-
Notifications
You must be signed in to change notification settings - Fork 30.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: fix error code handling in ParsePrivateKey()
#42400
crypto: fix error code handling in ParsePrivateKey()
#42400
Conversation
This changes the code to select the latest error code instead of the earliest one from the OpenSSL error stack. It helps in getting rid of the inconsistency between the empty passphrase related error codes of OpenSSL 1.1.1 and 3. Refs: nodejs#42319 (comment) Signed-off-by: Darshan Sen <[email protected]>
Review requested:
|
Is OpenSSL pushing multiple errors during a single API call? Or can we somehow prevent having multiple errors on the stack? |
Yes that's right, the errors are coming from this API call - node/src/crypto/crypto_keys.cc Lines 224 to 227 in 7fdb9d5
opensslErrorStack: [
'error:04800068:PEM routines::bad password read',
'error:07880109:common libcrypto routines::interrupted or cancelled'
] The first error is raised from
node/deps/openssl/openssl/crypto/passphrase.c Line 184 in 7fdb9d5
Is it normal for OpenSSL to push multiple errors on the stack during a single API call?
I don't think that would be possible without making some changes to OpenSSL. |
This changes the code to select the latest error code instead of the
earliest one from the OpenSSL error stack. It helps in getting rid of
the inconsistency between the empty passphrase related error codes of
OpenSSL 1.1.1 and 3.
Refs: #42319 (comment)
Signed-off-by: Darshan Sen [email protected]