summaryrefslogtreecommitdiffstats
path: root/providers/implementations/encode_decode/decode_der2key.c
diff options
context:
space:
mode:
Diffstat (limited to 'providers/implementations/encode_decode/decode_der2key.c')
-rw-r--r--providers/implementations/encode_decode/decode_der2key.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c
index 09601fc335..c8a467fb5b 100644
--- a/providers/implementations/encode_decode/decode_der2key.c
+++ b/providers/implementations/encode_decode/decode_der2key.c
@@ -260,6 +260,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
EVP_PKEY *pkey = NULL;
void *key = NULL;
int orig_selection = selection;
+ int dec_err;
int ok = 0;
/*
@@ -319,8 +320,13 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, int selection,
der = new_der;
der_len = new_der_len;
}
- RESET_ERR_MARK();
+ /* decryption errors are fatal and should be reported */
+ dec_err = ERR_peek_last_error();
+ if (ERR_GET_LIB(dec_err) == ERR_LIB_PROV
+ && ERR_GET_REASON(dec_err) == PROV_R_BAD_DECRYPT)
+ goto end;
+ RESET_ERR_MARK();
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
derp = der;
pkey = evp_privatekey_from_binary(ctx->desc->evp_type, NULL,
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-23 11:08:58 +0000