From eb821c6916c1cb32e14d30a39317808c1187bd1e Mon Sep 17 00:00:00 2001
From: Jerry Yu <jerry.h.yu@arm.com>
Date: Wed, 19 Jan 2022 18:35:56 +0800
Subject: [PATCH] remove check_sig_hash

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
---
 library/ssl_misc.h |  5 -----
 library/ssl_srv.c  | 11 +++++++----
 library/ssl_tls.c  | 25 -------------------------
 3 files changed, 7 insertions(+), 34 deletions(-)

diff --git a/library/ssl_misc.h b/library/ssl_misc.h
index c7e24d1274..2b1fa2272b 100644
--- a/library/ssl_misc.h
+++ b/library/ssl_misc.h
@@ -1283,11 +1283,6 @@ int mbedtls_ssl_set_calc_verify_md( mbedtls_ssl_context *ssl, int md );
 int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_id grp_id );
 #endif
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
-                                mbedtls_md_type_t md );
-#endif
-
 #if defined(MBEDTLS_SSL_DTLS_SRTP)
 static inline mbedtls_ssl_srtp_profile mbedtls_ssl_check_srtp_profile_value
                                                     ( const uint16_t srtp_profile_value )
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index f2f57b14d3..5cd9d71612 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -1803,10 +1803,13 @@ read_record_header:
      */
     if( sig_hash_alg_ext_present == 0 )
     {
-        mbedtls_md_type_t md_default = MBEDTLS_MD_SHA1;
-
-        if( mbedtls_ssl_check_sig_hash( ssl, md_default ) != 0 )
-            md_default = MBEDTLS_MD_NONE;
+        uint16_t sig_algs[] = { MBEDTLS_SSL_SIG_ALG(MBEDTLS_SSL_HASH_SHA1) };
+        mbedtls_md_type_t md_default = MBEDTLS_MD_NONE;
+        for( i = 0; i < sizeof(sig_algs)/sizeof(sig_algs[0]) ; i++ )
+        {
+            if( mbedtls_ssl_sig_alg_is_offered( ssl, sig_algs[ i ] ) )
+                md_default = MBEDTLS_MD_SHA1;
+        }
 
         mbedtls_ssl_sig_hash_set_const_hash( &ssl->handshake->hash_algs, md_default );
     }
diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 97c60c85bf..143ce822ec 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -6950,31 +6950,6 @@ int mbedtls_ssl_check_curve( const mbedtls_ssl_context *ssl, mbedtls_ecp_group_i
 }
 #endif /* MBEDTLS_ECP_C */
 
-#if defined(MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED)
-/*
- * Check if a hash proposed by the peer is in our list.
- * Return 0 if we're willing to use it, -1 otherwise.
- */
-int mbedtls_ssl_check_sig_hash( const mbedtls_ssl_context *ssl,
-                                mbedtls_md_type_t md )
-{
-
-    const uint16_t *sig_alg = mbedtls_ssl_get_sig_algs( ssl );
-    if( sig_alg == NULL )
-        return( -1 );
-
-    for( ; *sig_alg != MBEDTLS_TLS1_3_SIG_NONE; sig_alg++ )
-    {
-        mbedtls_md_type_t hash = mbedtls_ssl_md_alg_from_hash(
-                                                   MBEDTLS_BYTE_1( *sig_alg ) );
-        if( hash == md )
-            return( 0 );
-    }
-
-    return( -1 );
-}
-#endif /* MBEDTLS_KEY_EXCHANGE_WITH_CERT_ENABLED */
-
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
 int mbedtls_ssl_check_cert_usage( const mbedtls_x509_crt *cert,
                           const mbedtls_ssl_ciphersuite_t *ciphersuite,