Removes SCT_LIST_set_source and SCT_LIST_set0_logs

Both of these functions can easily be implemented by callers instead.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

diff --git a/crypto/ct/ct_sct.c b/crypto/ct/ct_sct.c
index 20bb156afcd21d54fa58741fbe59adf9e43c7e64..f83e155281e99f558009a11f04956565515f6d1e 100644 (file)
--- a/crypto/ct/ct_sct.c
+++ b/crypto/ct/ct_sct.c
@@ -327,18 +327,6 @@ int SCT_set_source(SCT *sct, sct_source_t source)
     }
 }
 
-int SCT_LIST_set_source(const STACK_OF(SCT) *scts, sct_source_t source)
-{
-    int i, ret = 0;
-
-    for (i = 0; i < sk_SCT_num(scts); ++i) {
-        if (SCT_set_source(sk_SCT_value(scts, i), source))
-            ++ret;
-    }
-
-    return ret;
-}
-
 const CTLOG *SCT_get0_log(const SCT *sct)
 {
     return sct->log;
@@ -351,23 +339,6 @@ int SCT_set0_log(SCT *sct, const CTLOG_STORE *ct_logs)
     return sct->log != NULL;
 }
 
-int SCT_LIST_set0_logs(STACK_OF(SCT) *sct_list, const CTLOG_STORE *ct_logs)
-{
-    int sct_logs_found = 0;
-    int i;
-
-    for (i = 0; i < sk_SCT_num(sct_list); ++i) {
-        SCT *sct = sk_SCT_value(sct_list, i);
-
-        if (sct->log == NULL)
-            SCT_set0_log(sct, ct_logs);
-        if (sct->log != NULL)
-            ++sct_logs_found;
-    }
-
-    return sct_logs_found;
-}
-
 sct_validation_status_t SCT_get_validation_status(const SCT *sct)
 {
     return sct->validation_status;

diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index 80ade2577ef5635f1c2d02ac78299778cc40e670..98b2231400bcf1d1bdc656da1255a6c70f56ae2e 100644 (file)
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -306,12 +306,6 @@ sct_source_t SCT_get_source(const SCT *sct);
  */
 __owur int SCT_set_source(SCT *sct, sct_source_t source);
 
-/*
- * Sets the source of all of the SCTs to the same value.
- * Returns the number of SCTs whose source was set successfully.
- */
-__owur int SCT_LIST_set_source(const STACK_OF(SCT) *scts, sct_source_t source);
-
 /*
  * Gets information about the log the SCT came from, if set.
  */
@@ -324,13 +318,6 @@ const CTLOG *SCT_get0_log(const SCT *sct);
  */
 int SCT_set0_log(SCT *sct, const CTLOG_STORE* ct_logs);
 
-/*
- * Looks up information about the logs the SCTs came from using a CT log store.
- * Returns the number of SCTs that now have a log set.
- * If any SCTs already have a log set, they will be skipped.
- */
-int SCT_LIST_set0_logs(STACK_OF(SCT) *sct_list, const CTLOG_STORE *ct_logs);
-
 /*
  * Pretty-prints an |sct| to |out|.
  * It will be indented by the number of spaces specified by |indent|.

diff --git a/test/ct_test.c b/test/ct_test.c
index 190a98fa02c3bbdfa692b91ec1a0903c9b4936e9..2e58419e7f40ef1c116e569d75d2959b46a3305f 100644 (file)
--- a/test/ct_test.c
+++ b/test/ct_test.c
@@ -340,12 +340,18 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
 
             if (fixture.test_validity) {
                 int are_scts_validated = 0;
+                int i;
+
                 scts = X509V3_EXT_d2i(sct_extension);
-                if (SCT_LIST_set_source(scts, SCT_SOURCE_X509V3_EXTENSION) !=
-                    sk_SCT_num(scts)) {
-                    fprintf(stderr,
-                            "Error setting SCT source to X509v3 extension\n");
-                    test_failed = 1;
+                for (i = 0; i < sk_SCT_num(scts); ++i) {
+                    SCT *sct_i = sk_SCT_value(scts, i);
+
+                    if (!SCT_set_source(sct_i, SCT_SOURCE_X509V3_EXTENSION)) {
+                        fprintf(stderr,
+                                "Error setting SCT source to X509v3 extension\n");
+                        test_failed = 1;
+                        goto end;
+                    }
                 }
 
                 are_scts_validated = SCT_LIST_validate(scts, ct_policy_ctx);
@@ -355,7 +361,6 @@ static int execute_cert_test(CT_TEST_FIXTURE fixture)
                 } else if (!are_scts_validated) {
                     int invalid_sct_count = 0;
                     int valid_sct_count = 0;
-                    int i;
 
                     for (i = 0; i < sk_SCT_num(scts); ++i) {
                         SCT *sct_i = sk_SCT_value(scts, i);

diff --git a/util/libcrypto.num b/util/libcrypto.num
index ba3060f102f19f2c3a94160387cbd052d06aa31b..bd4518ebdf83d4be9d633acf1ab321c811e68d3f 100644 (file)
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -1300,7 +1300,7 @@ i2d_X509_REVOKED                        1260      1_1_0   EXIST::FUNCTION:
 CMS_sign                                1261   1_1_0   EXIST::FUNCTION:CMS
 X509_STORE_add_cert                     1262   1_1_0   EXIST::FUNCTION:
 EC_GROUP_precompute_mult                1263   1_1_0   EXIST::FUNCTION:EC
-SCT_LIST_set_source                     1264   1_1_0   EXIST::FUNCTION:
+SCT_LIST_set_source                     1264   1_1_0   NOEXIST::FUNCTION:
 d2i_DISPLAYTEXT                         1265   1_1_0   EXIST::FUNCTION:
 HMAC_CTX_copy                           1266   1_1_0   EXIST::FUNCTION:
 CRYPTO_gcm128_init                      1267   1_1_0   EXIST::FUNCTION:
@@ -1628,7 +1628,7 @@ PEM_write_X509_REQ_NEW                  1579      1_1_0   EXIST::FUNCTION:
 CONF_imodule_set_usr_data               1580   1_1_0   EXIST::FUNCTION:
 d2i_TS_RESP_fp                          1581   1_1_0   EXIST::FUNCTION:STDIO
 X509_policy_tree_get0_user_policies     1582   1_1_0   EXIST::FUNCTION:
-SCT_LIST_set0_logs                      1583   1_1_0   EXIST::FUNCTION:
+SCT_LIST_set0_logs                      1583   1_1_0   NOEXIST::FUNCTION:
 DSA_do_sign                             1584   1_1_0   EXIST::FUNCTION:DSA
 EVP_CIPHER_CTX_reset                    1585   1_1_0   EXIST::FUNCTION:
 OCSP_REVOKEDINFO_new                    1586   1_1_0   EXIST::FUNCTION: