Remove unused negotiate_kem function causing build failure (#5316)

Mark-Simulacrum · web-flow · commit 92f7827c8487 · 2025-05-21T00:17:02.000Z
diff --git a/tests/unit/s2n_client_extensions_test.c b/tests/unit/s2n_client_extensions_test.c
@@ -59,95 +59,6 @@ static uint8_t sct_list[] = {
     0xff, 0xff, 0xff, 0xff, 0xff
 };
 
-/* Helper function to allow us to easily repeat the PQ extension test for many scenarios.
- * If the KEM negotiation is expected to fail (because of e.g. a client/server extension
- * mismatch), pass in expected_kem_id = -1. The tests should always EXPECT_SUCCESS when
- * calling this function. */
-static int negotiate_kem(const uint8_t client_extensions[], const size_t client_extensions_len,
-        const uint8_t client_hello_message[], const size_t client_hello_len,
-        const char cipher_pref_version[], const int expected_kem_id, struct s2n_test_io_pair *io_pair)
-{
-    char *cert_chain = NULL;
-    char *private_key = NULL;
-
-    POSIX_GUARD_PTR(cert_chain = malloc(S2N_MAX_TEST_PEM_SIZE));
-    POSIX_GUARD_PTR(private_key = malloc(S2N_MAX_TEST_PEM_SIZE));
-    POSIX_GUARD(setenv("S2N_DONT_MLOCK", "1", 0));
-
-    struct s2n_connection *server_conn = NULL;
-    struct s2n_config *server_config = NULL;
-    s2n_blocked_status server_blocked;
-    struct s2n_cert_chain_and_key *chain_and_key = NULL;
-
-    size_t body_len = client_hello_len + client_extensions_len;
-    uint8_t message_header[] = {
-        /* Handshake message type CLIENT HELLO */
-        0x01,
-        /* Body len */
-        (body_len >> 16) & 0xff,
-        (body_len >> 8) & 0xff,
-        (body_len & 0xff),
-    };
-    size_t message_header_len = sizeof(message_header);
-    size_t message_len = message_header_len + body_len;
-    uint8_t record_header[] = {
-        /* Record type HANDSHAKE */
-        0x16,
-        /* Protocol version TLS 1.2 */
-        0x03,
-        0x03,
-        /* Message len */
-        (message_len >> 8) & 0xff,
-        (message_len & 0xff),
-    };
-    size_t record_header_len = sizeof(record_header);
-
-    POSIX_GUARD_PTR(server_conn = s2n_connection_new(S2N_SERVER));
-    POSIX_GUARD(s2n_connection_set_io_pair(server_conn, io_pair));
-
-    POSIX_GUARD_PTR(server_config = s2n_config_new());
-    POSIX_GUARD(s2n_read_test_pem(S2N_DEFAULT_TEST_CERT_CHAIN, cert_chain, S2N_MAX_TEST_PEM_SIZE));
-    POSIX_GUARD(s2n_read_test_pem(S2N_DEFAULT_TEST_PRIVATE_KEY, private_key, S2N_MAX_TEST_PEM_SIZE));
-    POSIX_GUARD_PTR(chain_and_key = s2n_cert_chain_and_key_new());
-    POSIX_GUARD(s2n_cert_chain_and_key_load_pem(chain_and_key, cert_chain, private_key));
-    POSIX_GUARD(s2n_config_add_cert_chain_and_key_to_store(server_config, chain_and_key));
-    POSIX_GUARD(s2n_config_set_cipher_preferences(server_config, cipher_pref_version));
-    POSIX_GUARD(s2n_connection_set_config(server_conn, server_config));
-    server_conn->kex_params.kem_params.kem = NULL;
-
-    /* Send the client hello */
-    POSIX_ENSURE_EQ(write(io_pair->client, record_header, record_header_len), (int64_t) record_header_len);
-    POSIX_ENSURE_EQ(write(io_pair->client, message_header, message_header_len), (int64_t) message_header_len);
-    POSIX_ENSURE_EQ(write(io_pair->client, client_hello_message, client_hello_len), (int64_t) client_hello_len);
-    POSIX_ENSURE_EQ(write(io_pair->client, client_extensions, client_extensions_len), (int64_t) client_extensions_len);
-
-    POSIX_GUARD(s2n_connection_set_blinding(server_conn, S2N_SELF_SERVICE_BLINDING));
-    if (s2n_negotiate(server_conn, &server_blocked) == 0) {
-        /* We expect the overall negotiation to fail and return non-zero, but it should get far enough
-         * that a KEM extension was agreed upon. */
-        return S2N_FAILURE;
-    }
-
-    int negotiated_kem_id = 0;
-
-    if (server_conn->kex_params.kem_params.kem != NULL) {
-        negotiated_kem_id = server_conn->kex_params.kem_params.kem->kem_extension_id;
-    } else {
-        negotiated_kem_id = -1;
-    }
-
-    POSIX_GUARD(s2n_connection_free(server_conn));
-    POSIX_GUARD(s2n_cert_chain_and_key_free(chain_and_key));
-    POSIX_GUARD(s2n_config_free(server_config));
-
-    free(cert_chain);
-    free(private_key);
-
-    POSIX_ENSURE_EQ(negotiated_kem_id, expected_kem_id);
-
-    return 0;
-}
-
 int main(int argc, char **argv)
 {
     char *cert_chain = NULL;
