Fix incorrect error return in ppc_aes_gcm_cipher_update decrypt path#30452
Closed
Scottcjn wants to merge 1 commit intoopenssl:masterfrom
Closed
Fix incorrect error return in ppc_aes_gcm_cipher_update decrypt path#30452Scottcjn wants to merge 1 commit intoopenssl:masterfrom
Scottcjn wants to merge 1 commit intoopenssl:masterfrom
Conversation
openssl-machine
added
the
hold: cla required
Contributor
Member
|
Please amend the commit message so it contains |
t8m
added
approval: review pending
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes openssl#30380 CLA: trivial
Scottcjn
force-pushed
the
fix/ppc-gcm-decrypt-error-return
branch
from
12be1bc to
dae1e23
Compare
openssl-machine
removed
the
hold: cla required
Contributor
Author
Member
|
|
openssl-machine
added
approval: done
Collaborator
|
This pull request is ready to merge |
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:03:41 2026 (Merged from #30452)
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:04:47 2026 (Merged from #30452)
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:05:52 2026 (Merged from #30452)
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:05:12 2026 (Merged from #30452)
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:05:30 2026 (Merged from #30452)
Contributor
|
Merged to branches 3.3<=. Thank you! |
openssl-machine
pushed a commit
that referenced
this pull request
Mar 18, 2026
ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure. The decrypt pre-alignment path (line 122) incorrectly returned -1 instead of 0 when CRYPTO_gcm128_decrypt() failed. Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1) evaluates to 0 (false) in C, the error was silently swallowed and GCM processing continued with potentially corrupt state. The encrypt path at line 98 correctly returns 0. This was likely a copy-paste error when the decrypt path was added. Fixes #30380 CLA: trivial Reviewed-by: Paul Dale <[email protected]> Reviewed-by: Eugene Syromiatnikov <[email protected]> MergeDate: Wed Mar 18 07:06:12 2026 (Merged from #30452)
Contributor
Author
|
Thank you to @paulidale, @esyr, @jogme, and @t8m for the reviews and merge. This complements #30437 by fixing the decrypt return path in the same AES-GCM code. Appreciate the guidance on the CLA process as well — lesson learned for next time. — Scott Boudreaux, Elyan Labs |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fix incorrect
-1error return in the PPC AES-GCM decrypt pre-alignment path. The function contract is to return1on success and0on failure, but the decrypt path returned-1.Problem
In
ppc_aes_gcm_cipher_update(), the decrypt pre-alignment check at line 122 returns-1whenCRYPTO_gcm128_decrypt()fails:The caller at
ciphercommon_gcm.c:460checksif (!hw->cipherupdate(...)). Since!(-1)evaluates to0(false in C), thegoto errbranch is not taken and GCM processing continues with potentially corrupt state.This is the only
return -1in all GCM cipher implementation files. All five other error returns in the same function correctly return0.Fix
Change
return -1toreturn 0to match the encrypt path and the function's documented contract.Fixes #30380
CLA: Signed (on file from PR #9932 on wolfSSL, also applicable here — OpenSSL CLA was completed for #30437).