rsa: remove dead code

author Hubert Kario <hkario@redhat.com>

Wed, 8 Feb 2023 13:32:09 +0000 (14:32 +0100)

committer Zoltan Fridrich <zfridric@redhat.com>

Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)
author Hubert Kario <hkario@redhat.com>
Wed, 8 Feb 2023 13:32:09 +0000 (14:32 +0100)
committer Zoltan Fridrich <zfridric@redhat.com>
Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)
diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c

index 6b158bacb246722f29a6910f081c38fad2e18bde..858701fe6e8b05854d5520db11200255f2d89c08 100644 (file)
--- a/lib/auth/rsa.c
+++ b/lib/auth/rsa.c
@@ -159,8 +159,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
         int ret, dsize;
         ssize_t data_size = _data_size;
         volatile uint8_t ver_maj, ver_min;
-       volatile uint8_t check_ver_min;
-       volatile uint32_t ok;
  
  #ifdef ENABLE_SSL3
         if (get_num_version(session) == GNUTLS_SSL3) {
@@ -186,7 +184,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
  
         ver_maj = _gnutls_get_adv_version_major(session);
         ver_min = _gnutls_get_adv_version_minor(session);
-       check_ver_min = (session->internals.allow_wrong_pms == 0);
  
         session->key.key.data = gnutls_malloc(GNUTLS_MASTER_SIZE);
         if (session->key.key.data == NULL) {
@@ -205,10 +202,9 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
                 return ret;
         }
  
-       ret =
-           gnutls_privkey_decrypt_data2(session->internals.selected_key,
-                                        0, &ciphertext, session->key.key.data,
-                                        session->key.key.size);
+       gnutls_privkey_decrypt_data2(session->internals.selected_key,
+                                    0, &ciphertext, session->key.key.data,
+                                    session->key.key.size);
         /* After this point, any conditional on failure that cause differences
          * in execution may create a timing or cache access pattern side
          * channel that can be used as an oracle, so treat very carefully */
@@ -224,16 +220,6 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data,
          * Vlastimil Klima, Ondej Pokorny and Tomas Rosa.
          */
  
-       /* ok is 0 in case of error and 1 in case of success. */
-
-       /* if ret < 0 */
-       ok = CONSTCHECK_EQUAL(ret, 0);
-       /* session->key.key.data[0] must equal ver_maj */
-       ok &= CONSTCHECK_EQUAL(session->key.key.data[0], ver_maj);
-       /* if check_ver_min then session->key.key.data[1] must equal ver_min */
-       ok &= CONSTCHECK_NOT_EQUAL(check_ver_min, 0) &
-               CONSTCHECK_EQUAL(session->key.key.data[1], ver_min);
-
         /* This is here to avoid the version check attack
          * discussed above.
          */
author	Hubert Kario <hkario@redhat.com>
	Wed, 8 Feb 2023 13:32:09 +0000 (14:32 +0100)
committer	Zoltan Fridrich <zfridric@redhat.com>
	Thu, 9 Feb 2023 09:58:51 +0000 (10:58 +0100)