From df7fe5d6cc7a9e6dbe8689e6cfee82bdadb7dbe4 Mon Sep 17 00:00:00 2001
From: inoguchi <>
Date: Thu, 20 Jan 2022 10:58:35 +0000
Subject: Add check for EVP_CIPHER_CTX_set_key_length return value

It returns 1 on success and 0 for failure, never negative value.

ok jsing@ millert@ tb@
---
 src/lib/libcrypto/cms/cms_enc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/cms/cms_enc.c b/src/lib/libcrypto/cms/cms_enc.c
index fd2df99c6c..ccbb6a5deb 100644
--- a/src/lib/libcrypto/cms/cms_enc.c
+++ b/src/lib/libcrypto/cms/cms_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_enc.c,v 1.20 2019/08/11 11:04:18 jsing Exp $ */
+/* $OpenBSD: cms_enc.c,v 1.21 2022/01/20 10:58:35 inoguchi Exp $ */
 /*
  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
@@ -151,7 +151,7 @@ cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 
 	if (ec->keylen != tkeylen) {
 		/* If necessary set key length */
-		if (EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen) <= 0) {
+		if (!EVP_CIPHER_CTX_set_key_length(ctx, ec->keylen)) {
 			/*
 			 * Only reveal failure if debugging so we don't leak information
 			 * which may be useful in MMA.
-- 
cgit v1.2.3-55-g6feb