Google Git
Sign in
boringssl / boringssl / dd1ca99da4ba21684c4136a4ecb87d291d1792fa
commitdd1ca99da4ba21684c4136a4ecb87d291d1792fa[log] [tgz]
authorDavid Benjamin <davidben@chromium.org>Mon Feb 16 21:15:53 2015 -0500
committerAdam Langley <agl@google.com>Tue Feb 17 23:15:47 2015 +0000
tree5f62e249651e35930859a8aed8099f8344894945
parent310db06b79a8a997e077dc88bb2327992fad37bb [diff]
Remove X509_get_pubkey_parameters.

It's never called in outside code. This too seems to be a remnant of the DSA
PKIX optional parameter stuff. This is confirmed both by a removed comment and
by the brief documentation at http://www.umich.edu/~x509/ssleay/x509_pkey.html

RFC 5480 does not allow ECDSA keys to be missing parameters, so this logic is
incorrect for ECDSA anyway.  It was also failing to check
EVP_PKEY_copy_parameters' return value. And that logic looks pretty suspect if
you have a chain made up multiple certificate types.

Change-Id: Id6c60659a0162356c7f3eae5c797047366baae1c
Reviewed-on: https://boringssl-review.googlesource.com/3485
Reviewed-by: Adam Langley <agl@google.com>
2 files changed
tree: 5f62e249651e35930859a8aed8099f8344894945
  1. crypto/
  2. doc/
  3. include/
  4. ssl/
  5. tool/
  6. util/
  7. .clang-format
  8. .gitignore
  9. BUILDING
  10. CMakeLists.txt
  11. codereview.settings
  12. STYLE