Commit f56a9fa69d for openssl.org

commit f56a9fa69db773cfdf9af68e5b8a65067b015077
Author: Scott <scott@elyanlabs.ai>
Date:   Mon Mar 16 12:30:50 2026 -0500

    Fix incorrect error return in ppc_aes_gcm_cipher_update decrypt path

    ppc_aes_gcm_cipher_update() returns 1 on success and 0 on failure.
    The decrypt pre-alignment path (line 122) incorrectly returned -1
    instead of 0 when CRYPTO_gcm128_decrypt() failed.

    Since the caller checks `if (!hw->cipherupdate(...))`, and !(-1)
    evaluates to 0 (false) in C, the error was silently swallowed and
    GCM processing continued with potentially corrupt state.

    The encrypt path at line 98 correctly returns 0. This was likely a
    copy-paste error when the decrypt path was added.

    Fixes #30380

    CLA: trivial

    Reviewed-by: Paul Dale <paul.dale@oracle.com>
    Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
    MergeDate: Wed Mar 18 07:03:41 2026
    (Merged from https://github.com/openssl/openssl/pull/30452)

diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
index 9383ec0812..6279629e50 100644
--- a/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
+++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc
@@ -119,7 +119,7 @@ static int ppc_aes_gcm_cipher_update(PROV_GCM_CTX *ctx, const unsigned char *in,
                 size_t res = (16 - ctx->gcm.mres) % 16;

                 if (CRYPTO_gcm128_decrypt(&ctx->gcm, in, out, res))
-                    return -1;
+                    return 0;

                 bulk = ppc_aes_gcm_crypt(in + res, out + res, len - res,
                                          ctx->gcm.key,