git.ipfire.org Git - thirdparty/openssl.git/commit

author	Ingo Franzki <ifranzki@linux.ibm.com>
	Tue, 22 Jul 2025 13:09:27 +0000 (15:09 +0200)
committer	Tomas Mraz <tomas@openssl.org>
	Wed, 30 Jul 2025 16:27:08 +0000 (18:27 +0200)
commit	b9ff440dd613e0c65527ef7eaf565f618979ecce
tree	b219212edc7d892b4e05e2f2f73a021d74b8f1cc	tree
parent	f77fafd16e92699544466556d368ed7722f49dd8	commit \| diff

Only report generic error if provider did not put an error on the error queue

Commit 72351b0d18078170af270418b2d5e9fc579cb1af added code to unconditionally
put a generic error onto the error stack, if key generation, encryption,
decryption, sign, or verify fails to ensure that there is an error entry
on the error queue, even if the provider did not itself put a specific error
onto the queue.

However, this can hide error details if an application just looks at the very
last error entry and checks for specific errors. Now, the generic error is
always the last entry, and the application won't find the expected error
entry, although it would be there as second last entry. This can lead to
different application behavior in error situations than before this change.

To fix this, only add the generic error entry if the provider did not itself
add an error entry onto the queue. That way, there always is an error on the
error queue in case of a failure, but no behavior change in case the provider
emitted the error entry itself.

Closes: https://github.com/openssl/openssl/issues/27992
Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28073)

crypto/evp/asymcipher.c		diff \| blob \| blame \| history
crypto/evp/keymgmt_meth.c		diff \| blob \| blame \| history
crypto/evp/m_sigver.c		diff \| blob \| blame \| history