Remove redundant check of |sig_len| in |RSA_verify|.

The same check is already done in |RSA_verify_raw|, so |RSA_verify|
doesn't need to do it.

Also, move the |RSA_verify_raw| check earlier.

Change-Id: I15f7db0aad386c0f764bba53e77dfc46574f7635
Reviewed-on: https://boringssl-review.googlesource.com/7463
Reviewed-by: David Benjamin <davidben@google.com>

crypto/rsa/rsa.c

@@ -475,11 +475,6 @@ int RSA_verify(int hash_nid, const uint8_t *msg, size_t msg_len,
   size_t signed_msg_len, len;
   int signed_msg_is_alloced = 0;
 
-  if (sig_len != rsa_size) {
-    OPENSSL_PUT_ERROR(RSA, RSA_R_WRONG_SIGNATURE_LENGTH);
-    return 0;
-  }
-
   if (hash_nid == NID_md5_sha1 && msg_len != SSL_SIG_LENGTH) {
     OPENSSL_PUT_ERROR(RSA, RSA_R_INVALID_MESSAGE_LENGTH);
     return 0;

crypto/rsa/rsa_impl.c

@@ -445,6 +445,11 @@ int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
     return 0;
   }
 
+  if (in_len != rsa_size) {
+    OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN);
+    return 0;
+  }
+
   if (!check_modulus_and_exponent_sizes(rsa)) {
     return 0;
   }
@@ -472,11 +477,6 @@ int RSA_verify_raw(RSA *rsa, size_t *out_len, uint8_t *out, size_t max_out,
     goto err;
   }
 
-  if (in_len != rsa_size) {
-    OPENSSL_PUT_ERROR(RSA, RSA_R_DATA_LEN_NOT_EQUAL_TO_MOD_LEN);
-    goto err;
-  }
-
   if (BN_bin2bn(in, in_len, f) == NULL) {
     goto err;
   }