1 files changed, 14 insertions, 12 deletions

diff --git a/src/lib/libcrypto/pkcs12/p12_add.c b/src/lib/libcrypto/pkcs12/p12_add.c
index ae3d9de3b4..d045cbba8d 100644
--- a/src/lib/libcrypto/pkcs12/p12_add.c
+++ b/src/lib/libcrypto/pkcs12/p12_add.c
@@ -133,7 +133,7 @@ PKCS7 *PKCS12_pack_p7data (STACK *sk)
                 return NULL;
         }
         p7->type = OBJ_nid2obj(NID_pkcs7_data);
-        if (!(p7->d.data = ASN1_OCTET_STRING_new())) {
+        if (!(p7->d.data = M_ASN1_OCTET_STRING_new())) {
                 PKCS12err(PKCS12_F_PKCS12_PACK_P7DATA, ERR_R_MALLOC_FAILURE);
                 return NULL;
         }
@@ -157,20 +157,18 @@ PKCS7 *PKCS12_pack_p7encdata (int pbe_nid, const char *pass, int passlen,
                 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
                 return NULL;
         }
-        p7->type = OBJ_nid2obj(NID_pkcs7_encrypted);
-        if (!(p7->d.encrypted = PKCS7_ENCRYPT_new ())) {
-                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
+        if(!PKCS7_set_type(p7, NID_pkcs7_encrypted)) {
+                PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA,
+                                PKCS12_R_ERROR_SETTING_ENCRYPTED_DATA_TYPE);
                 return NULL;
         }
-        ASN1_INTEGER_set (p7->d.encrypted->version, 0);
-        p7->d.encrypted->enc_data->content_type = OBJ_nid2obj(NID_pkcs7_data);
         if (!(pbe = PKCS5_pbe_set (pbe_nid, iter, salt, saltlen))) {
                 PKCS12err(PKCS12_F_PKCS12_PACK_P7ENCDATA, ERR_R_MALLOC_FAILURE);
                 return NULL;
         }
         X509_ALGOR_free(p7->d.encrypted->enc_data->algorithm);
         p7->d.encrypted->enc_data->algorithm = pbe;
-        ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
+        M_ASN1_OCTET_STRING_free(p7->d.encrypted->enc_data->enc_data);
         if (!(p7->d.encrypted->enc_data->enc_data =
         PKCS12_i2d_encrypt (pbe, i2d_PKCS12_SAFEBAG, pass, passlen,
                                  (char *)bags, 1))) {
@@ -191,24 +189,28 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
 
         if (!(p8 = X509_SIG_new())) {
                 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
-                return NULL;
+                goto err;
         }
 
         if(pbe_nid == -1) pbe = PKCS5_pbe2_set(cipher, iter, salt, saltlen);
         else pbe = PKCS5_pbe_set(pbe_nid, iter, salt, saltlen);
         if(!pbe) {
-                PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_MALLOC_FAILURE);
-                return NULL;
+                PKCS12err(PKCS12_F_PKCS8_ENCRYPT, ERR_R_ASN1_LIB);
+                goto err;
         }
         X509_ALGOR_free(p8->algor);
         p8->algor = pbe;
-        ASN1_OCTET_STRING_free(p8->digest);
+        M_ASN1_OCTET_STRING_free(p8->digest);
         if (!(p8->digest = 
         PKCS12_i2d_encrypt (pbe, i2d_PKCS8_PRIV_KEY_INFO, pass, passlen,
                                                  (char *)p8inf, 0))) {
                 PKCS12err(PKCS12_F_PKCS8_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
-                return NULL;
+                goto err;
         }
 
         return p8;
+
+        err:
+        X509_SIG_free(p8);
+        return NULL;
 }