commit 76bb1411acf5cf6935586182a3a037d372ed1636
author David Benjamin <davidben@google.com> Thu Sep 08 16:03:49 2016 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Thu Dec 15 15:47:39 2016 +0000
tree e0bec4b3683610196d9f738f8d3c4f6e8385111f
parent 593b6a44fe066cee03a3aa8431a17e7800a02c17

Remove the BORINGSSL_ANDROID_SYSTEM P-521 special-case.

This dates to
https://android.googlesource.com/platform/external/boringssl/+/62d05888d1cf178d900b54e7e035928abea512b1
which intended to be removed in a later Android release once X25519 was
added. That has since happened.

This intentionally leaves the P-521 hooked up for now. Detaching it
completely is a more aggressive change (since it's slightly tied up with
SHA-512) that should wait until removing ECDSA+SHA512 has stuck in Chrome.

Change-Id: I04553c3eddf33a13b6e3e9a6e7ac4c4725676cb0
Reviewed-on: https://boringssl-review.googlesource.com/10923
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/t1_lib.c

diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index 4549fe2..8d91cfc 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -308,9 +308,6 @@
     SSL_CURVE_X25519,
     SSL_CURVE_SECP256R1,
     SSL_CURVE_SECP384R1,
-#if defined(BORINGSSL_ANDROID_SYSTEM)
-    SSL_CURVE_SECP521R1,
-#endif
 };
 
 void tls1_get_grouplist(SSL *ssl, const uint16_t **out_group_ids,
@@ -464,8 +461,7 @@
 #endif
     SSL_SIGN_RSA_PKCS1_SHA384,
 
-    /* TODO(davidben): Remove this entry and SSL_CURVE_SECP521R1 from
-     * kDefaultGroups. */
+    /* TODO(davidben): Remove this. */
 #if defined(BORINGSSL_ANDROID_SYSTEM)
     SSL_SIGN_ECDSA_SECP521R1_SHA512,
 #endif