tls1_process_sigalgs() is no longer needed.

ok beck@
author: jsing <> 2019-03-25 17:27:31 +0000
committer: jsing <> 2019-03-25 17:27:31 +0000
commit: 6c6b3a7290be9680e2f358b43c5498cf1537dac7 (patch)
tree: 679aedffb7db8d75c8f4b118fac1782ce5f1528a /src/lib/libssl/t1_lib.c
parent: c46928243f6c8aa22e46219e22df33de006a501f (diff)
download: openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.tar.gz
openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.tar.bz2
openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.zip
1 files changed, 1 insertions, 55 deletions
diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c
index 8986a0e755..5dbbdb7866 100644
--- a/src/lib/libssl/t1_lib.c
+++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t1_lib.c,v 1.153 2019/01/23 18:39:28 beck Exp $ */
+/* $OpenBSD: t1_lib.c,v 1.154 2019/03/25 17:27:31 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -999,57 +999,3 @@ tls_decrypt_ticket(SSL *s, const unsigned char *etick, int eticklen,
         * ticket. */
        return 2;
 }
-/* Set preferred digest for each key type */
-int
-tls1_process_sigalgs(SSL *s, CBS *cbs, uint16_t *sigalgs, size_t sigalgs_len)
-{
-        CERT *c = s->cert;
-        /* Extension ignored for inappropriate versions */
-        /* XXX get rid of this? */
-        if (!SSL_USE_SIGALGS(s))
-                return 1;
-        c->pkeys[SSL_PKEY_RSA_SIGN].sigalg = NULL;
-        c->pkeys[SSL_PKEY_RSA_ENC].sigalg = NULL;
-        c->pkeys[SSL_PKEY_ECC].sigalg = NULL;
-#ifndef OPENSSL_NO_GOST
-        c->pkeys[SSL_PKEY_GOST01].sigalg = NULL;
-#endif
-        while (CBS_len(cbs) > 0) {
-                uint16_t sig_alg;
-                const struct ssl_sigalg *sigalg;
-                if (!CBS_get_u16(cbs, &sig_alg))
-                        return 0;
-                if ((sigalg = ssl_sigalg(sig_alg, sigalgs, sigalgs_len)) !=
-                    NULL && c->pkeys[sigalg->pkey_idx].sigalg == NULL) {
-                        c->pkeys[sigalg->pkey_idx].sigalg = sigalg;
-                        if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN)
-                                c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg;
-                }
-        }
-        /*
-         * Set any remaining keys to default values. NOTE: if alg is not
-         * supported it stays as NULL.
-         */
-        if (c->pkeys[SSL_PKEY_RSA_SIGN].sigalg == NULL)
-                c->pkeys[SSL_PKEY_RSA_SIGN].sigalg =
-                    ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
-        if (c->pkeys[SSL_PKEY_RSA_ENC].sigalg == NULL)
-                c->pkeys[SSL_PKEY_RSA_ENC].sigalg =
-                    ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
-        if (c->pkeys[SSL_PKEY_ECC].sigalg == NULL)
-                c->pkeys[SSL_PKEY_RSA_ENC].sigalg =
-                    ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
-#ifndef OPENSSL_NO_GOST
-        if (c->pkeys[SSL_PKEY_GOST01].sigalg == NULL)
-                c->pkeys[SSL_PKEY_GOST01].sigalg =
-                    ssl_sigalg_lookup(SIGALG_GOSTR01_GOST94);
-#endif
-        return 1;
-}
author	jsing <>	2019-03-25 17:27:31 +0000
committer	jsing <>	2019-03-25 17:27:31 +0000
commit	6c6b3a7290be9680e2f358b43c5498cf1537dac7 (patch)
tree	679aedffb7db8d75c8f4b118fac1782ce5f1528a /src/lib/libssl/t1_lib.c
parent	c46928243f6c8aa22e46219e22df33de006a501f (diff)
download	openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.tar.gz openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.tar.bz2 openbsd-6c6b3a7290be9680e2f358b43c5498cf1537dac7.zip

diff --git a/src/lib/libssl/t1_lib.c b/src/lib/libssl/t1_lib.c index 8986a0e755..5dbbdb7866 100644 --- a/src/lib/libssl/t1_lib.c +++ b/src/lib/libssl/t1_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t1_lib.c,v 1.153 2019/01/23 18:39:28 beck Exp $ */	1	/* $OpenBSD: t1_lib.c,v 1.154 2019/03/25 17:27:31 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -999,57 +999,3 @@ tls_decrypt_ticket(SSL s, const unsigned char etick, int eticklen,
999	* ticket. */	999	* ticket. */
1000	return 2;	1000	return 2;
1001	}	1001	}
1002
1003	/* Set preferred digest for each key type */
1004	int
1005	tls1_process_sigalgs(SSL s, CBS cbs, uint16_t *sigalgs, size_t sigalgs_len)
1006	{
1007	CERT *c = s->cert;
1008
1009	/* Extension ignored for inappropriate versions */
1010	/* XXX get rid of this? */
1011	if (!SSL_USE_SIGALGS(s))
1012	return 1;
1013
1014	c->pkeys[SSL_PKEY_RSA_SIGN].sigalg = NULL;
1015	c->pkeys[SSL_PKEY_RSA_ENC].sigalg = NULL;
1016	c->pkeys[SSL_PKEY_ECC].sigalg = NULL;
1017	#ifndef OPENSSL_NO_GOST
1018	c->pkeys[SSL_PKEY_GOST01].sigalg = NULL;
1019	#endif
1020	while (CBS_len(cbs) > 0) {
1021	uint16_t sig_alg;
1022	const struct ssl_sigalg *sigalg;
1023
1024	if (!CBS_get_u16(cbs, &sig_alg))
1025	return 0;
1026
1027	if ((sigalg = ssl_sigalg(sig_alg, sigalgs, sigalgs_len)) !=
1028	NULL && c->pkeys[sigalg->pkey_idx].sigalg == NULL) {
1029	c->pkeys[sigalg->pkey_idx].sigalg = sigalg;
1030	if (sigalg->pkey_idx == SSL_PKEY_RSA_SIGN)
1031	c->pkeys[SSL_PKEY_RSA_ENC].sigalg = sigalg;
1032	}
1033	}
1034
1035	/*
1036	* Set any remaining keys to default values. NOTE: if alg is not
1037	* supported it stays as NULL.
1038	*/
1039	if (c->pkeys[SSL_PKEY_RSA_SIGN].sigalg == NULL)
1040	c->pkeys[SSL_PKEY_RSA_SIGN].sigalg =
1041	ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
1042	if (c->pkeys[SSL_PKEY_RSA_ENC].sigalg == NULL)
1043	c->pkeys[SSL_PKEY_RSA_ENC].sigalg =
1044	ssl_sigalg_lookup(SIGALG_RSA_PKCS1_SHA1);
1045	if (c->pkeys[SSL_PKEY_ECC].sigalg == NULL)
1046	c->pkeys[SSL_PKEY_RSA_ENC].sigalg =
1047	ssl_sigalg_lookup(SIGALG_ECDSA_SHA1);
1048
1049	#ifndef OPENSSL_NO_GOST
1050	if (c->pkeys[SSL_PKEY_GOST01].sigalg == NULL)
1051	c->pkeys[SSL_PKEY_GOST01].sigalg =
1052	ssl_sigalg_lookup(SIGALG_GOSTR01_GOST94);
1053	#endif
1054	return 1;
1055	}