Clear remaining BORINGSSL_ANDROID_SYSTEM ifdefs.
Both of these changes have stuck in Chrome for quite a while now. Let's
clear them.
Change-Id: I13094451be2584ecaaf6b60eedefb7212b7bcde2
Reviewed-on: https://boringssl-review.googlesource.com/22226
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 5e9cde1..ab50a57 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -75,10 +75,7 @@
{TLS1_VERSION, VersionParam::is_tls, "TLS1"},
{TLS1_1_VERSION, VersionParam::is_tls, "TLS1_1"},
{TLS1_2_VERSION, VersionParam::is_tls, "TLS1_2"},
-// TLS 1.3 requires RSA-PSS, which is disabled for Android system builds.
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
{TLS1_3_VERSION, VersionParam::is_tls, "TLS1_3"},
-#endif
{DTLS1_VERSION, VersionParam::is_dtls, "DTLS1"},
{DTLS1_2_VERSION, VersionParam::is_dtls, "DTLS1_2"},
};
@@ -1974,8 +1971,6 @@
0x01, 0x00, 0x00, 0x1f, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x17, 0x00,
0x00, 0x00, 0x23, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00,
0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00, 0x17, 0x00, 0x18}},
- // This test assumes RSA-PSS, which is disabled for Android system builds.
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
{TLS1_2_VERSION,
{0x16, 0x03, 0x01, 0x00, 0x8e, 0x01, 0x00, 0x00, 0x8a, 0x03, 0x03, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -1990,7 +1985,6 @@
0x05, 0x05, 0x01, 0x08, 0x06, 0x06, 0x01, 0x02, 0x01, 0x00, 0x0b, 0x00,
0x02, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x1d, 0x00,
0x17, 0x00, 0x18}},
-#endif
// TODO(davidben): Add a change detector for TLS 1.3 once the spec and our
// implementation has settled enough that it won't change.
};
diff --git a/ssl/t1_lib.cc b/ssl/t1_lib.cc
index 40b0dc0..31b51c9 100644
--- a/ssl/t1_lib.cc
+++ b/ssl/t1_lib.cc
@@ -418,25 +418,15 @@
// List our preferred algorithms first.
SSL_SIGN_ED25519,
SSL_SIGN_ECDSA_SECP256R1_SHA256,
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA256,
-#endif
SSL_SIGN_RSA_PKCS1_SHA256,
// Larger hashes are acceptable.
SSL_SIGN_ECDSA_SECP384R1_SHA384,
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA384,
-#endif
SSL_SIGN_RSA_PKCS1_SHA384,
- // TODO(davidben): Remove this.
-#if defined(BORINGSSL_ANDROID_SYSTEM)
- SSL_SIGN_ECDSA_SECP521R1_SHA512,
-#endif
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA512,
-#endif
SSL_SIGN_RSA_PKCS1_SHA512,
// For now, SHA-1 is still accepted but least preferable.
@@ -454,24 +444,18 @@
// List our preferred algorithms first.
SSL_SIGN_ED25519,
SSL_SIGN_ECDSA_SECP256R1_SHA256,
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA256,
-#endif
SSL_SIGN_RSA_PKCS1_SHA256,
// If needed, sign larger hashes.
//
// TODO(davidben): Determine which of these may be pruned.
SSL_SIGN_ECDSA_SECP384R1_SHA384,
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA384,
-#endif
SSL_SIGN_RSA_PKCS1_SHA384,
SSL_SIGN_ECDSA_SECP521R1_SHA512,
-#if !defined(BORINGSSL_ANDROID_SYSTEM)
SSL_SIGN_RSA_PSS_SHA512,
-#endif
SSL_SIGN_RSA_PKCS1_SHA512,
// If the peer supports nothing else, sign with SHA-1.