2 files changed, 3 insertions, 29 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c
index 09166e105b..0b648138ee 100644
--- a/src/lib/libcrypto/rsa/rsa_pmeth.c
+++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_pmeth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */
+/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -178,18 +178,7 @@ pkey_rsa_sign(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                        return -1;
                }
-                if (EVP_MD_type(rctx->md) == NID_mdc2) {
+                if (rctx->pad_mode == RSA_X931_PADDING) {
-                        unsigned int sltmp;
-                        if (rctx->pad_mode != RSA_PKCS1_PADDING)
-                                return -1;
-                        ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen,
-                            sig, &sltmp, rsa);
-                        if (ret <= 0)
-                                return ret;
-                        ret = sltmp;
-                } else if (rctx->pad_mode == RSA_X931_PADDING) {
                        if (!setup_tbuf(rctx, ctx))
                                return -1;
                        memcpy(rctx->tbuf, tbs, tbslen);
diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c
index a446b563b3..09d8ef329d 100644
--- a/src/lib/libcrypto/rsa/rsa_sign.c
+++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rsa_sign.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */
+/* $OpenBSD: rsa_sign.c,v 1.23 2015/06/20 01:07:25 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -180,21 +180,6 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
        if (i <= 0)
                goto err;
-        /*
-         * Oddball MDC2 case: signature can be OCTET STRING.
-         * check for correct tag and length octets.
-         */
-        if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
-                if (rm) {
-                        memcpy(rm, s + 2, 16);
-                        *prm_len = 16;
-                        ret = 1;
-                } else if (memcmp(m, s + 2, 16))
-                        RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
-                else
-                        ret = 1;
-        }
        /* Special case: SSL signature */
        if (dtype == NID_md5_sha1) {
                if (i != SSL_SIG_LENGTH || memcmp(s, m, SSL_SIG_LENGTH))

diff --git a/src/lib/libcrypto/rsa/rsa_pmeth.c b/src/lib/libcrypto/rsa/rsa_pmeth.c index 09166e105b..0b648138ee 100644 --- a/src/lib/libcrypto/rsa/rsa_pmeth.c +++ b/src/lib/libcrypto/rsa/rsa_pmeth.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_pmeth.c,v 1.16 2015/02/11 04:05:14 beck Exp $ */	1	/* $OpenBSD: rsa_pmeth.c,v 1.17 2015/06/20 01:07:25 doug Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -178,18 +178,7 @@ pkey_rsa_sign(EVP_PKEY_CTX ctx, unsigned char sig, size_t *siglen,
178	return -1;	178	return -1;
179	}	179	}
180		180
181	if (EVP_MD_type(rctx->md) == NID_mdc2) {	181	if (rctx->pad_mode == RSA_X931_PADDING) {
182	unsigned int sltmp;
183
184	if (rctx->pad_mode != RSA_PKCS1_PADDING)
185	return -1;
186	ret = RSA_sign_ASN1_OCTET_STRING(NID_mdc2, tbs, tbslen,
187	sig, &sltmp, rsa);
188
189	if (ret <= 0)
190	return ret;
191	ret = sltmp;
192	} else if (rctx->pad_mode == RSA_X931_PADDING) {
193	if (!setup_tbuf(rctx, ctx))	182	if (!setup_tbuf(rctx, ctx))
194	return -1;	183	return -1;
195	memcpy(rctx->tbuf, tbs, tbslen);	184	memcpy(rctx->tbuf, tbs, tbslen);


diff --git a/src/lib/libcrypto/rsa/rsa_sign.c b/src/lib/libcrypto/rsa/rsa_sign.c index a446b563b3..09d8ef329d 100644 --- a/src/lib/libcrypto/rsa/rsa_sign.c +++ b/src/lib/libcrypto/rsa/rsa_sign.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: rsa_sign.c,v 1.22 2014/07/11 08:44:49 jsing Exp $ */	1	/* $OpenBSD: rsa_sign.c,v 1.23 2015/06/20 01:07:25 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -180,21 +180,6 @@ int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len,
180	if (i <= 0)	180	if (i <= 0)
181	goto err;	181	goto err;
182		182
183	/*
184	* Oddball MDC2 case: signature can be OCTET STRING.
185	* check for correct tag and length octets.
186	*/
187	if (dtype == NID_mdc2 && i == 18 && s[0] == 0x04 && s[1] == 0x10) {
188	if (rm) {
189	memcpy(rm, s + 2, 16);
190	*prm_len = 16;
191	ret = 1;
192	} else if (memcmp(m, s + 2, 16))
193	RSAerr(RSA_F_INT_RSA_VERIFY, RSA_R_BAD_SIGNATURE);
194	else
195	ret = 1;
196	}
197
198	/* Special case: SSL signature */	183	/* Special case: SSL signature */
199	if (dtype == NID_md5_sha1) {	184	if (dtype == NID_md5_sha1) {
200	if (i != SSL_SIG_LENGTH \|\| memcmp(s, m, SSL_SIG_LENGTH))	185	if (i != SSL_SIG_LENGTH \|\| memcmp(s, m, SSL_SIG_LENGTH))