dh_cms_set_peerkey(): Fix the incorrect condition

Only absent parameters allowed in RFC 3370. Fixes #25824 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/26058)
2024-11-25 20:46:45 +05:30 · 2024-11-25 20:46:45 +05:30 · 02e72ccffa
commit 02e72ccffa
parent d992e8729e
1 changed files with 1 additions and 1 deletions
--- a/crypto/cms/cms_dh.c
+++ b/crypto/cms/cms_dh.c
@ -35,7 +35,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx,
    if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
        goto err;
    /* Only absent parameters allowed in RFC XXXX */
-    if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL)
+    if (atype != V_ASN1_UNDEF && atype != V_ASN1_NULL)
        goto err;

    pk = EVP_PKEY_CTX_get0_pkey(pctx);