[openssl-commits] [openssl] OpenSSL_1_0_1-stable update

Rich Salz rsalz at openssl.org
Fri Oct 23 01:11:26 UTC 2015 

The branch OpenSSL_1_0_1-stable has been updated
       via  2d404dc38031122147043af31a1f1de364903be2 (commit)
      from  b2593839da1e0c5af5fedf3fce3fd43c400199b4 (commit)


- Log -----------------------------------------------------------------
commit 2d404dc38031122147043af31a1f1de364903be2
Author: Adam Eijdenberg <eijdenberg at google.com>
Date:   Mon Oct 19 11:16:25 2015 -0700

    Clarify return values for EVP_DigestVerifyFinal.
    
    Previous language was unclear.  New language isn't pretty but I believe
    it is more accurate.
    
    Signed-off-by: Rich Salz <rsalz at openssl.org>
    Reviewed-by: Ben Laurie <ben at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (cherry picked from commit 8cbb048c3ea416f2bd8a3706d027f3aa26ef08d9)

-----------------------------------------------------------------------

Summary of changes:
 doc/crypto/EVP_DigestVerifyInit.pod | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/doc/crypto/EVP_DigestVerifyInit.pod b/doc/crypto/EVP_DigestVerifyInit.pod
index cfeccd9..54cad92 100644
--- a/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -37,10 +37,11 @@ EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
 or a negative value for failure. In particular a return value of -2 indicates
 the operation is not supported by the public key algorithm.
 
-Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
-indicates that the signature did not verify successfully (that is tbs did
-not match the original data or the signature was of invalid form) it is not an
-indication of a more serious error.
+EVP_DigestVerifyFinal() returns 1 for success; any other value indicates
+failure.  A return value of zero indicates that the signature did not verify
+successfully (that is, tbs did not match the original data or the signature had
+an invalid form), while other values indicate a more serious error (and
+sometimes also indicate an invalid signature form).
 
 The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.

More information about the openssl-commits mailing list