X509_REQ_sign, X509_sign and similar functions return the signature length instead '1' as documented.
Justification: Both function return whatever ASN1_item_sign returns: https://github.com/openssl/openssl/blob/master/crypto/x509/x_all.c#L95 https://github.com/openssl/openssl/blob/master/crypto/x509/x_all.c#L117 And ASN1_item_sign returns the output length: https://github.com/openssl/openssl/blob/master/crypto/asn1/a_sign.c#L321
diff --git a/doc/crypto/X509_sign.pod b/doc/crypto/X509_sign.pod index 55cfd13..0bb777d 100644 --- a/doc/crypto/X509_sign.pod +++ b/doc/crypto/X509_sign.pod @@ -52,8 +52,8 @@ signature and signing will always update the encoding. =head1 RETURN VALUES X509_sign(), X509_sign_ctx(), X509_REQ_sign(), X509_REQ_sign_ctx(), -X509_CRL_sign() and X509_CRL_sign_ctx() return 1 for success and 0 -for failure. +X509_CRL_sign() and X509_CRL_sign_ctx() return the signature length (>0) for +success and 0 for failure. X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
