aboutsummaryrefslogtreecommitdiffstats
path: root/ssl/ssl_rsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssl/ssl_rsa.c')
-rw-r--r--ssl/ssl_rsa.c28
1 files changed, 1 insertions, 27 deletions
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
index b9693527b3d2..6457c0c0efa3 100644
--- a/ssl/ssl_rsa.c
+++ b/ssl/ssl_rsa.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -148,15 +148,6 @@ static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey)
EVP_PKEY_copy_parameters(pktmp, pkey);
ERR_clear_error();
-#ifndef OPENSSL_NO_RSA
- /*
- * Don't check the public/private key, this is mostly for smart
- * cards.
- */
- if (EVP_PKEY_id(pkey) == EVP_PKEY_RSA
- && RSA_flags(EVP_PKEY_get0_RSA(pkey)) & RSA_METHOD_FLAG_NO_CHECK) ;
- else
-#endif
if (!X509_check_private_key(c->pkeys[i].x509, pkey)) {
X509_free(c->pkeys[i].x509);
c->pkeys[i].x509 = NULL;
@@ -342,16 +333,6 @@ static int ssl_set_cert(CERT *c, X509 *x)
EVP_PKEY_copy_parameters(pkey, c->pkeys[i].privatekey);
ERR_clear_error();
-#ifndef OPENSSL_NO_RSA
- /*
- * Don't check the public/private key, this is mostly for smart
- * cards.
- */
- if (EVP_PKEY_id(c->pkeys[i].privatekey) == EVP_PKEY_RSA
- && RSA_flags(EVP_PKEY_get0_RSA(c->pkeys[i].privatekey)) &
- RSA_METHOD_FLAG_NO_CHECK) ;
- else
-#endif /* OPENSSL_NO_RSA */
if (!X509_check_private_key(x, c->pkeys[i].privatekey)) {
/*
* don't fail for a cert/key mismatch, just free current private
@@ -1082,13 +1063,6 @@ static int ssl_set_cert_and_key(SSL *ssl, SSL_CTX *ctx, X509 *x509, EVP_PKEY *pr
EVP_PKEY_copy_parameters(pubkey, privatekey);
} /* else both have parameters */
- /* Copied from ssl_set_cert/pkey */
-#ifndef OPENSSL_NO_RSA
- if ((EVP_PKEY_id(privatekey) == EVP_PKEY_RSA) &&
- ((RSA_flags(EVP_PKEY_get0_RSA(privatekey)) & RSA_METHOD_FLAG_NO_CHECK)))
- /* no-op */ ;
- else
-#endif
/* check that key <-> cert match */
if (EVP_PKEY_cmp(pubkey, privatekey) != 1) {
SSLerr(SSL_F_SSL_SET_CERT_AND_KEY, SSL_R_PRIVATE_KEY_MISMATCH);