]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d992e87)
dh_cms_set_peerkey(): Fix the incorrect condition
authorShakti Shah <shaktishah33@gmail.com>
Mon, 25 Nov 2024 15:16:45 +0000 (20:46 +0530)
committerTomas Mraz <tomas@openssl.org>
Wed, 11 Dec 2024 17:03:34 +0000 (18:03 +0100)
Only absent parameters allowed in RFC 3370.

Fixes #25824

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26058)

crypto/cms/cms_dh.c patch | blob | blame | history

diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c
index 6c965bb2884fad400554ceaf680c79a6dace5210..b49e5f7f5366e81c255c32b58350bfa1c235d077 100644 (file)
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@@ -35,7 +35,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
         goto err;
     /* Only absent parameters allowed in RFC XXXX */
-    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
+    if (atype != V_ASN1_UNDEF && atype != V_ASN1_NULL)
         goto err;
 
     pk = EVP_PKEY_CTX_get0_pkey(pctx);
Mirror of https://github.com/openssl/openssl.git