Initial support for Encrypted Data type generation.

author: Dr. Stephen Henson <steve@openssl.org> 2008-03-14 23:30:56 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2008-03-14 23:30:56 +0000
commit: d9f5f07e286bfc7a2a81756199a3e94444e0f6ce (patch)
tree: 958d67c1dde917f30716dc49cb8405dbae6a89bb /crypto/cms/cms_enc.c
parent: b31db9ee96c76c964085c09768b3c10cca0c807f (diff)
1 files changed, 15 insertions, 2 deletions
diff --git a/crypto/cms/cms_enc.c b/crypto/cms/cms_enc.c
index ccb436f098..54a1e431c2 100644
--- a/crypto/cms/cms_enc.c
+++ b/crypto/cms/cms_enc.c
@@ -75,6 +75,8 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 	X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
 	unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
 
+	int ok = 0;
+
 	int enc;
 
 	enc = ec->cipher ? 1 : 0;
@@ -90,7 +92,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 	BIO_get_cipher_ctx(b, &ctx);
 
 	if (enc)
-		calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+		ciph = ec->cipher;
 	else
 		{
 		ciph = EVP_get_cipherbyobj(calg->algorithm);
@@ -110,6 +112,9 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 		goto err;
 		}
 
+	if (enc)
+		calg->algorithm = OBJ_nid2obj(EVP_CIPHER_CTX_type(ctx));
+
 	/* If necessary set key length */
 
 	if (ec->keylen != EVP_CIPHER_CTX_key_length(ctx))
@@ -164,9 +169,17 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
 			goto err;
 			}
 		}
-	return b;
+	ok = 1;
 
 	err:
+	if (ec->key)
+		{
+		OPENSSL_cleanse(ec->key, ec->keylen);
+		OPENSSL_free(ec->key);
+		ec->key = NULL;
+		}
+	if (ok)
+		return b;
 	BIO_free(b);
 	return NULL;
 	}
author	Dr. Stephen Henson <steve@openssl.org>	2008-03-14 23:30:56 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2008-03-14 23:30:56 +0000
commit	d9f5f07e286bfc7a2a81756199a3e94444e0f6ce (patch)
tree	958d67c1dde917f30716dc49cb8405dbae6a89bb /crypto/cms/cms_enc.c
parent	b31db9ee96c76c964085c09768b3c10cca0c807f (diff)