Remove non-functional part of recent patch, after discussion with

Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index ce6f54ffed5ea8bcdb847aea360201cfc8878adf..d302254bb1b1c1e1422dc642dddc45a885f43bba 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -412,7 +412,6 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_N_DOES_NOT_EQUAL_P_Q                      127
 #define RSA_R_OAEP_DECODING_ERROR                       121
 #define RSA_R_PADDING_CHECK_FAILED                      114
-#define RSA_R_PKCS1_PADDING_TOO_SHORT                   105
 #define RSA_R_P_NOT_PRIME                               128
 #define RSA_R_Q_NOT_PRIME                               129
 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED              130

diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index d6e07a2c5c1c8448bc61b83bba2ada3c1de3f89c..69cabd2716445bb1a88b2ef0273b6d498b8ecc41 100644 (file)
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -640,15 +640,6 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
                {
        case RSA_PKCS1_PADDING:
                r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
-               /* Generally signatures should be at least 2/3 padding, though
-                  this isn't possible for really short keys and some standard
-                  signature schemes, so don't check if the unpadded data is
-                  small. */
-               if(r > 42 && 3*8*r >= BN_num_bits(rsa->n))
-                       {
-                       RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_PKCS1_PADDING_TOO_SHORT);
-                       goto err;
-                       }
                break;
        case RSA_X931_PADDING:
                r=RSA_padding_check_X931(to,num,buf,i,num);

diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 584adb02052e0dcea386edf1a7b69e54345079b5..f82b2d6ad994692aa007f2e57d93013be97b1e1f 100644 (file)
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -142,7 +142,6 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
 {ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
 {ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
-{ERR_REASON(RSA_R_PKCS1_PADDING_TOO_SHORT),"pkcs1 padding too short"},
 {ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
 {ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
 {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},