diff options
| author | David Benjamin <davidben@chromium.org> | 2015-02-17 05:15:53 +0300 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2015-02-18 02:15:47 +0300 |
| commit | dd1ca99da4ba21684c4136a4ecb87d291d1792fa (patch) | |
| tree | 5f62e249651e35930859a8aed8099f8344894945 /include/openssl/x509.h | |
| parent | 310db06b79a8a997e077dc88bb2327992fad37bb (diff) | |
Remove X509_get_pubkey_parameters.
It's never called in outside code. This too seems to be a remnant of the DSA
PKIX optional parameter stuff. This is confirmed both by a removed comment and
by the brief documentation at http://www.umich.edu/~x509/ssleay/x509_pkey.html
RFC 5480 does not allow ECDSA keys to be missing parameters, so this logic is
incorrect for ECDSA anyway. It was also failing to check
EVP_PKEY_copy_parameters' return value. And that logic looks pretty suspect if
you have a chain made up multiple certificate types.
Change-Id: Id6c60659a0162356c7f3eae5c797047366baae1c
Reviewed-on: https://boringssl-review.googlesource.com/3485
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'include/openssl/x509.h')
| -rw-r--r-- | include/openssl/x509.h | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/include/openssl/x509.h b/include/openssl/x509.h index f500876a..acdab6ea 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -748,8 +748,6 @@ DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) OPENSSL_EXPORT int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); OPENSSL_EXPORT EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); -OPENSSL_EXPORT int X509_get_pubkey_parameters(EVP_PKEY *pkey, - STACK_OF(X509) *chain); OPENSSL_EXPORT int i2d_PUBKEY(const EVP_PKEY *a,unsigned char **pp); OPENSSL_EXPORT EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, long length); |