From 6d774732517f1d63b7999c5691fc0bf046023faf Mon Sep 17 00:00:00 2001
From: Peiwei Hu <jlu.hpw@foxmail.com>
Date: Sun, 14 Nov 2021 16:39:42 +0800
Subject: EVP_Cipher: fix the incomplete return check

Signed-off-by: Peiwei Hu <jlu.hpw@foxmail.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17027)
---
 crypto/cmac/cmac.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/cmac')

diff --git a/crypto/cmac/cmac.c b/crypto/cmac/cmac.c
index 18c7fea3dd..218eb94259 100644
--- a/crypto/cmac/cmac.c
+++ b/crypto/cmac/cmac.c
@@ -227,7 +227,7 @@ int CMAC_Final(CMAC_CTX *ctx, unsigned char *out, size_t *poutlen)
         for (i = 0; i < bl; i++)
             out[i] = ctx->last_block[i] ^ ctx->k2[i];
     }
-    if (!EVP_Cipher(ctx->cctx, out, out, bl)) {
+    if (EVP_Cipher(ctx->cctx, out, out, bl) <= 0) {
         OPENSSL_cleanse(out, bl);
         return 0;
     }
-- 
cgit v1.2.3