[openssl] OpenSSL_1_1_1-stable update

Richard Levitte levitte at openssl.org
Thu Jan 16 16:32:27 UTC 2020 

The branch OpenSSL_1_1_1-stable has been updated
       via  56c59ddd99da05c2f30832cccaffb873a8481555 (commit)
      from  902a97b5869e29175292324ec7c390401c453452 (commit)


- Log -----------------------------------------------------------------
commit 56c59ddd99da05c2f30832cccaffb873a8481555
Author: Richard Levitte <levitte at openssl.org>
Date:   Sun Jan 12 01:05:01 2020 +0100

    Fix documentation of return value for EVP_Digest{Sign,Verify}Init()
    
    They never returned the negative values that the documentation stated.
    
    Reviewed-by: Paul Dale <paul.dale at oracle.com>
    (Merged from https://github.com/openssl/openssl/pull/10847)

-----------------------------------------------------------------------

Summary of changes:
 CHANGES                         | 9 +++++++++
 doc/man3/EVP_DigestSignInit.pod | 4 +---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index 42382fd031..e4d57bb6b5 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,15 @@
 
  Changes between 1.1.1d and 1.1.1e [xx XXX xxxx]
 
+  *) Corrected the documentation of the return values from the EVP_DigestSign*
+     set of functions.  The documentation mentioned negative values for some
+     errors, but this was never the case, so the mention of negative values
+     was removed.
+
+     Code that followed the documentation and thereby check with something
+     like 'EVP_DigestSignInit(...) <= 0' will continue to work undisturbed.
+     [Richard Levitte]
+
   *) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
      used in exponentiation with 512-bit moduli. No EC algorithms are
      affected. Analysis suggests that attacks against 2-prime RSA1024,
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod
index b2b70bfce6..cd159815de 100644
--- a/doc/man3/EVP_DigestSignInit.pod
+++ b/doc/man3/EVP_DigestSignInit.pod
@@ -103,9 +103,7 @@ EVP_DigestSignFinal().
 =head1 RETURN VALUES
 
 EVP_DigestSignInit(), EVP_DigestSignUpdate(), EVP_DigestSignaFinal() and
-EVP_DigestSign() return 1 for success and 0 or a negative value for failure. In
-particular, a return value of -2 indicates the operation is not supported by the
-public key algorithm.
+EVP_DigestSign() return 1 for success and 0 for failure.
 
 The error codes can be obtained from L<ERR_get_error(3)>.

More information about the openssl-commits mailing list