Only bypass the signature verification itself in fuzzer mode. Keep the setup_ctx logic, which, among other things, checks if the signature algorithm is valid. This cuts down on some unnecessary fuzzer-mode suppressions. Change-Id: I644f75630791c9741a1b372e5f83ae7ff9f01c2f Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36766 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>

commit: 4dfd5af70191b068aebe567b8e29ce108cee85ce [log] [tgz]
author: David Benjamin <davidben@google.com> Fri Jul 19 17:34:37 2019 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Fri Jul 19 23:31:14 2019 +0000
tree: 84f8044fac76430e8d8023a9140006f6dbb84947
parent: 9f5c419b9fbb0d10943f14829470130701af2f4b [diff] [blame]
diff --git a/ssl/handshake_server.cc b/ssl/handshake_server.cc
index f7e5df7..8ee39a2 100644
--- a/ssl/handshake_server.cc
+++ b/ssl/handshake_server.cc

@@ -1410,14 +1410,8 @@
     return ssl_hs_error;
   }
 
-  bool sig_ok =
-      ssl_public_key_verify(ssl, signature, signature_algorithm,
-                            hs->peer_pubkey.get(), hs->transcript.buffer());
-#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
-  sig_ok = true;
-  ERR_clear_error();
-#endif
-  if (!sig_ok) {
+  if (!ssl_public_key_verify(ssl, signature, signature_algorithm,
+                             hs->peer_pubkey.get(), hs->transcript.buffer())) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
     ssl_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
     return ssl_hs_error;
commit	4dfd5af70191b068aebe567b8e29ce108cee85ce	[log] [tgz]
author	David Benjamin <davidben@google.com>	Fri Jul 19 17:34:37 2019 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Fri Jul 19 23:31:14 2019 +0000
tree	84f8044fac76430e8d8023a9140006f6dbb84947
parent	9f5c419b9fbb0d10943f14829470130701af2f4b [diff] [blame]