[openssl.org #2618] PATCH - Wrong exit code for pkeyutl -verify

Fri, 30 Sep 2011 01:26:04 -0700 

When the pkeyutl application is using the -verify option it always exits with a 
value indicating an error even when verifying successfully. Please find below a 
patch that addresses this issue. It also modifies a message that is confusing 
when dealing with private keys.
(The line numbers for this patch may vary due to another patch on this file.)

Best Regards
Nick

--------


diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 7eb3f5c..6894e25 100755
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -62,6 +62,10 @@
 #include <openssl/pem.h>
 #include <openssl/evp.h>

+#define RET_OK         0
+#define RET_ERROR      1
+#define RET_REJECTED   2
+
 #define KEY_PRIVKEY    1
 #define KEY_PUBKEY     2
 #define KEY_CERT       3
@@ -102,7 +107,7 @@ int MAIN(int argc, char **argv)
        size_t buf_outlen;
        int buf_inlen = 0, siglen = -1;

-       int ret = 1, rv = -1;
+       int ret = RET_ERROR, rv = -1;

        argc--;
        argv++;
@@ -332,9 +330,15 @@ int MAIN(int argc, char **argv)
                rv  = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
                                      buf_in, (size_t)buf_inlen);
                if (rv == 0)
+                       {
                        BIO_puts(out, "Signature Verification Failure\n");
+                       ret = RET_REJECTED;
+                       }
                else if (rv == 1)
+                       {
                        BIO_puts(out, "Signature Verified Successfully\n");
+                       ret = RET_OK;
+                       }
                if (rv >= 0)
                        goto end;
                }
@@ -356,11 +360,11 @@ int MAIN(int argc, char **argv)

        if(rv <= 0)
                {
-               BIO_printf(bio_err, "Public Key operation error\n");
+               BIO_printf(bio_err, "Public Key Utility - operation error\n");
                ERR_print_errors(bio_err);
                goto end;
                }
-       ret = 0;
+       ret = RET_OK;
        if(asn1parse)
                {
                if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))

--

The details of this company are as follows:
G4S Technology Limited, Registered Office: Challenge House, International 
Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338.

This communication may contain information which is confidential, personal 
and/or privileged.

It is for the exclusive use of the intended recipient(s).
If you are not the intended recipient(s), please note that any distribution, 
forwarding, copying or use of this communication or the information in it is 
strictly prohibited.

Any personal views expressed in this e-mail are those of the individual sender 
and the company does not endorse or accept responsibility for them.

Prior to taking any action based upon this e-mail message, you should seek 
appropriate confirmation of its authenticity.

This e-mail has been scanned for all viruses by MessageLabs.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to