Remove SSL_ENC_FLAG_EXPLICIT_IV which is only set and never read.

Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24036)
2024-11-21 01:15:20 +08:00 · 2024-04-04 13:30:59 +02:00 · 2024-04-04 13:30:59 +02:00 · 125719ba11
commit 125719ba11
parent a401aaf9ed
3 changed files with 4 additions and 9 deletions
--- a/ssl/d1_lib.c
+++ b/ssl/d1_lib.c
@ -29,7 +29,7 @@ const SSL3_ENC_METHOD DTLSv1_enc_data = {
    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
    tls1_alert_code,
    tls1_export_keying_material,
-    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV,
+    SSL_ENC_FLAG_DTLS,
    dtls1_set_handshake_header,
    dtls1_close_construct_packet,
    dtls1_handshake_write
@ -44,7 +44,7 @@ const SSL3_ENC_METHOD DTLSv1_2_enc_data = {
    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
    tls1_alert_code,
    tls1_export_keying_material,
-    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS
+    SSL_ENC_FLAG_DTLS | SSL_ENC_FLAG_SIGALGS
        | SSL_ENC_FLAG_SHA256_PRF | SSL_ENC_FLAG_TLS1_2_CIPHERS,
    dtls1_set_handshake_header,
    dtls1_close_construct_packet,
--- a/ssl/ssl_local.h
+++ b/ssl/ssl_local.h
@ -274,9 +274,6 @@
 # define SSL_IS_FIRST_HANDSHAKE(s) ((s)->s3.tmp.finish_md_len == 0 \
                                    || (s)->s3.tmp.peer_finish_md_len == 0)

-/* See if we need explicit IV */
-# define SSL_USE_EXPLICIT_IV(s)  \
-    (SSL_CONNECTION_GET_SSL(s)->method->ssl3_enc->enc_flags & SSL_ENC_FLAG_EXPLICIT_IV)
 /*
 * See if we use signature algorithms extension and signature algorithm
 * before signatures.
@ -2156,8 +2153,6 @@ typedef struct ssl3_enc_method {

 /* Values for enc_flags */

-/* Uses explicit IV for CBC mode */
-# define SSL_ENC_FLAG_EXPLICIT_IV        0x1
 /* Uses signature algorithms extension */
 # define SSL_ENC_FLAG_SIGALGS            0x2
 /* Uses SHA256 default PRF */
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@ -54,7 +54,7 @@ SSL3_ENC_METHOD const TLSv1_1_enc_data = {
    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
    tls1_alert_code,
    tls1_export_keying_material,
-    SSL_ENC_FLAG_EXPLICIT_IV,
+    0,
    ssl3_set_handshake_header,
    tls_close_construct_packet,
    ssl3_handshake_write
@ -69,7 +69,7 @@ SSL3_ENC_METHOD const TLSv1_2_enc_data = {
    TLS_MD_SERVER_FINISH_CONST, TLS_MD_SERVER_FINISH_CONST_SIZE,
    tls1_alert_code,
    tls1_export_keying_material,
-    SSL_ENC_FLAG_EXPLICIT_IV | SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
+    SSL_ENC_FLAG_SIGALGS | SSL_ENC_FLAG_SHA256_PRF
        | SSL_ENC_FLAG_TLS1_2_CIPHERS,
    ssl3_set_handshake_header,
    tls_close_construct_packet,