Align EVP return values with BoringSSL convention.
Where possible, functions should return one for success and zero for
error. The use of additional negative values to indicate an error is,
itself, error prone.
This change fixes many EVP functions to remove the possibility of
negative return values. Existing code that is testing for <= 0 will
continue to function, although there is the possibility that some code
was differentiating between negative values (error) and zero (invalid
signature) for the verify functions and will now show the wrong error
message.
Change-Id: I982512596bb18a82df65861394dbd7487783bd3d
Reviewed-on: https://boringssl-review.googlesource.com/1333
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ecdsa.h b/include/openssl/ecdsa.h
index 8a74ecb..a2436f1 100644
--- a/include/openssl/ecdsa.h
+++ b/include/openssl/ecdsa.h
@@ -78,12 +78,8 @@
/* ECDSA_verify verifies that |sig_len| bytes from |sig| constitute a valid
* signature by |key| of |digest|. (The |type| argument should be zero.) It
- * returns one on success, zero if the signature is invalid and -1 on error.
- *
- * DANGER: this function differs from the usual OpenSSL return value
- * convention.
- *
- * TODO(fork): change this to return the usual 0/1. */
+ * returns one on success or zero if the signature is invalid or an error
+ * occured. */
int ECDSA_verify(int type, const uint8_t *digest, size_t digest_len,
const uint8_t *sig, size_t sig_len, EC_KEY *key);
@@ -116,12 +112,9 @@
EC_KEY *key);
/* ECDSA_verify verifies that |sig| constitutes a valid signature by |key| of
- * |digest|. It returns one on success, zero if the signature is invalid and -1
+ * |digest|. It returns one on success or zero if the signature is invalid or
* on error.
*
- * DANGER: this function differs from the usual OpenSSL return value
- * convention.
- *
* TODO(fork): remove this function. */
int ECDSA_do_verify(const uint8_t *digest, size_t digest_len,
const ECDSA_SIG *sig, EC_KEY *key);
