Align EVP return values with BoringSSL convention.
Where possible, functions should return one for success and zero for
error. The use of additional negative values to indicate an error is,
itself, error prone.
This change fixes many EVP functions to remove the possibility of
negative return values. Existing code that is testing for <= 0 will
continue to function, although there is the possibility that some code
was differentiating between negative values (error) and zero (invalid
signature) for the verify functions and will now show the wrong error
message.
Change-Id: I982512596bb18a82df65861394dbd7487783bd3d
Reviewed-on: https://boringssl-review.googlesource.com/1333
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/evp/p_ec.c b/crypto/evp/p_ec.c
index 2305e6e..e429f77 100644
--- a/crypto/evp/p_ec.c
+++ b/crypto/evp/p_ec.c
@@ -164,7 +164,7 @@
static int pkey_ec_sign(EVP_PKEY_CTX *ctx, uint8_t *sig, size_t *siglen,
const uint8_t *tbs, size_t tbslen) {
- int ret, type;
+ int type;
unsigned int sltmp;
EC_PKEY_CTX *dctx = ctx->data;
EC_KEY *ec = ctx->pkey->pkey.ec;
@@ -182,10 +182,8 @@
type = EVP_MD_type(dctx->md);
}
- ret = ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec);
-
- if (ret <= 0) {
- return ret;
+ if (!ECDSA_sign(type, tbs, tbslen, sig, &sltmp, ec)) {
+ return 0;
}
*siglen = (size_t)sltmp;
return 1;
@@ -235,7 +233,7 @@
ret = ECDH_compute_key(key, outlen, pubkey, eckey, 0);
if (ret < 0) {
- return ret;
+ return 0;
}
*keylen = ret;
return 1;
