Skip to content

Fix error queue leak in _detect_private_key on OpenSSL 3.x#205

Draft
toddr-bot wants to merge 1 commit into
cpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-error-queue-leak-public-key
Draft

Fix error queue leak in _detect_private_key on OpenSSL 3.x#205
toddr-bot wants to merge 1 commit into
cpan-authors:mainfrom
toddr-bot:koan.toddr.bot/fix-error-queue-leak-public-key

Conversation

@toddr-bot

@toddr-bot toddr-bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

What

Clear stale OpenSSL errors after public key detection on 3.x, and use the correct EVP_PKEY_PUBLIC_KEY selection for public-only keys in _new_key_from_parameters.

Why

_detect_private_key() calls EVP_PKEY_get_bn_param() to probe for the private exponent d. On public keys this fails and pushes errors onto the OpenSSL error queue — but never clears them. These stale errors can leak into the next croakSsl() call from an unrelated operation, producing a misleading error message.

Separately, _new_key_from_parameters() passes EVP_PKEY_KEYPAIR to EVP_PKEY_fromdata() even when only n and e are provided (public-only key). The correct selection is EVP_PKEY_PUBLIC_KEY, which matches the actual key type and avoids unnecessary error queue pollution.

The _get_key_parameters() function already has an ERR_clear_error() for exactly this pattern (line 1172) — this fix applies the same discipline to _detect_private_key().

How

  • Add ERR_clear_error() after the EVP_PKEY_get_bn_param call in _detect_private_key() on both the found and not-found paths.
  • Use EVP_PKEY_PUBLIC_KEY when d is NULL in the else branch of _new_key_from_parameters().

Testing

All 670 tests pass on OpenSSL 3.5.5. Added 3 tests to error_queue.t covering public key construction from parameters followed by operations that exercise error reporting.


Quality Report

Changes: 2 files changed, 28 insertions(+), 2 deletions(-)

Code scan: clean

Tests: passed (OK)

Branch hygiene: clean

Generated by Kōan

_detect_private_key() calls EVP_PKEY_get_bn_param() to check for the
private exponent d.  On public keys this fails and pushes errors onto
the OpenSSL error queue, but never clears them.  These stale errors
can leak into subsequent croakSsl() calls from unrelated operations,
potentially producing misleading error messages.

Add ERR_clear_error() after the check to keep the queue clean.

Also fix _new_key_from_parameters() to pass EVP_PKEY_PUBLIC_KEY (not
EVP_PKEY_KEYPAIR) when constructing a public-only key from n and e
without d.  This matches the actual key type and avoids unnecessary
error queue pollution from EVP_PKEY_fromdata.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant