Google Git
Sign in
boringssl/boringssl.git/75d1589f6099877a167ec262c0207d51eb8e5c4f^!/.
commit
75d1589f6099877a167ec262c0207d51eb8e5c4f
[log]
author
Alex Chernyakhovsky <achernya@google.com>
Sun Aug 03 15:33:50 2014 -0400
committer
Adam Langley <agl@google.com>
Mon Aug 04 20:14:21 2014 +0000
tree
1280d1714f7e19c05976b7b92f77604b03086b55
parent
499b4401353b21d432fb67420e0a3a4b1dfb2844 [diff]
Remove PKCS1_CHECK

The code guarded by PKCS1_CHECK appears to be unhelpful, and the guard
is explicitly undefined in ssl_locl.h Remove both.

Change-Id: I3cd45a744a8f35b02181b1e48fd1ef11af5e6f4a
Reviewed-on: https://boringssl-review.googlesource.com/1383
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 026a0ac..1185873 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c

@@ -2113,10 +2113,6 @@
 				p+=2;
 			n=RSA_public_encrypt(sizeof tmp_buf,
 				tmp_buf,p,rsa,RSA_PKCS1_PADDING);
-#ifdef PKCS1_CHECK
-			if (s->options & SSL_OP_PKCS1_CHECK_1) p[1]++;
-			if (s->options & SSL_OP_PKCS1_CHECK_2) tmp_buf[0]=0x70;
-#endif
 			if (n <= 0)
 				{
 				OPENSSL_PUT_ERROR(SSL, ssl3_send_client_key_exchange, SSL_R_BAD_RSA_ENCRYPT);

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index ef3e759..bf95fb3 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h

@@ -158,8 +158,6 @@
 #include <openssl/ssl.h>
 #include <openssl/stack.h>
 
-#undef PKCS1_CHECK
-
 #define c2l(c,l)	(l = ((unsigned long)(*((c)++)))     , \
 			 l|=(((unsigned long)(*((c)++)))<< 8), \
 			 l|=(((unsigned long)(*((c)++)))<<16), \