[openssl-users] EVP_DigestVerifyFinal return code?

Jeffrey Walton noloader at gmail.com
Thu Jan 15 08:41:11 UTC 2015

According to the man pages on EVP_DigestVerifyFinal

    EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for
    success and 0 or a negative value for failure...

I have an unexplained failure in EVP_DigestVerifyInit (i.e., its not
returning 1).

Looking at apps/dgst.c, around line 580:

        EVP_MD_CTX *ctx;
        BIO_get_md_ctx(bp, &ctx);
        i = EVP_DigestVerifyFinal(ctx, sigin, (unsigned int)siglen);
        if(i > 0)
            BIO_printf(out, "Verified OK\n");
        else if(i == 0)
            BIO_printf(out, "Verification Failure\n");
            return 1;
            BIO_printf(bio_err, "Error Verifying Data\n");
            return 1;
        return 0;

So does EVP_DigestVerifyInit return 1 on success, or does it return
something else? If its 1, then digst.c is wrong. If its something else
(like >0), then the docs are wrong.

Is anyone familiar with this function who can comment?

More information about the openssl-users mailing list