diff options
| author | Ben Noordhuis <info@bnoordhuis.nl> | 2020-03-13 12:34:59 +0300 |
|---|---|---|
| committer | Anna Henningsen <anna@addaleax.net> | 2020-03-30 20:18:56 +0300 |
| commit | 2c32e59d8d83caa92155664f3e3fc0687a624c33 (patch) | |
| tree | 623b96465c9cd1048b9bd8c989afbeb5e5d31f9a /src/node_crypto.cc | |
| parent | e2b08f0ea8673642530ebd93c94181e5190e42f7 (diff) | |
crypto: clear openssl error stack after en/decrypt
The publicEncrypt/privateDecrypt/etc. family of functions didn't clear
OpenSSL's error stack on early return.
Notably, trying to use an encrypted key with the wrong passphrase left
an error on the stack that made subsequent encrypt or decrypt operations
fail, even with an unencrypted key.
Fixes: https://github.com/nodejs/node/issues/32240
PR-URL: https://github.com/nodejs/node/pull/32248
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Diffstat (limited to 'src/node_crypto.cc')
| -rw-r--r-- | src/node_crypto.cc | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index c5af0924846..8f673ee6e34 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -5026,6 +5026,7 @@ template <PublicKeyCipher::Operation operation, PublicKeyCipher::EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init, PublicKeyCipher::EVP_PKEY_cipher_t EVP_PKEY_cipher> void PublicKeyCipher::Cipher(const FunctionCallbackInfo<Value>& args) { + MarkPopErrorOnReturn mark_pop_error_on_return; Environment* env = Environment::GetCurrent(args); unsigned int offset = 0; @@ -5056,8 +5057,6 @@ void PublicKeyCipher::Cipher(const FunctionCallbackInfo<Value>& args) { AllocatedBuffer out; - ClearErrorOnReturn clear_error_on_return; - bool r = Cipher<operation, EVP_PKEY_cipher_init, EVP_PKEY_cipher>( env, pkey, |