From: Peiwei Hu <jlu.hpw@foxmail.com>
Date: Sun, 27 Oct 2024 09:04:15 +0000 (+0800)
Subject: Fix multiple wrong checks of EVP_PKEY_set1_encoded_public_key
X-Git-Tag: openssl-3.5.0-alpha1~891
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1273fae170dd629990a3c65bfd5cf3f7a93c1477;p=thirdparty%2Fopenssl.git

Fix multiple wrong checks of EVP_PKEY_set1_encoded_public_key

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25811)
---

diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c
index 9cee01793a9..6c965bb2884 100644
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@@ -65,7 +65,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     pkpeer = EVP_PKEY_new();
     if (pkpeer == NULL
             || !EVP_PKEY_copy_parameters(pkpeer, pk)
-            || !EVP_PKEY_set1_encoded_public_key(pkpeer, buf, plen))
+            || EVP_PKEY_set1_encoded_public_key(pkpeer, buf, plen) <= 0)
         goto err;
 
     if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c
index a4427d7ee21..6e9962ed6e8 100644
--- a/crypto/cms/cms_ec.c
+++ b/crypto/cms/cms_ec.c
@@ -111,7 +111,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     if (p == NULL || plen == 0)
         goto err;
 
-    if (!EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen))
+    if (EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen) <= 0)
         goto err;
 
     if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0)
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 5d5aa45deee..c6abfd33195 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -3086,7 +3086,7 @@ static int tls_process_cke_dhe(SSL_CONNECTION *s, PACKET *pkt)
         goto err;
     }
 
-    if (!EVP_PKEY_set1_encoded_public_key(ckey, data, i)) {
+    if (EVP_PKEY_set1_encoded_public_key(ckey, data, i) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR);
         goto err;
     }