On 5 December 2013 19:34, Dave Thompson <dthomp...@prinpay.com> wrote: >> Well looking at the code where this error is raised: >> >> /* XXX: surely this is wrong - if ret is 0, it just didn't verify; >> there is no error in BN. Test should be ret == -1 (Ben) */ >> if (ret != 1) DSAerr(DSA_F_DSA_DO_VERIFY,ERR_R_BN_LIB); >> >> Reading the code suggests there is a bug in OpenSSL - helpfully >> pointed out in a comment!! :-) >> >> This looks like not an error at all. Just a verify failure. >> > You're right! I focused on the 'goto err's but managed to miss that.
I have submitted a patch to fix this. Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org