Fix incomplete check on EVP_CIPHER_param_to_asn1()

That function is a wrapper around evp_cipher_param_to_asn1_ex() which can return 0 as an error value via its ret <= 0 check [1]. Furthermore, all other callers of this function check against <= 0 instead of < 0 and this is also in line with what the documentation tells us. Fix the incomplete check by changing it to <= 0 as well. CLA: trivial [1] https://github.com/openssl/openssl/blob/114d99b46bfb212ffc510865df317ca2c1542623/crypto/evp/evp_lib.c#L164-L165 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20180) (cherry picked from commit e3663717fc16bd140f54ee7f1600bdced7f9ea66)
author: ndossche <niels.dossche@ugent.be> 2023-01-31 13:20:17 +0100
committer: Pauli <pauli@openssl.org> 2023-02-02 10:14:30 +1100
commit: 63176a011b67da3dbfd40ca4d0e4c060b01d1d78 (patch)
tree: c288868520c3dc30bdd75ca52cfb0b3f92774d9c
parent: b0bd7a28e8b4f6e9c2fcd7524b3803cd2f15e248 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 2a4f9482e8..bde9ac4787 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -330,7 +330,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
                 if (xalg->parameter == NULL)
                     goto err;
             }
-            if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) < 0)
+            if (EVP_CIPHER_param_to_asn1(ctx, xalg->parameter) <= 0)
                 goto err;
         }
author	ndossche <niels.dossche@ugent.be>	2023-01-31 13:20:17 +0100
committer	Pauli <pauli@openssl.org>	2023-02-02 10:14:30 +1100
commit	63176a011b67da3dbfd40ca4d0e4c060b01d1d78 (patch)
tree	c288868520c3dc30bdd75ca52cfb0b3f92774d9c
parent	b0bd7a28e8b4f6e9c2fcd7524b3803cd2f15e248 (diff)