diff options
| author | David Benjamin <davidben@chromium.org> | 2014-10-09 13:04:29 -0400 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-10-09 21:07:32 +0000 |
| commit | 75a1dd0dbe655c0ea0d29f8c052de55f389dce69 (patch) | |
| tree | 699fb39a2e36074c57acf51bc722901b634cdc51 /crypto | |
| parent | f4b495271901e9850612d99ded4a6b0aec2e7bea (diff) | |
| download | src-75a1dd0dbe655c0ea0d29f8c052de55f389dce69.tar.gz | |
Remove EVP_PKEY_CTX case in rsa_pss_to_ctx.
We only ever use the EVP_PKEY case, not the EVP_PKEY_CTX one.
Change-Id: Ibead854f793663da0a9e474599507d9c3ff920cb
Reviewed-on: https://boringssl-review.googlesource.com/1915
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/evp/p_rsa_asn1.c | 28 |
1 files changed, 6 insertions, 22 deletions
diff --git a/crypto/evp/p_rsa_asn1.c b/crypto/evp/p_rsa_asn1.c index b8d4a37..1bb69f3 100644 --- a/crypto/evp/p_rsa_asn1.c +++ b/crypto/evp/p_rsa_asn1.c @@ -583,16 +583,14 @@ err: return NULL; } -/* From PSS AlgorithmIdentifier set public key parameters. If pkey - * isn't NULL then the EVP_MD_CTX is setup and initalised. If it - * is NULL parameters are passed to pkctx instead. */ -static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, - X509_ALGOR *sigalg, EVP_PKEY *pkey) { +/* From PSS AlgorithmIdentifier set public key parameters. */ +static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, X509_ALGOR *sigalg, EVP_PKEY *pkey) { int ret = 0; int saltlen; const EVP_MD *mgf1md = NULL, *md = NULL; RSA_PSS_PARAMS *pss; X509_ALGOR *maskHash; + EVP_PKEY_CTX *pkctx; /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != NID_rsassaPss) { @@ -634,22 +632,8 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, goto err; } - if (pkey) { - if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey)) { - goto err; - } - } else { - const EVP_MD *checkmd; - if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0) { - goto err; - } - if (EVP_MD_type(md) != EVP_MD_type(checkmd)) { - OPENSSL_PUT_ERROR(EVP, rsa_pss_to_ctx, EVP_R_DIGEST_DOES_NOT_MATCH); - goto err; - } - } - - if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0 || + if (!EVP_DigestVerifyInit(ctx, &pkctx, md, NULL, pkey) || + EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_PSS_PADDING) <= 0 || EVP_PKEY_CTX_set_rsa_pss_saltlen(pkctx, saltlen) <= 0 || EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) { goto err; @@ -676,7 +660,7 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, OPENSSL_PUT_ERROR(EVP, rsa_item_verify, EVP_R_UNSUPPORTED_SIGNATURE_TYPE); return -1; } - if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey)) { + if (rsa_pss_to_ctx(ctx, sigalg, pkey)) { /* Carry on */ return 2; } |