From 2baccac82f8d76d3b6c0c0b41952b19c3d868b67 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Tue, 2 May 2017 14:54:09 -0400
Subject: [PATCH] Tidy up pkey_rsa_verify_recover.

RSA_verify_raw is the same as RSA_public_decrypt and fits the calling
convention better. This also avoids the extra copy.

Change-Id: Ib7e3152af26872440290a289f178c9a1d9bc673f
Reviewed-on: https://boringssl-review.googlesource.com/15826
Reviewed-by: Adam Langley <agl@google.com>
---
 crypto/evp/p_rsa.c | 17 ++++-------------
 1 file changed, 4 insertions(+), 13 deletions(-)

diff --git a/crypto/evp/p_rsa.c b/crypto/evp/p_rsa.c
index b4598b65..99c3a7cf 100644
--- a/crypto/evp/p_rsa.c
+++ b/crypto/evp/p_rsa.c
@@ -251,19 +251,9 @@ static int pkey_rsa_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out,
     return 0;
   }
 
-  if (!setup_tbuf(rctx, ctx)) {
-    return 0;
-  }
-
   if (rctx->md == NULL) {
-    const int ret = RSA_public_decrypt(sig_len, sig, rctx->tbuf,
-                                       ctx->pkey->pkey.rsa, rctx->pad_mode);
-    if (ret < 0) {
-      return 0;
-    }
-    *out_len = ret;
-    OPENSSL_memcpy(out, rctx->tbuf, *out_len);
-    return 1;
+    return RSA_verify_raw(rsa, out_len, out, *out_len, sig, sig_len,
+                          rctx->pad_mode);
   }
 
   if (rctx->pad_mode != RSA_PKCS1_PADDING) {
@@ -276,7 +266,8 @@ static int pkey_rsa_verify_recover(EVP_PKEY_CTX *ctx, uint8_t *out,
   uint8_t *asn1_prefix;
   size_t asn1_prefix_len;
   int asn1_prefix_allocated;
-  if (!RSA_add_pkcs1_prefix(&asn1_prefix, &asn1_prefix_len,
+  if (!setup_tbuf(rctx, ctx) ||
+      !RSA_add_pkcs1_prefix(&asn1_prefix, &asn1_prefix_len,
                             &asn1_prefix_allocated, EVP_MD_type(rctx->md),
                             kDummyHash, hash_len)) {
     return 0;