diff options
| author | Adam Langley <agl@chromium.org> | 2014-07-25 21:06:44 +0400 |
|---|---|---|
| committer | Adam Langley <agl@google.com> | 2014-07-30 01:47:51 +0400 |
| commit | 5129e2d69582c0c54a335eb7e0bc794a02418403 (patch) | |
| tree | 83756c13dae7277532dadb94415d1e4bae7393dc /crypto/ecdsa/ecdsa.c | |
| parent | d82d79dffe59b9282d6eb00c4b2ee93f9fcd2e75 (diff) | |
Align EVP return values with BoringSSL convention.
Where possible, functions should return one for success and zero for
error. The use of additional negative values to indicate an error is,
itself, error prone.
This change fixes many EVP functions to remove the possibility of
negative return values. Existing code that is testing for <= 0 will
continue to function, although there is the possibility that some code
was differentiating between negative values (error) and zero (invalid
signature) for the verify functions and will now show the wrong error
message.
Change-Id: I982512596bb18a82df65861394dbd7487783bd3d
Reviewed-on: https://boringssl-review.googlesource.com/1333
Reviewed-by: Adam Langley <agl@google.com>
Diffstat (limited to 'crypto/ecdsa/ecdsa.c')
| -rw-r--r-- | crypto/ecdsa/ecdsa.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/crypto/ecdsa/ecdsa.c b/crypto/ecdsa/ecdsa.c index 0e8e42f8..067fd6cc 100644 --- a/crypto/ecdsa/ecdsa.c +++ b/crypto/ecdsa/ecdsa.c @@ -73,7 +73,7 @@ int ECDSA_sign(int type, const uint8_t *digest, size_t digest_len, uint8_t *sig, int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len, const uint8_t *sig, size_t sig_len, EC_KEY *eckey) { ECDSA_SIG *s; - int ret = -1; + int ret = 0; if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) { return eckey->ecdsa_meth->verify(digest, digest_len, sig, sig_len, eckey); @@ -127,7 +127,7 @@ ECDSA_SIG *ECDSA_do_sign(const uint8_t *digest, size_t digest_len, int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, const ECDSA_SIG *sig, EC_KEY *eckey) { - int ret = -1; + int ret = 0; BN_CTX *ctx; BIGNUM *order, *u1, *u2, *m, *X; EC_POINT *point = NULL; @@ -136,20 +136,20 @@ int ECDSA_do_verify(const uint8_t *digest, size_t digest_len, if (eckey->ecdsa_meth && eckey->ecdsa_meth->verify) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_NOT_IMPLEMENTED); - return -1; + return 0; } /* check input values */ if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL || (pub_key = EC_KEY_get0_public_key(eckey)) == NULL || sig == NULL) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ECDSA_R_MISSING_PARAMETERS); - return -1; + return 0; } ctx = BN_CTX_new(); if (!ctx) { OPENSSL_PUT_ERROR(ECDSA, ECDSA_do_verify, ERR_R_MALLOC_FAILURE); - return -1; + return 0; } BN_CTX_start(ctx); order = BN_CTX_get(ctx); |