From 3c2a53d7ab4de1be887d3fe1c5827e2a503fc8df Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 17 Apr 2024 13:57:58 +0000 Subject: [PATCH] ecdh_cms_encrypt: handle kdf_md in one go Again the getting and the setting were interrupted by ten lines of completely unrelated code. ok jsing --- lib/libcrypto/ec/ec_ameth.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/libcrypto/ec/ec_ameth.c b/lib/libcrypto/ec/ec_ameth.c index aa18a682346..120d07548cb 100644 --- a/lib/libcrypto/ec/ec_ameth.c +++ b/lib/libcrypto/ec/ec_ameth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_ameth.c,v 1.59 2024/04/17 13:56:36 tb Exp $ */ +/* $OpenBSD: ec_ameth.c,v 1.60 2024/04/17 13:57:58 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006. */ @@ -958,8 +958,6 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) goto err; - if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) - goto err; ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); if (ecdh_nid < 0) goto err; @@ -968,6 +966,8 @@ ecdh_cms_encrypt(CMS_RecipientInfo *ri) else if (ecdh_nid == 1) ecdh_nid = NID_dh_cofactor_kdf; + if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) + goto err; if (kdf_md == NULL) { /* Fixme later for better MD */ kdf_md = EVP_sha1(); -- 2.20.1