Correct spelling of OPENSSL_cleanse.

ok miod@

6 files changed, 26 insertions, 25 deletions

diff --git a/src/lib/libcrypto/pem/pem_info.c b/src/lib/libcrypto/pem/pem_info.c
index 6fe72ce742..191e3b5b10 100644
--- a/src/lib/libcrypto/pem/pem_info.c
+++ b/src/lib/libcrypto/pem/pem_info.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem_info.c,v 1.20 2015/02/10 09:52:35 miod Exp $ */
+/* $OpenBSD: pem_info.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -400,7 +400,7 @@ PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
         ret = 1;
 
 err:
-        OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
-        OPENSSL_cleanse(buf, PEM_BUFSIZE);
+        explicit_bzero((char *)&ctx, sizeof(ctx));
+        explicit_bzero(buf, PEM_BUFSIZE);
         return (ret);
 }
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 6f8759a9ee..852b0eaf86 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem_lib.c,v 1.41 2015/07/19 18:29:31 miod Exp $ */
+/* $OpenBSD: pem_lib.c,v 1.42 2015/09/10 15:56:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -403,7 +403,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
                         goto err;
 
                 if (kstr == (unsigned char *)buf)
-                        OPENSSL_cleanse(buf, PEM_BUFSIZE);
+                        explicit_bzero(buf, PEM_BUFSIZE);
 
                 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
                         PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
@@ -434,12 +434,12 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
         if (i <= 0)
                 ret = 0;
 err:
-        OPENSSL_cleanse(key, sizeof(key));
-        OPENSSL_cleanse(iv, sizeof(iv));
-        OPENSSL_cleanse((char *)&ctx, sizeof(ctx));
-        OPENSSL_cleanse(buf, PEM_BUFSIZE);
+        explicit_bzero(key, sizeof(key));
+        explicit_bzero(iv, sizeof(iv));
+        explicit_bzero((char *)&ctx, sizeof(ctx));
+        explicit_bzero(buf, PEM_BUFSIZE);
         if (data != NULL) {
-                OPENSSL_cleanse(data, (unsigned int)dsize);
+                explicit_bzero(data, (unsigned int)dsize);
                 free(data);
         }
         return (ret);
@@ -480,8 +480,8 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
         if (o)
                 o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
         EVP_CIPHER_CTX_cleanup(&ctx);
-        OPENSSL_cleanse((char *)buf, sizeof(buf));
-        OPENSSL_cleanse((char *)key, sizeof(key));
+        explicit_bzero((char *)buf, sizeof(buf));
+        explicit_bzero((char *)key, sizeof(key));
         if (!o) {
                 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
                 return (0);
@@ -640,7 +640,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
         EVP_EncodeFinal(&ctx, buf, &outl);
         if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
                 goto err;
-        OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+        explicit_bzero(buf, PEM_BUFSIZE * 8);
         free(buf);
         buf = NULL;
         if ((BIO_write(bp, "-----END ", 9) != 9) ||
@@ -651,7 +651,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
 
 err:
         if (buf) {
-                OPENSSL_cleanse(buf, PEM_BUFSIZE * 8);
+                explicit_bzero(buf, PEM_BUFSIZE * 8);
                 free(buf);
         }
         PEMerr(PEM_F_PEM_WRITE_BIO, reason);
diff --git a/src/lib/libcrypto/pem/pem_pk8.c b/src/lib/libcrypto/pem/pem_pk8.c
index 5b0fcc236b..d02dec1546 100644
--- a/src/lib/libcrypto/pem/pem_pk8.c
+++ b/src/lib/libcrypto/pem/pem_pk8.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem_pk8.c,v 1.9 2014/10/18 17:20:40 jsing Exp $ */
+/* $OpenBSD: pem_pk8.c,v 1.10 2015/09/10 15:56:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -57,6 +57,7 @@
  */
 
