From 0c49ecc49576550165ee01419434145125428980 Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Wed, 18 Oct 2023 07:24:15 +0000
Subject: [PATCH] cms_DigestedData_create() use X509_ALGOR_set_evp_md()

Our internal version allows for error checking and this avoids a silent
failure leading to corruption later on.

Clean up includes while there.

ok jsing
---
 lib/libcrypto/cms/cms_dd.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/lib/libcrypto/cms/cms_dd.c b/lib/libcrypto/cms/cms_dd.c
index a08fccc2a7e..b6992b87743 100644
--- a/lib/libcrypto/cms/cms_dd.c
+++ b/lib/libcrypto/cms/cms_dd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms_dd.c,v 1.15 2022/11/26 16:08:51 tb Exp $ */
+/* $OpenBSD: cms_dd.c,v 1.16 2023/10/18 07:24:15 tb Exp $ */
 /*
  * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
@@ -54,13 +54,14 @@
 
 #include <string.h>
 
-#include "cryptlib.h"
-#include <openssl/asn1t.h>
-#include <openssl/pem.h>
-#include <openssl/x509v3.h>
+#include <openssl/asn1.h>
 #include <openssl/err.h>
+#include <openssl/evp.h>
 #include <openssl/cms.h>
+#include <openssl/objects.h>
+
 #include "cms_local.h"
+#include "x509_local.h"
 
 /* CMS DigestedData Utilities */
 
@@ -85,7 +86,8 @@ cms_DigestedData_create(const EVP_MD *md)
 	dd->version = 0;
 	dd->encapContentInfo->eContentType = OBJ_nid2obj(NID_pkcs7_data);
 
-	X509_ALGOR_set_md(dd->digestAlgorithm, md);
+	if (!X509_ALGOR_set_evp_md(dd->digestAlgorithm, md))
+		goto err;
 
 	return cms;
 
-- 
2.20.1