[openssl/openssl] 371914: Fix return values on PKCS7_dataVerfiy
1 view
Skip to first unread message
Neil Horman
Mar 1, 2026, 9:22:37 AM (2 days ago) Mar 1
to openssl...@openssl.org
Branch: refs/heads/master
Home: https://github.com/openssl/openssl
Commit: 3719143af63cb78551d5c68bef12be327bb73454
https://github.com/openssl/openssl/commit/3719143af63cb78551d5c68bef12be327bb73454
Author: Neil Horman <nho...@openssl.org>
Date: 2026-03-01 (Sun, 01 Mar 2026)
Changed paths:
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Fix return values on PKCS7_dataVerfiy
PKCS7_dataVerify returns 1 on success or 0 on failure, just like
PKCS7_verify.
except, if everything else goes right, it returns the value of
PKCS7_signatureVerify, which may be -1, which seems wrong.
Instead, check the retun of PKCS7_signatureVerify within this function
for an error, and make PKCS7_dataVerify return 0 in the event
signatureVerify fails.
This brings us into line with PKCS7_verify behavior
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Sun Mar 1 14:18:14 2026
(Merged from https://github.com/openssl/openssl/pull/30158)
Commit: 3bd54e7b2cc1a8d92b26b395e21a126f37ad6d6f
https://github.com/openssl/openssl/commit/3bd54e7b2cc1a8d92b26b395e21a126f37ad6d6f
Author: Neil Horman <nho...@openssl.org>
Date: 2026-03-01 (Sun, 01 Mar 2026)
Changed paths:
M doc/man3/PKCS7_verify.pod
M util/missingcrypto.txt
Log Message:
-----------
Document PKCS7_dataVerify
Its older, and generally replaced by PKCS7_verify, but its not
deprecated, so we should document it.
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Sun Mar 1 14:18:17 2026
(Merged from https://github.com/openssl/openssl/pull/30158)
Compare: https://github.com/openssl/openssl/compare/cc360d1fa17b...3bd54e7b2cc1
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Home: https://github.com/openssl/openssl
Commit: 3719143af63cb78551d5c68bef12be327bb73454
https://github.com/openssl/openssl/commit/3719143af63cb78551d5c68bef12be327bb73454
Author: Neil Horman <nho...@openssl.org>
Date: 2026-03-01 (Sun, 01 Mar 2026)
Changed paths:
M crypto/pkcs7/pk7_doit.c
Log Message:
-----------
Fix return values on PKCS7_dataVerfiy
PKCS7_dataVerify returns 1 on success or 0 on failure, just like
PKCS7_verify.
except, if everything else goes right, it returns the value of
PKCS7_signatureVerify, which may be -1, which seems wrong.
Instead, check the retun of PKCS7_signatureVerify within this function
for an error, and make PKCS7_dataVerify return 0 in the event
signatureVerify fails.
This brings us into line with PKCS7_verify behavior
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Sun Mar 1 14:18:14 2026
(Merged from https://github.com/openssl/openssl/pull/30158)
Commit: 3bd54e7b2cc1a8d92b26b395e21a126f37ad6d6f
https://github.com/openssl/openssl/commit/3bd54e7b2cc1a8d92b26b395e21a126f37ad6d6f
Author: Neil Horman <nho...@openssl.org>
Date: 2026-03-01 (Sun, 01 Mar 2026)
Changed paths:
M doc/man3/PKCS7_verify.pod
M util/missingcrypto.txt
Log Message:
-----------
Document PKCS7_dataVerify
Its older, and generally replaced by PKCS7_verify, but its not
deprecated, so we should document it.
Reviewed-by: Tim Hudson <t...@openssl.org>
Reviewed-by: Norbert Pocs <norb...@openssl.org>
MergeDate: Sun Mar 1 14:18:17 2026
(Merged from https://github.com/openssl/openssl/pull/30158)
Compare: https://github.com/openssl/openssl/compare/cc360d1fa17b...3bd54e7b2cc1
To unsubscribe from these emails, change your notification settings at https://github.com/openssl/openssl/settings/notifications
Reply all
Reply to author
Forward
0 new messages