crypto: fix EVPKeyCtxPointer::publicCheck()

tniessen · panva · commit 5ca7c87764e3 · 2025-08-18T12:55:06.000+02:00
Commit 206ebeb added an additional call to EVP_PKEY_public_check and an unconditional return from publicCheck(). This prevents the control flow from reaching the original call to either EVP_PKEY_public_check or EVP_PKEY_public_check_quick. This change restores the previous behavior, which calls EVP_PKEY_public_check_quick instead, if possible. Refs: nodejs#56812 PR-URL: nodejs#59471 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
diff --git a/deps/ncrypto/ncrypto.cc b/deps/ncrypto/ncrypto.cc
@@ -3744,7 +3744,6 @@ EVPKeyPointer EVPKeyCtxPointer::paramgen() const {
 bool EVPKeyCtxPointer::publicCheck() const {
   if (!ctx_) return false;
 #ifndef OPENSSL_IS_BORINGSSL
-  return EVP_PKEY_public_check(ctx_.get()) == 1;
 #if OPENSSL_VERSION_MAJOR >= 3
   return EVP_PKEY_public_check_quick(ctx_.get()) == 1;
 #else
