Alter the check since 0 md size is an error.
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23940)
if (md != NULL) {
mdsize = EVP_MD_get_size(md);
- if (mdsize < 0 || dlen != (size_t)mdsize) {
+ if (mdsize <= 0 || dlen != (size_t)mdsize) {
ERR_raise(ERR_LIB_SSL, SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH);
return 0;
}