root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
openssl/crypto/evp
History
Ingo Franzki b9ff440dd6 Only report generic error if provider did not put an error on the error queue 
Commit 72351b0d18 added code to unconditionally
put a generic error onto the error stack, if key generation, encryption,
decryption, sign, or verify fails to ensure that there is an error entry
on the error queue, even if the provider did not itself put a specific error
onto the queue.

However, this can hide error details if an application just looks at the very
last error entry and checks for specific errors. Now, the generic error is
always the last entry, and the application won't find the expected error
entry, although it would be there as second last entry. This can lead to
different application behavior in error situations than before this change.

To fix this, only add the generic error entry if the provider did not itself
add an error entry onto the queue. That way, there always is an error on the
error queue in case of a failure, but no behavior change in case the provider
emitted the error entry itself.

Closes: https://github.com/openssl/openssl/issues/27992

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28073)
 		2025-07-30 18:27:08 +02:00
..
asymcipher.c Only report generic error if provider did not put an error on the error queue 2025-07-30 18:27:08 +02:00
bio_b64.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
bio_enc.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
bio_md.c
bio_ok.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
build.info Deprecate ASN1_METH internal usage 2025-07-17 11:25:18 -04:00
c_allc.c
c_alld.c
cmeth_lib.c
ctrl_params_translate.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
dh_ctrl.c
dh_support.c Copyright year updates 2024-09-05 09:35:49 +02:00
digest.c crypto/evp/digest.c: optimize ossl_(un)likely 2025-07-16 13:07:15 -04:00
dsa_ctrl.c
e_aes.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_aes_cbc_hmac_sha1.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_aes_cbc_hmac_sha256.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_aria.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_bf.c
e_camellia.c
e_cast.c
e_chacha20_poly1305.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_des.c
e_des3.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_idea.c
e_null.c
e_old.c
e_rc2.c
e_rc4.c
e_rc4_hmac_md5.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
e_rc5.c
e_seed.c
e_sm4.c
e_xcbc_d.c
ec_ctrl.c
ec_support.c
encode.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
evp_cnf.c
evp_enc.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
evp_err.c crypto/evp: compensate for providers not adding error queue entries for keymgmt, sigver, and asymcipher 2025-05-20 21:19:34 +02:00
evp_fetch.c Copyright year updates 2025-03-12 13:35:59 +00:00
evp_key.c Copyright year updates 2024-04-09 13:43:26 +02:00
evp_lib.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
evp_local.h Copyright year updates 2025-03-12 13:35:59 +00:00
evp_pbe.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
evp_pkey.c Deprecate ASN1_METH internal usage 2025-07-17 11:25:18 -04:00
evp_pkey_type.c evp_pkey_type: Make base_id_conversion table static 2025-07-18 08:57:16 +02:00
evp_rand.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
evp_utils.c
exchange.c Keep the provided peer EVP_PKEY in the EVP_PKEY_CTX too 2025-03-14 09:44:52 +01:00
kdf_lib.c
kdf_meth.c Copyright year updates 2025-03-12 13:35:59 +00:00
kem.c Copyright year updates 2025-03-12 13:35:59 +00:00
keymgmt_lib.c evp: add EVP_PKEY_get_security_category function 2025-05-27 18:01:44 +10:00
keymgmt_meth.c Only report generic error if provider did not put an error on the error queue 2025-07-30 18:27:08 +02:00
legacy_blake2.c
legacy_md2.c
legacy_md4.c
legacy_md5.c
legacy_md5_sha1.c
legacy_mdc2.c
legacy_meth.h
legacy_ripemd.c
legacy_sha.c Fix SHAKE AlgorithmIdentifier encodings 2025-06-10 19:42:00 +02:00
legacy_wp.c
m_null.c
m_sigver.c Only report generic error if provider did not put an error on the error queue 2025-07-30 18:27:08 +02:00
mac_lib.c Copyright year updates 2025-03-12 13:35:59 +00:00
mac_meth.c Copyright year updates 2025-03-12 13:35:59 +00:00
names.c Copyright year updates 2024-09-05 09:35:49 +02:00
p5_crpt.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
p5_crpt2.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
p_dec.c
p_enc.c
p_legacy.c Copyright year updates 2025-03-12 13:35:59 +00:00
p_lib.c Deprecate ASN1_METH internal usage 2025-07-17 11:25:18 -04:00
p_open.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
p_seal.c
p_sign.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
p_verify.c
pbe_scrypt.c
pmeth_check.c
pmeth_gn.c Deprecate ASN1_METH internal usage 2025-07-17 11:25:18 -04:00
pmeth_lib.c libapps + libcrypto: Silence warnings on Win64 builds 2025-07-02 17:26:26 +02:00
s_lib.c EVP_SKEY_get_raw_key => EVP_SKEY_get0_raw_key 2025-02-21 17:58:41 +01:00
signature.c crypto/evp/signature.c: add checks for consistent presence of 'update' and 'final' functions 2025-05-20 21:19:34 +02:00
skeymgmt_meth.c Fix coverity finding 2025-02-20 16:28:22 +01:00