Remove non-functional part of recent patch, after discussion with

Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)

diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index c8b6a814a0983dc3ccd34a0a958483ce25a886c4..31f3792a4cf2c457fa1fcc099b5f136d588dacf2 100644 (file)
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -457,7 +457,6 @@ void ERR_load_RSA_strings(void);
 #define RSA_R_N_DOES_NOT_EQUAL_P_Q                      127
 #define RSA_R_OAEP_DECODING_ERROR                       121
 #define RSA_R_PADDING_CHECK_FAILED                      114
-#define RSA_R_PKCS1_PADDING_TOO_SHORT                   105
 #define RSA_R_P_NOT_PRIME                               128
 #define RSA_R_Q_NOT_PRIME                               129
 #define RSA_R_RSA_OPERATIONS_NOT_SUPPORTED              130

diff --git a/crypto/rsa/rsa_eay.c b/crypto/rsa/rsa_eay.c
index 863a45a9758523056158ebf15fcb86e43ddce7e5..c6ceaee6e731689448c0d9c1ab35a43b2887b929 100644 (file)
--- a/crypto/rsa/rsa_eay.c
+++ b/crypto/rsa/rsa_eay.c
@@ -640,15 +640,6 @@ static int RSA_eay_public_decrypt(int flen, const unsigned char *from,
                {
        case RSA_PKCS1_PADDING:
                r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
-               /* Generally signatures should be at least 2/3 padding, though
-                  this isn't possible for really short keys and some standard
-                  signature schemes, so don't check if the unpadded data is
-                  small. */
-               if(r > 42 && 3*8*r >= BN_num_bits(rsa->n))
-                       {
-                       RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_PKCS1_PADDING_TOO_SHORT);
-                       goto err;
-                       }
                break;
        case RSA_X931_PADDING:
                r=RSA_padding_check_X931(to,num,buf,i,num);

diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
index 1a7f8b77196ac8e8373520e77edb1945f2210585..163b143a73c3e478a9f454d9de68fdd774da1a67 100644 (file)
--- a/crypto/rsa/rsa_err.c
+++ b/crypto/rsa/rsa_err.c
@@ -160,7 +160,6 @@ static ERR_STRING_DATA RSA_str_reasons[]=
 {ERR_REASON(RSA_R_N_DOES_NOT_EQUAL_P_Q)  ,"n does not equal p q"},
 {ERR_REASON(RSA_R_OAEP_DECODING_ERROR)   ,"oaep decoding error"},
 {ERR_REASON(RSA_R_PADDING_CHECK_FAILED)  ,"padding check failed"},
-{ERR_REASON(RSA_R_PKCS1_PADDING_TOO_SHORT),"pkcs1 padding too short"},
 {ERR_REASON(RSA_R_P_NOT_PRIME)           ,"p not prime"},
 {ERR_REASON(RSA_R_Q_NOT_PRIME)           ,"q not prime"},
 {ERR_REASON(RSA_R_RSA_OPERATIONS_NOT_SUPPORTED),"rsa operations not supported"},