Bug 1349556 - Remove unused functions from libssl r=franziskus
authorTim Taubert <ttaubert@mozilla.com>
Wed, 22 Mar 2017 16:22:34 +0100
changeset 13241 2799578a8acf2e22184f6d9701d264c55d41b34a
parent 13240 77a5bb81dbaac5b03266a64ff981c156b61c8931
child 13242 85e168b055dbd4130dfacc218374b808f063c4fa
push id2110
push userttaubert@mozilla.com
push dateWed, 22 Mar 2017 15:23:19 +0000
reviewersfranziskus
bugs1349556
Bug 1349556 - Remove unused functions from libssl r=franziskus Differential Revision: https://nss-review.dev.mozaws.net/D270
lib/ssl/ssl3con.c
lib/ssl/ssl3ecc.c
lib/ssl/sslimpl.h
--- a/lib/ssl/ssl3con.c
+++ b/lib/ssl/ssl3con.c
@@ -1764,39 +1764,16 @@ ssl3_InitCompressionContext(ssl3CipherSp
             PORT_Assert(0);
             PORT_SetError(SEC_ERROR_LIBRARY_FAILURE);
             return SECFailure;
     }
 
     return SECSuccess;
 }
 
-/* This function should probably be moved to pk11wrap and be named
- * PK11_ParamFromIVAndEffectiveKeyBits
- */
-static SECItem *
-ssl3_ParamFromIV(CK_MECHANISM_TYPE mtype, SECItem *iv, CK_ULONG ulEffectiveBits)
-{
-    SECItem *param = PK11_ParamFromIV(mtype, iv);
-    if (param && param->data && param->len >= sizeof(CK_RC2_PARAMS)) {
-        switch (mtype) {
-            case CKM_RC2_KEY_GEN:
-            case CKM_RC2_ECB:
-            case CKM_RC2_CBC:
-            case CKM_RC2_MAC:
-            case CKM_RC2_MAC_GENERAL:
-            case CKM_RC2_CBC_PAD:
-                *(CK_RC2_PARAMS *)param->data = ulEffectiveBits;
-            default:
-                break;
-        }
-    }
-    return param;
-}
-
 /* ssl3_BuildRecordPseudoHeader writes the SSL/TLS pseudo-header (the data
  * which is included in the MAC or AEAD additional data) to |out| and returns
  * its length. See https://tools.ietf.org/html/rfc5246#section-6.2.3.3 for the
  * definition of the AEAD additional data.
  *
  * TLS pseudo-header includes the record's version field, SSL's doesn't. Which
  * pseudo-header defintiion to use should be decided based on the version of
  * the protocol that was negotiated when the cipher spec became current, NOT
@@ -1968,17 +1945,16 @@ ssl3_InitPendingContexts(sslSocket *ss)
     ssl3CipherSpec *pwSpec;
     const ssl3BulkCipherDef *cipher_def;
     PK11Context *serverContext = NULL;
     PK11Context *clientContext = NULL;
     SECItem *param;
     CK_MECHANISM_TYPE mechanism;
     CK_MECHANISM_TYPE mac_mech;
     CK_ULONG macLength;
-    CK_ULONG effKeyBits;
     SECItem iv;
     SECItem mac_param;
     SSLCipherAlgorithm calg;
 
     PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
     PORT_Assert(ss->opt.noLocks || ssl_HaveSpecWriteLock(ss));
     PORT_Assert(ss->ssl3.prSpec == ss->ssl3.pwSpec);
 
@@ -2038,24 +2014,23 @@ ssl3_InitPendingContexts(sslSocket *ss)
     */
 
     if (calg == calg_null) {
         pwSpec->encode = Null_Cipher;
         pwSpec->decode = Null_Cipher;
         return SECSuccess;
     }
     mechanism = ssl3_Alg2Mech(calg);
-    effKeyBits = cipher_def->key_size * BPB;
 
