Getting some problems with OpenSSL 3.0, I have passwordError function, to check if the last error was due to an invalid password and allow the user to retry.
bool
passwordError()
{
unsigned long error = ERR_peek_error();
unsigned long lib = ERR_GET_LIB(error);
unsigned long reason = ERR_GET_REASON(error);
cerr << "error: " << error << endl;
cerr << "lib: " << lib << endl;
cerr << "reason: " << reason << endl;
ERR_print_errors_fp(stdout);
return (reason == PEM_R_BAD_BASE64_DECODE ||
reason == PEM_R_BAD_DECRYPT ||
reason == PEM_R_BAD_PASSWORD_READ ||
reason == PEM_R_PROBLEMS_GETTING_PASSWORD ||
reason == PKCS12_R_MAC_VERIFY_FAILURE);
}
When I test with an invalid password I get
error: 587686001
lib: 70
reason: 483441
error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
the description seems to match PKCS12_R_MAC_VERIFY_FAILURE but the reason value doesn't
include/openssl/pkcs12err.h
39:# define PKCS12_R_MAC_VERIFY_FAILURE 113
bool
passwordError()
{
unsigned long error = ERR_peek_error();
unsigned long lib = ERR_GET_LIB(error);
unsigned long reason = ERR_GET_REASON(error);
cerr << "error: " << error << endl;
cerr << "lib: " << lib << endl;
cerr << "reason: " << reason << endl;
ERR_print_errors_fp(stdout);
return (reason == PEM_R_BAD_BASE64_DECODE ||
reason == PEM_R_BAD_DECRYPT ||
reason == PEM_R_BAD_PASSWORD_READ ||
reason == PEM_R_PROBLEMS_GETTING_PASSWORD ||
reason == PKCS12_R_MAC_VERIFY_FAILURE);
}
When I test with an invalid password I get
error: 587686001
lib: 70
reason: 483441
error:23076071:PKCS12 routines:PKCS12_parse:mac verify failure
the description seems to match PKCS12_R_MAC_VERIFY_FAILURE but the reason value doesn't
include/openssl/pkcs12err.h
39:# define PKCS12_R_MAC_VERIFY_FAILURE 113
Any ideas what I might be doing wrong here? this worked fine with 1.1.1 before
Cheers,
Jose
