - {NID_id_GostR3410_2012_512, TLSEXT_signature_gostr34102012_512} -}; - -static int tls12_find_id(int nid, const tls12_lookup *table, size_t tlen) -{ - size_t i; - for (i = 0; i < tlen; i++) { - if (table[i].nid == nid) - return table[i].id; - } - return -1; -} - int tls12_get_sigandhash(SSL *s, WPACKET *pkt, const EVP_PKEY *pk, const EVP_MD *md) { @@ -1352,11 +1314,6 @@ int tls12_get_sigandhash(SSL *s, WPACKET *pkt, const EVP_PKEY *pk, return 0; } -int tls12_get_sigid(const EVP_PKEY *pk) -{ - return tls12_find_id(EVP_PKEY_id(pk), tls12_sig, OSSL_NELEM(tls12_sig)); -} - typedef struct { int nid; int secbits; @@ -1829,8 +1786,8 @@ int tls1_set_sigalgs_list(CERT *c, const char *str, int client) int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client) { unsigned int *sigalgs, *sptr; - int rhash, rsign; size_t i; + if (salglen & 1) return 0; sigalgs = OPENSSL_malloc(salglen * sizeof(*sigalgs)); @@ -1841,13 +1798,21 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client) * RSA-PKCS1. For now we only allow setting of RSA-PKCS1 */ for (i = 0, sptr = sigalgs; i < salglen; i += 2) { - rhash = tls12_find_id(*psig_nids++, tls12_md, OSSL_NELEM(tls12_md)); - rsign = tls12_find_id(*psig_nids++, tls12_sig, OSSL_NELEM(tls12_sig)); + size_t j; + SIGALG_LOOKUP *curr; + int md_id = *psig_nids++; + int sig_id = *psig_nids++; + + for (j = 0, curr = sigalg_lookup_tbl; j < OSSL_NELEM(sigalg_lookup_tbl); + j++, curr++) { + if (curr->hash == md_id && curr->sig == sig_id && !curr->notls12) { + *sptr++ = curr->sigalg; + break; + } + } - if (rhash == -1 || rsign == -1) + if (j == OSSL_NELEM(sigalg_lookup_tbl)) goto err; - *sptr++ = rhash; - *sptr++ = rsign; } if (client) { |