Commit 86ff6cc6 authored by Nicola Tuveri's avatar Nicola Tuveri Committed by Rich Salz
Browse files

Handle "int_ctx_new:unsupported algorithm" error 



Calling EVP_PKEY_CTX_new_id(curve_NID, NULL) causes an error for most
curves that are implemented through the EC low-level API, and in the
last commit we call it for every curve to avoid treating X25519 as a
special case.

Last commit code already handles correctly this failure, but does not
remove these events from the thread error queue, thus some
false-positive warnings are printed at the end of execution.

This commit ensures that the error queue is clean, without flushing
other errors.

Reviewed-by: default avatarRichard Levitte <levitte@openssl.org>
Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1658)
parent b756d694

apps/speed.c

+26 −0
Original line number Diff line number Diff line
@@ -2578,6 +2578,13 @@ int speed_main(int argc, char **argv) 
            size_t outlen;

            size_t test_outlen;



            /* Ensure that the error queue is empty */

            if (ERR_peek_error()) {

                BIO_printf(bio_err,

                           "WARNING: the error queue contains previous unhandled errors.\n");

                ERR_print_errors(bio_err);

            }



            /* Let's try to create a ctx directly from the NID: this works for

             * curves like Curve25519 that are not implemented through the low

             * level EC interface.
@@ -2589,6 +2596,25 @@ int speed_main(int argc, char **argv) 
                EVP_PKEY_CTX *pctx = NULL;

                EVP_PKEY *params = NULL;



                /* If we reach this code EVP_PKEY_CTX_new_id() failed and a

                 * "int_ctx_new:unsupported algorithm" error was added to the

                 * error queue.

                 * We remove it from the error queue as we are handling it. */

                unsigned long error = ERR_peek_error(); /* peek the latest error in the queue */

                if (error == ERR_peek_last_error() && /* oldest and latest errors match */

                    /* check that the error origin matches */

                    ERR_GET_LIB(error) == ERR_LIB_EVP &&

                    ERR_GET_FUNC(error) == EVP_F_INT_CTX_NEW &&

                    ERR_GET_REASON(error) == EVP_R_UNSUPPORTED_ALGORITHM)

                    ERR_get_error(); /* pop error from queue */

                if (ERR_peek_error()) {

                    BIO_printf(bio_err,

                               "Unhandled error in the error queue during ECDH init.\n");

                    ERR_print_errors(bio_err);

                    rsa_count = 1;

                    break;

                }



                if (            /* Create the context for parameter generation */

                       !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ||

                       /* Initialise the parameter generation */