From d08c52f7b1df87a6d0b5aa0f42fdeee3f3c0e6b9 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 30 Jan 2026 13:47:22 +0000
Subject: EVP_SealInit: do not return -1 on error

It is documented that EVP_SealInit() returns 0 on error. So -1 is wrong.

Reported by Niels Dossche

ok jsing kenjiro
---
 src/lib/libcrypto/evp/p_legacy.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/evp/p_legacy.c b/src/lib/libcrypto/evp/p_legacy.c
index b2fa9dda53..521bddaa02 100644
--- a/src/lib/libcrypto/evp/p_legacy.c
+++ b/src/lib/libcrypto/evp/p_legacy.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: p_legacy.c,v 1.8 2026/01/30 13:42:46 tb Exp $ */
+/*	$OpenBSD: p_legacy.c,v 1.9 2026/01/30 13:47:22 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -188,7 +188,7 @@ EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char **ek,
 		ekl[i] = EVP_PKEY_encrypt_old(ek[i], key,
 		    EVP_CIPHER_CTX_key_length(ctx), pubk[i]);
 		if (ekl[i] <= 0)
-			return (-1);
+			return 0;
 	}
 	return (npubk);
 }
-- 
cgit v1.2.3-55-g6feb