From 5474ea01ccbb75c0e017bd0a7735e0bbb8b14e9f Mon Sep 17 00:00:00 2001
From: tb <>
Date: Tue, 29 Mar 2022 13:48:40 +0000
Subject: Do not zero cofactor on ec_guess_cofactor() success

The cofactor we tried to calculate should only be zeroed if we failed
to compute it.

ok inoguchi jsing
---
 src/lib/libcrypto/ec/ec_lib.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/ec/ec_lib.c b/src/lib/libcrypto/ec/ec_lib.c
index 45df1329ff..455d44a942 100644
--- a/src/lib/libcrypto/ec/ec_lib.c
+++ b/src/lib/libcrypto/ec/ec_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ec_lib.c,v 1.42 2022/03/29 13:44:06 tb Exp $ */
+/* $OpenBSD: ec_lib.c,v 1.43 2022/03/29 13:48:40 tb Exp $ */
 /*
  * Originally written by Bodo Moeller for the OpenSSL project.
  */
@@ -321,10 +321,14 @@ ec_guess_cofactor(EC_GROUP *group)
 		goto err;
 
 	ret = 1;
+
  err:
 	BN_CTX_end(ctx);
 	BN_CTX_free(ctx);
-	BN_zero(&group->cofactor);
+
+	if (ret != 1)
+		BN_zero(&group->cofactor);
+
 	return ret;
 }
 
-- 
cgit v1.2.3-55-g6feb