summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem/pem_lib.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/pem/pem_lib.c')
-rw-r--r--src/lib/libcrypto/pem/pem_lib.c22
1 files changed, 11 insertions, 11 deletions
diff --git a/src/lib/libcrypto/pem/pem_lib.c b/src/lib/libcrypto/pem/pem_lib.c
index 6f8759a9ee..852b0eaf86 100644
--- a/src/lib/libcrypto/pem/pem_lib.c
+++ b/src/lib/libcrypto/pem/pem_lib.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pem_lib.c,v 1.41 2015/07/19 18:29:31 miod Exp $ */ 1/* $OpenBSD: pem_lib.c,v 1.42 2015/09/10 15:56:25 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -403,7 +403,7 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
403 goto err; 403 goto err;
404 404
405 if (kstr == (unsigned char *)buf) 405 if (kstr == (unsigned char *)buf)
406 OPENSSL_cleanse(buf, PEM_BUFSIZE); 406 explicit_bzero(buf, PEM_BUFSIZE);
407 407
408 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) { 408 if (strlen(objstr) + 23 + 2 * enc->iv_len + 13 > sizeof buf) {
409 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, 409 PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,
@@ -434,12 +434,12 @@ PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, void *x,
434 if (i <= 0) 434 if (i <= 0)
435 ret = 0; 435 ret = 0;
436err: 436err:
437 OPENSSL_cleanse(key, sizeof(key)); 437 explicit_bzero(key, sizeof(key));
438 OPENSSL_cleanse(iv, sizeof(iv)); 438 explicit_bzero(iv, sizeof(iv));
439 OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); 439 explicit_bzero((char *)&ctx, sizeof(ctx));
440 OPENSSL_cleanse(buf, PEM_BUFSIZE); 440 explicit_bzero(buf, PEM_BUFSIZE);
441 if (data != NULL) { 441 if (data != NULL) {
442 OPENSSL_cleanse(data, (unsigned int)dsize); 442 explicit_bzero(data, (unsigned int)dsize);
443 free(data); 443 free(data);
444 } 444 }
445 return (ret); 445 return (ret);
@@ -480,8 +480,8 @@ PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *plen,
480 if (o) 480 if (o)
481 o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j); 481 o = EVP_DecryptFinal_ex(&ctx, &(data[i]), &j);
482 EVP_CIPHER_CTX_cleanup(&ctx); 482 EVP_CIPHER_CTX_cleanup(&ctx);
483 OPENSSL_cleanse((char *)buf, sizeof(buf)); 483 explicit_bzero((char *)buf, sizeof(buf));
484 OPENSSL_cleanse((char *)key, sizeof(key)); 484 explicit_bzero((char *)key, sizeof(key));
485 if (!o) { 485 if (!o) {
486 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT); 486 PEMerr(PEM_F_PEM_DO_HEADER, PEM_R_BAD_DECRYPT);
487 return (0); 487 return (0);
@@ -640,7 +640,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
640 EVP_EncodeFinal(&ctx, buf, &outl); 640 EVP_EncodeFinal(&ctx, buf, &outl);
641 if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) 641 if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl))
642 goto err; 642 goto err;
643 OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); 643 explicit_bzero(buf, PEM_BUFSIZE * 8);
644 free(buf); 644 free(buf);
645 buf = NULL; 645 buf = NULL;
646 if ((BIO_write(bp, "-----END ", 9) != 9) || 646 if ((BIO_write(bp, "-----END ", 9) != 9) ||
@@ -651,7 +651,7 @@ PEM_write_bio(BIO *bp, const char *name, char *header, unsigned char *data,
651 651
652err: 652err:
653 if (buf) { 653 if (buf) {
654 OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); 654 explicit_bzero(buf, PEM_BUFSIZE * 8);
655 free(buf); 655 free(buf);
656 } 656 }
657 PEMerr(PEM_F_PEM_WRITE_BIO, reason); 657 PEMerr(PEM_F_PEM_WRITE_BIO, reason);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-15 14:40:32 +0000