rsa_cms_verify: Avoid negative return with missing pss parameters

Fixes #15984 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15985)
author: Tomas Mraz <tomas@openssl.org> 2021-07-02 15:29:13 +0200
committer: Pauli <pauli@openssl.org> 2021-07-06 10:08:08 +1000
commit: 643ce3108f88751c44348335bed91e475d50677d (patch)
tree: 3e839e26e3ccbbaaf26ee7cc02e590f37b3c9f92 /crypto/cms
parent: 0a02c81f8173e0c5d554bd16daa68b7594f4cbd8 (diff)
download: openssl-new-643ce3108f88751c44348335bed91e475d50677d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c
index b9e895aed4..20ed816918 100644
--- a/crypto/cms/cms_rsa.c
+++ b/crypto/cms/cms_rsa.c
@@ -222,7 +222,7 @@ static int rsa_cms_verify(CMS_SignerInfo *si)
     CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg);
     nid = OBJ_obj2nid(alg->algorithm);
     if (nid == EVP_PKEY_RSA_PSS)
-        return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL);
+        return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL) > 0;
     /* Only PSS allowed for PSS keys */
     if (EVP_PKEY_is_a(pkey, "RSA-PSS")) {
         ERR_raise(ERR_LIB_RSA, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE);
author	Tomas Mraz <tomas@openssl.org>	2021-07-02 15:29:13 +0200
committer	Pauli <pauli@openssl.org>	2021-07-06 10:08:08 +1000
commit	643ce3108f88751c44348335bed91e475d50677d (patch)
tree	3e839e26e3ccbbaaf26ee7cc02e590f37b3c9f92 /crypto/cms
parent	0a02c81f8173e0c5d554bd16daa68b7594f4cbd8 (diff)
download	openssl-new-643ce3108f88751c44348335bed91e475d50677d.tar.gz