Don't pretend to account for RSA_PSK.

RSA_PSK is really weird in that it takes a Certificate, but you're not
expected to verify it. It's just a funny way to transmit an RSA key.
(They probably should have used the RSA_EXPORT ServerKeyExchange
spelling.) Some code now already doesn't account for it right around
certificate verification.

Given ECDHE_PSK exists, hopefully there will never be any need to add

Change-Id: Ia64dac28099eaa9021f8d915d45ccbfd62872317
Reviewed-by: Adam Langley <>
2 files changed