From: Pauli <ppzgs1@gmail.com>
Date: Wed, 4 Jun 2025 23:57:13 +0000 (+1000)
Subject: rand: produce correct return from EVP_RAND_nonce
X-Git-Tag: openssl-3.0.17~18
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a6b25b35706f092c40faf0e4d00a888e68f58c6f;p=thirdparty%2Fopenssl.git

rand: produce correct return from EVP_RAND_nonce

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27767)
---

diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index c36dbdc56c7..1e97b1359ff 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -634,10 +634,8 @@ static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
 {
     unsigned int str = evp_rand_strength_locked(ctx);
 
-    if (ctx->meth->nonce == NULL)
-        return 0;
-    if (ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen))
-        return 1;
+    if (ctx->meth->nonce != NULL)
+        return ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen) > 0;
     return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
 }