dh_cms_set_peerkey(): Fix the incorrect condition

Only absent parameters allowed in RFC 3370. Fixes #25824 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26058)
author: Shakti Shah <shaktishah33@gmail.com> 2024-11-25 16:16:45 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-12-11 18:03:34 +0100
commit: 02e72ccffacf2d01295810798ca1c86a438ee712 (patch)
tree: 4459139a8f125154cf96fddb9778fc5a2484d6ef
parent: Add function to mix in an additional input into a RAND_POOL (diff)
download: openssl-02e72ccffacf2d01295810798ca1c86a438ee712.tar.xz
openssl-02e72ccffacf2d01295810798ca1c86a438ee712.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c
index 6c965bb288..b49e5f7f53 100644
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@@ -35,7 +35,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
     if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
         goto err;
     /* Only absent parameters allowed in RFC XXXX */
-    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
+    if (atype != V_ASN1_UNDEF && atype != V_ASN1_NULL)
         goto err;
 
     pk = EVP_PKEY_CTX_get0_pkey(pctx);
author	Shakti Shah <shaktishah33@gmail.com>	2024-11-25 16:16:45 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-12-11 18:03:34 +0100
commit	02e72ccffacf2d01295810798ca1c86a438ee712 (patch)
tree	4459139a8f125154cf96fddb9778fc5a2484d6ef
parent	Add function to mix in an additional input into a RAND_POOL (diff)
download	openssl-02e72ccffacf2d01295810798ca1c86a438ee712.tar.xz openssl-02e72ccffacf2d01295810798ca1c86a438ee712.zip