     /*
      * build the server context
      */
     iv.data = pwSpec->server.write_iv;
     iv.len = cipher_def->iv_size;
-    param = ssl3_ParamFromIV(mechanism, &iv, effKeyBits);
+    param = PK11_ParamFromIV(mechanism, &iv);
     if (param == NULL) {
         ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
         goto fail;
     }
     serverContext = PK11_CreateContextBySymKey(mechanism,
                                                (ss->sec.isServer ? CKA_ENCRYPT
                                                                  : CKA_DECRYPT),
                                                pwSpec->server.write_key, param);
@@ -2069,17 +2044,17 @@ ssl3_InitPendingContexts(sslSocket *ss)
     }
 
     /*
      * build the client context
      */
     iv.data = pwSpec->client.write_iv;
     iv.len = cipher_def->iv_size;
 
-    param = ssl3_ParamFromIV(mechanism, &iv, effKeyBits);
+    param = PK11_ParamFromIV(mechanism, &iv);
     if (param == NULL) {
         ssl_MapLowLevelError(SSL_ERROR_IV_PARAM_FAILURE);
         goto fail;
     }
     clientContext = PK11_CreateContextBySymKey(mechanism,
                                                (ss->sec.isServer ? CKA_DECRYPT
                                                                  : CKA_ENCRYPT),
                                                pwSpec->client.write_key, param);
--- a/lib/ssl/ssl3ecc.c
+++ b/lib/ssl/ssl3ecc.c
@@ -252,26 +252,16 @@ ssl3_SendECDHClientKeyExchange(sslSocket
 loser:
     if (pms)
         PK11_FreeSymKey(pms);
     if (keyPair)
         ssl_FreeEphemeralKeyPair(keyPair);
     return SECFailure;
 }
 
-/* This function returns the size of the key_exchange field in
- * the KeyShareEntry structure, i.e.:
- *     opaque point <1..2^8-1>; */
-unsigned int
-tls13_SizeOfECDHEKeyShareKEX(const SECKEYPublicKey *pubKey)
-{
-    PORT_Assert(pubKey->keyType == ecKey);
-    return pubKey->u.ec.publicValue.len;
-}
-
 /* This function encodes the key_exchange field in
  * the KeyShareEntry structure. */
 SECStatus
 tls13_EncodeECDHEKeyShareKEX(const sslSocket *ss, const SECKEYPublicKey *pubKey)
 {
     PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss));
     PORT_Assert(ss->opt.noLocks || ssl_HaveXmitBufLock(ss));
     PORT_Assert(pubKey->keyType == ecKey);
--- a/lib/ssl/sslimpl.h
+++ b/lib/ssl/sslimpl.h
@@ -1639,17 +1639,16 @@ extern SECStatus ssl3_HandleECDHServerKe
                                                   SSL3Opaque *b, PRUint32 length);
 extern SECStatus ssl3_HandleECDHClientKeyExchange(sslSocket *ss,
                                                   SSL3Opaque *b, PRUint32 length,
                                                   sslKeyPair *serverKeys);
 extern SECStatus ssl3_SendECDHServerKeyExchange(sslSocket *ss);
 extern SECStatus ssl_ImportECDHKeyShare(
     sslSocket *ss, SECKEYPublicKey *peerKey,
     SSL3Opaque *b, PRUint32 length, const sslNamedGroupDef *curve);
-unsigned int tls13_SizeOfECDHEKeyShareKEX(const SECKEYPublicKey *pubKey);
 SECStatus tls13_EncodeECDHEKeyShareKEX(const sslSocket *ss,
                                        const SECKEYPublicKey *pubKey);
 
 extern SECStatus ssl3_ComputeCommonKeyHash(SSLHashType hashAlg,
                                            PRUint8 *hashBuf,
                                            unsigned int bufLen,
                                            SSL3Hashes *hashes);
 extern void ssl3_DestroyCipherSpec(ssl3CipherSpec *spec, PRBool freeSrvName);