From 675227e0d2cf328b216b83f61745e464c92d7066 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@chromium.org>
Date: Thu, 13 Nov 2014 15:19:23 -0500
Subject: [PATCH] Remove CERT_PKEY_EXPLICIT_SIGN flag.

This is maintained just to distinguish whether the digest was negotiated or we
simply fell back to assuming SHA-1 support. No code is sensitive to this flag
and it adds complexity because it is set at a different time, for now, from the
rest of valid_flags.

The flag is new in OpenSSL 1.0.2, so nothing external could be sensitive to it.

Change-Id: I9304e358d56f44d912d78beabf14316d456bf389
Reviewed-on: https://boringssl-review.googlesource.com/2282
Reviewed-by: Adam Langley <agl@google.com>
---
 include/openssl/ssl.h |  2 --
 ssl/ssl_cert.c        |  4 ++--
 ssl/t1_lib.c          | 12 ++++--------
 3 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 45625f71..d357e73f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -556,8 +556,6 @@ struct ssl_session_st
 #define CERT_PKEY_EE_PARAM	0x40
 /* CA certificate parameters OK */
 #define CERT_PKEY_CA_PARAM	0x80
-/* Signing explicitly allowed as opposed to SHA1 fallback */
-#define CERT_PKEY_EXPLICIT_SIGN	0x100
 /* Client CA issuer names match (always set for server cert) */
 #define CERT_PKEY_ISSUER_NAME	0x200
 /* Cert type matches client types (always set for server cert) */
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index 50ff7fcb..660f1d10 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -390,8 +390,8 @@ void ssl_cert_clear_certs(CERT *c)
 			sk_X509_pop_free(cpk->chain, X509_free);
 			cpk->chain = NULL;
 			}
-		/* Clear all flags apart from explicit sign */
-		cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
+		/* Clear all flags. */
+		cpk->valid_flags = 0;
 		}
 	}
 
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index e0bc3e13..b228b2af 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2738,10 +2738,8 @@ int tls1_process_sigalgs(SSL *s, const CBS *sigalgs)
 			{
 			md = tls12_get_hash(sigptr->rhash);
 			c->pkeys[idx].digest = md;
-			c->pkeys[idx].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
 			if (idx == SSL_PKEY_RSA_SIGN)
 				{
-				c->pkeys[SSL_PKEY_RSA_ENC].valid_flags = CERT_PKEY_EXPLICIT_SIGN;
 				c->pkeys[SSL_PKEY_RSA_ENC].digest = md;
 				}
 			}
@@ -3175,13 +3173,11 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
 
 	if (TLS1_get_version(s) >= TLS1_2_VERSION)
 		{
-		if (cpk->valid_flags & CERT_PKEY_EXPLICIT_SIGN)
-			rv |= CERT_PKEY_EXPLICIT_SIGN|CERT_PKEY_SIGN;
-		else if (cpk->digest)
+		if (cpk->digest)
 			rv |= CERT_PKEY_SIGN;
 		}
 	else
-		rv |= CERT_PKEY_SIGN|CERT_PKEY_EXPLICIT_SIGN;
+		rv |= CERT_PKEY_SIGN;
 
 	/* When checking a CERT_PKEY structure all flags are irrelevant
 	 * if the chain is invalid.
@@ -3192,8 +3188,8 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
 			cpk->valid_flags = rv;
 		else
 			{
-			/* Preserve explicit sign flag, clear rest */
-			cpk->valid_flags &= CERT_PKEY_EXPLICIT_SIGN;
+			/* Clear flags. */
+			cpk->valid_flags = 0;
 			return 0;
 			}
 		}