From c5aa719502f1ef456b27347e5f7b15c07817da4e Mon Sep 17 00:00:00 2001
From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Thu, 18 May 2023 15:38:56 +0200
Subject: [PATCH] If oaep_md is not initialized, correctly initialize it

Fixes #20993

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20994)
---
 providers/implementations/asymciphers/rsa_enc.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
index 884c032d211..be795251007 100644
--- a/providers/implementations/asymciphers/rsa_enc.c
+++ b/providers/implementations/asymciphers/rsa_enc.c
@@ -162,10 +162,12 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
         if ((tbuf = OPENSSL_malloc(rsasize)) == NULL)
             return 0;
         if (prsactx->oaep_md == NULL) {
-            OPENSSL_free(tbuf);
             prsactx->oaep_md = EVP_MD_fetch(prsactx->libctx, "SHA-1", NULL);
-            ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
-            return 0;
+            if (prsactx->oaep_md == NULL) {
+                OPENSSL_free(tbuf);
+                ERR_raise(ERR_LIB_PROV, ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
         }
         ret =
             ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf,
-- 
2.47.2