Distinguish between verification errors and "other" errors.

author: Steven Fackler <[email protected]> 2016-10-15 12:31:06 -0700
committer: Steven Fackler <[email protected]> 2016-10-15 12:31:06 -0700
commit: 4d567358a1c64aebfcff6128f8d175cfce4e15dc (patch)
tree: 6ca21c51a8c04630b2ad18d9e4f3a4031fa0a1a7 /openssl/src
parent: Fix signature of EVP_DigestVerifyFinal on 1.0.1 (diff)
download: rust-openssl-4d567358a1c64aebfcff6128f8d175cfce4e15dc.tar.xz
rust-openssl-4d567358a1c64aebfcff6128f8d175cfce4e15dc.zip
1 files changed, 15 insertions, 8 deletions
diff --git a/openssl/src/crypto/sign.rs b/openssl/src/crypto/sign.rs
index db3be9fa..78cc62ab 100644
--- a/openssl/src/crypto/sign.rs
+++ b/openssl/src/crypto/sign.rs
@@ -110,12 +110,19 @@ impl<'a> Verifier<'a> {
         }
     }
 
-    pub fn finish(&self, signature: &[u8]) -> Result<(), ErrorStack> {
+    pub fn finish(&self, signature: &[u8]) -> Result<bool, ErrorStack> {
         unsafe {
-            try_ssl_if!(ffi::EVP_DigestVerifyFinal(self.0,
-                                                   signature.as_ptr() as *const _ as _,
-                                                   signature.len()) != 1);
-            Ok(())
+            let r = ffi::EVP_DigestVerifyFinal(self.0,
+                                               signature.as_ptr() as *const _ as _,
+                                               signature.len());
+            match r {
+                1 => Ok(true),
+                0 => {
+                    ErrorStack::get(); // discard error stack
+                    Ok(false)
+                }
+                _ => Err(ErrorStack::get()),
+            }
         }
     }
 }
@@ -186,11 +193,11 @@ mod test {
 
         let mut verifier = Verifier::new(Type::SHA256, &pkey).unwrap();
         verifier.update(INPUT).unwrap();
-        verifier.finish(SIGNATURE).unwrap();
+        assert!(verifier.finish(SIGNATURE).unwrap());
     }
 
     #[test]
-    fn test_verify_err() {
+    fn test_verify_invalid() {
         let key = include_bytes!("../../test/rsa.pem");
         let private_key = RSA::private_key_from_pem(key).unwrap();
         let pkey = PKey::from_rsa(private_key).unwrap();
@@ -198,7 +205,7 @@ mod test {
         let mut verifier = Verifier::new(Type::SHA256, &pkey).unwrap();
         verifier.update(INPUT).unwrap();
         verifier.update(b"foobar").unwrap();
-        assert!(verifier.finish(SIGNATURE).is_err());
+        assert!(!verifier.finish(SIGNATURE).unwrap());
     }
 
     fn test_hmac(ty: Type, tests: &[(Vec<u8>, Vec<u8>, Vec<u8>)]) {
author	Steven Fackler <[email protected]>	2016-10-15 12:31:06 -0700
committer	Steven Fackler <[email protected]>	2016-10-15 12:31:06 -0700
commit	4d567358a1c64aebfcff6128f8d175cfce4e15dc (patch)
tree	6ca21c51a8c04630b2ad18d9e4f3a4031fa0a1a7 /openssl/src
parent	Fix signature of EVP_DigestVerifyFinal on 1.0.1 (diff)
download	rust-openssl-4d567358a1c64aebfcff6128f8d175cfce4e15dc.tar.xz rust-openssl-4d567358a1c64aebfcff6128f8d175cfce4e15dc.zip