Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #19819)
openssl · Dec 5, 2022 · b794476 · b794476
1 parent 4c3fadf
commit b794476
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
@@ -653,7 +653,7 @@ X509
     cikeysize = EVP_CIPHER_get_key_length(cipher);
     /* first the symmetric key needs to be decrypted */
     pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
-    if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) {
+    if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx) > 0) {
         ASN1_BIT_STRING *encKey = ecert->encSymmKey;
         size_t failure;
         int retval;

diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c
@@ -2040,7 +2040,7 @@ static int test_EVP_SM2(void)
                                         sizeof(kMsg))))
             goto done;
 
-        if (!TEST_true(EVP_PKEY_decrypt_init(cctx)))
+        if (!TEST_int_gt(EVP_PKEY_decrypt_init(cctx), 0))
             goto done;
 
         if (!TEST_true(EVP_PKEY_CTX_set_params(cctx, sparams)))