Fix checking return code of EVP_PKEY_get_int_param at check_curve

According to docs, EVP_PKEY_get_int_param should return 1 on Success, and
0 on Failure. So, fix checking of this return value at check_curve

CLA: trivial

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20770)

(cherry picked from commit 4e5f3d691343a691ddae739c51f7ae71e9893c98)

diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index a0282c3ef121c7aa51928cea1ddcc6d2353c2462..b6e9ee2c45e25cd2a0947ab02f78dbd29baff643 100644 (file)
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -3421,7 +3421,7 @@ static int check_curve(X509 *cert)
         ret = EVP_PKEY_get_int_param(pkey,
                                      OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS,
                                      &val);
-        return ret < 0 ? ret : !val;
+        return ret == 1 ? !val : -1;
     }
 
     return 1;