From b794476df71441a6d30740ab9fadcc0f6d18d3d6 Mon Sep 17 00:00:00 2001
From: Peiwei Hu <jlu.hpw@foxmail.com>
Date: Fri, 2 Dec 2022 16:33:02 +0800
Subject: Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19819)
---
 crypto/crmf/crmf_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'crypto/crmf')

diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c
index 13d8cf19c3..4e90cbe02c 100644
--- a/crypto/crmf/crmf_lib.c
+++ b/crypto/crmf/crmf_lib.c
@@ -653,7 +653,7 @@ X509
     cikeysize = EVP_CIPHER_get_key_length(cipher);
     /* first the symmetric key needs to be decrypted */
     pkctx = EVP_PKEY_CTX_new_from_pkey(libctx, pkey, propq);
-    if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx)) {
+    if (pkctx != NULL && EVP_PKEY_decrypt_init(pkctx) > 0) {
         ASN1_BIT_STRING *encKey = ecert->encSymmKey;
         size_t failure;
         int retval;
-- 
cgit v1.2.3