From 7e120a0f3073025d69ed9bcbe3374c54b802f897 Mon Sep 17 00:00:00 2001
From: terrafrost <terrafrost@php.net>
Date: Mon, 19 Nov 2012 21:10:22 -0600
Subject: [PATCH] Make validateSignature() behave more intuitively

---
 phpseclib/File/X509.php | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php
index 008a34f1..08de8341 100644
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@@ -1809,9 +1809,7 @@ class File_X509 {
      * Validate a signature
      *
      * Works on X.509 certs, CSR's and CRL's.
-     * Returns 1 if the signature is verified, 0 if it is not correct or -1 on error
-     *
-     * To know if a signature is valid one should do validateSignature() === 1
+     * Returns true if the signature is verified, false if it is not correct or NULL on error
      *
      * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.
      *
@@ -1861,10 +1859,10 @@ class File_X509 {
                         }
                     }
                     if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
-                        return 0;
+                        return false;
                     }
                 } elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
-                    return 0;
+                    return false;
                 }
                 return $this->_validateSignature(
                     $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@@ -1898,7 +1896,7 @@ class File_X509 {
                     }
                 }
                 if (!isset($signingCert)) {
-                    return 0;
+                    return false;
                 }
                 return $this->_validateSignature(
                     $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
@@ -1908,14 +1906,14 @@ class File_X509 {
                     $this->signatureSubject
                 );
             default:
-                return 0;
+                return false;
         }
     }
 
     /**
      * Validates a signature
      *
-     * Returns 1 if the signature is verified, 0 if it is not correct or -1 on error
+     * Returns true if the signature is verified, false if it is not correct or NULL on error
      *
      * @param String $publicKeyAlgorithm
      * @param String $publicKey
@@ -1947,18 +1945,18 @@ class File_X509 {
                         $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
 
                         if (!@$rsa->verify($signatureSubject, $signature)) {
-                            return 0;
+                            return false;
                         }
                         break;
                     default:
-                        return -1;
+                        return NULL;
                 }
                 break;
             default:
-                return -1;
+                return NULL;
         }
 
-        return 1;
+        return true;
     }
 
     /**