git.openssl.org Git - openssl.git/commit

author	Richard Levitte <levitte@openssl.org>
	Mon, 12 Apr 2021 10:11:07 +0000 (12:11 +0200)
committer	Richard Levitte <levitte@openssl.org>
	Wed, 21 Apr 2021 08:53:03 +0000 (10:53 +0200)
commit	f99659535d180f15cd19c63cb53392c256e35534
tree	5e435ea7e73a4e4421b07b93e9635380499e31fd	tree \| snapshot
parent	a2502862f679c82b794869ac88ed0d8ca7bc291c	commit \| diff

ENCODER & DECODER: Allow decoder implementations to specify "carry on"

So far, decoder implementations would return true (1) for a successful
decode all the way, including what the callback it called returned,
and false (0) in all other cases.

This construction didn't allow to stop to decoding process on fatal
errors, nor to choose what to report in the provider code.

This is now changed so that decoders implementations are made to
return false only on errors that should stop the decoding process from
carrying on with other implementations, and return true for all other
cases, even if that didn't result in a constructed object (EVP_PKEY
for example), essentially making it OK to return "empty handed".

The success of the decoding process is now all about successfully
constructing the final object, rather than about the return value of
the decoding chain. If no construction is attempted, the central
decoding processing code concludes that whatever the input consisted
of, it's not supported by the available decoder implementations.

Fixes #14423

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14834)

crypto/encode_decode/decoder_err.c		diff \| blob \| history
crypto/encode_decode/decoder_lib.c		diff \| blob \| history
crypto/err/openssl.txt		diff \| blob \| history
doc/man7/provider-decoder.pod		diff \| blob \| history
include/crypto/decodererr.h		diff \| blob \| history
include/openssl/decodererr.h		diff \| blob \| history