Remove key_exchange_info for plain RSA.

This isn't filled in on the client and Chromium no longer uses it for
plain RSA. It's redundant with existing APIs. This is part of removing
the need for callers to call SSL_get_session where possible.

SSL_get_session is ambiguous when it comes to renego. Some code wants
the current connection state which should not include the pending
handshake and some code wants the handshake scratch space which should.
Renego doesn't exist in TLS 1.3, but TLS 1.3 makes NewSessionTicket a
post-handshake message, so SSL_get_session is somewhat silly of an API
there too.

SSL_SESSION_get_key_exchange_info is a BoringSSL-only API, so we can
freely change it and replace it with APIs keyed on SSL. In doing so, I
think it is better to provide APIs like "SSL_get_dhe_group_size" and
"SSL_get_curve_id" rather than make the caller do the multi-step
SSL_get_current_cipher / SSL_CIPHER_is_ECDHE dance. To that end, RSA
key_exchange_info is pointless as it can already be determined from the
peer certificate.

Change-Id: Ie90523083d8649701c17934b7be0383502a0caa3
Reviewed-on: https://boringssl-review.googlesource.com/8564
Reviewed-by: Adam Langley <agl@google.com>

1 files changed, 0 insertions, 1 deletions

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 59096e4c..80988b07 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3502,7 +3502,6 @@ struct ssl_session_st {
    * that controls the confidentiality of the connection. Its interpretation
    * depends on the primitive that was used; as specified by the cipher suite:
    *   DHE: the size, in bits, of the multiplicative group.
-   *   RSA: the size, in bits, of the modulus.
    *   ECDHE: the TLS id for the curve.
    *
    * A zero indicates that the value is unknown. */