 #include <stdio.h>
+#include <string.h>
 
 #include <openssl/buffer.h>
 #include <openssl/err.h>
@@ -135,7 +136,7 @@ do_pk8pkey(BIO *bp, EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc,
                 }
                 p8 = PKCS8_encrypt(nid, enc, kstr, klen, NULL, 0, 0, p8inf);
                 if (kstr == buf)
-                        OPENSSL_cleanse(buf, klen);
+                        explicit_bzero(buf, klen);
                 PKCS8_PRIV_KEY_INFO_free(p8inf);
                 if (isder)
                         ret = i2d_PKCS8_bio(bp, p8);
diff --git a/src/lib/libcrypto/pem/pem_pkey.c b/src/lib/libcrypto/pem/pem_pkey.c
index e9c0a8b1c9..afb476f818 100644
--- a/src/lib/libcrypto/pem/pem_pkey.c
+++ b/src/lib/libcrypto/pem/pem_pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem_pkey.c,v 1.20 2015/02/11 03:19:37 doug Exp $ */
+/* $OpenBSD: pem_pkey.c,v 1.21 2015/09/10 15:56:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -144,7 +144,7 @@ p8err:
                 PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB);
 err:
         free(nm);
-        OPENSSL_cleanse(data, len);
+        explicit_bzero(data, len);
         free(data);
         return (ret);
 }
diff --git a/src/lib/libcrypto/pem/pem_seal.c b/src/lib/libcrypto/pem/pem_seal.c
index 08837bd7f7..96687eb77f 100644
--- a/src/lib/libcrypto/pem/pem_seal.c
+++ b/src/lib/libcrypto/pem/pem_seal.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pem_seal.c,v 1.21 2014/10/18 17:20:40 jsing Exp $ */
+/* $OpenBSD: pem_seal.c,v 1.22 2015/09/10 15:56:25 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -117,7 +117,7 @@ PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 
 err:
         free(s);
-        OPENSSL_cleanse(key, EVP_MAX_KEY_LENGTH);
+        explicit_bzero(key, EVP_MAX_KEY_LENGTH);
         return (ret);
 }
 
diff --git a/src/lib/libcrypto/pem/pvkfmt.c b/src/lib/libcrypto/pem/pvkfmt.c
index 025381bcc0..f5a9de39fc 100644
--- a/src/lib/libcrypto/pem/pvkfmt.c
+++ b/src/lib/libcrypto/pem/pvkfmt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pvkfmt.c,v 1.13 2015/05/15 11:00:14 jsg Exp $ */
+/* $OpenBSD: pvkfmt.c,v 1.14 2015/09/10 15:56:25 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2005.
  */
@@ -765,7 +765,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
                         if (!EVP_DecryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf,
                             NULL))
                                 goto err;
-                        OPENSSL_cleanse(keybuf, 20);
+                        explicit_bzero(keybuf, 20);
                         if (!EVP_DecryptUpdate(&cctx, q, &enctmplen, p, inlen))
                                 goto err;
                         if (!EVP_DecryptFinal_ex(&cctx, q + enctmplen,
@@ -777,7 +777,7 @@ do_PVK_body(const unsigned char **in, unsigned int saltlen,
                                 goto err;
                         }
                 } else
-                        OPENSSL_cleanse(keybuf, 20);
+                        explicit_bzero(keybuf, 20);
                 p = enctmp;
         }
 
@@ -823,7 +823,7 @@ b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u)
 
 err:
         if (buf) {
-                OPENSSL_cleanse(buf, buflen);
+                explicit_bzero(buf, buflen);
                 free(buf);
         }
         return ret;
@@ -894,7 +894,7 @@ i2b_PVK(unsigned char **out, EVP_PKEY*pk, int enclevel, pem_password_cb *cb,
                 p = salt + PVK_SALTLEN + 8;
                 if (!EVP_EncryptInit_ex(&cctx, EVP_rc4(), NULL, keybuf, NULL))
                         goto error;
-                OPENSSL_cleanse(keybuf, 20);
+                explicit_bzero(keybuf, 20);
                 if (!EVP_DecryptUpdate(&cctx, p, &enctmplen, p, pklen - 8))
                         goto error;
                 if (!EVP_DecryptFinal_ex(&cctx, p + enctmplen, &enctmplen))