From: tb Date: Wed, 17 Apr 2024 13:57:58 +0000 (+0000) Subject: ecdh_cms_encrypt: handle kdf_md in one go X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=3c2a53d7ab4de1be887d3fe1c5827e2a503fc8df;p=openbsd ecdh_cms_encrypt: handle kdf_md in one go Again the getting and the setting were interrupted by ten lines of completely unrelated code. ok jsing --- diff --git a/lib/libcrypto/ec/ec_ameth.c b/lib/libcrypto/ec/ec_ameth.c index aa18a682346..120d07548cb 100644 --- a/lib/libcrypto/ec/ec_ameth.c +++ b/lib/libcrypto/ec/ec_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_ameth.c,v 1.59 2024/04/17 13:56:36 tb Exp $ */ +/* $OpenBSD: ec_ameth.c,v 1.60 2024/04/17 13:57:58 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -958,8 +958,6 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) goto err; - if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) - goto err; ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); if (ecdh_nid < 0) goto err; @@ -968,6 +966,8 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) else if (ecdh_nid == 1) ecdh_nid = NID_dh_cofactor_kdf; + if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) + goto err; if (kdf_md == NULL) { /* Fixme later for better MD */ kdf_md = EVP_sha1();