Drop support for engines-provided signature verification.
We do not need to support engine-provided verification methods.
Change-Id: Iaad8369d403082b728c831167cc386fdcabfb067
Reviewed-on: https://boringssl-review.googlesource.com/7311
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/include/openssl/ec_key.h b/include/openssl/ec_key.h
index c4b74a2..63554a7 100644
--- a/include/openssl/ec_key.h
+++ b/include/openssl/ec_key.h
@@ -248,7 +248,7 @@
int (*sign)(const uint8_t *digest, size_t digest_len, uint8_t *sig,
unsigned int *sig_len, EC_KEY *eckey);
- /* verify matches the arguments and behaviour of |ECDSA_verify|. */
+ /* Ignored. Set this to NULL. */
int (*verify)(const uint8_t *digest, size_t digest_len, const uint8_t *sig,
size_t sig_len, EC_KEY *eckey);
diff --git a/include/openssl/rsa.h b/include/openssl/rsa.h
index 19325aa..ea42525 100644
--- a/include/openssl/rsa.h
+++ b/include/openssl/rsa.h
@@ -509,6 +509,7 @@
int (*sign)(int type, const uint8_t *m, unsigned int m_length,
uint8_t *sigret, unsigned int *siglen, const RSA *rsa);
+ /* Ignored. Set this to NULL. */
int (*verify)(int dtype, const uint8_t *m, unsigned int m_length,
const uint8_t *sigbuf, unsigned int siglen, const RSA *rsa);
@@ -521,6 +522,7 @@
int (*decrypt)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding);
+ /* Ignored. Set this to NULL. */
int (*verify_raw)(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
const uint8_t *in, size_t in_len, int padding);
