diff options
Diffstat (limited to 'crypto/pem')
-rw-r--r-- | crypto/pem/pem_lib.c | 13 | ||||
-rw-r--r-- | crypto/pem/pem_pkey.c | 3 | ||||
-rw-r--r-- | crypto/pem/pvkfmt.c | 5 |
3 files changed, 5 insertions, 16 deletions
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 431e36804f..143d001828 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -429,10 +429,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, OPENSSL_cleanse(iv, sizeof(iv)); OPENSSL_cleanse((char *)&ctx, sizeof(ctx)); OPENSSL_cleanse(buf, PEM_BUFSIZE); - if (data != NULL) { - OPENSSL_cleanse(data, (unsigned int)dsize); - OPENSSL_free(data); - } + OPENSSL_clear_free(data, (unsigned int)dsize); return (ret); } @@ -637,8 +634,7 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, EVP_EncodeFinal(&ctx, buf, &outl); if ((outl > 0) && (BIO_write(bp, (char *)buf, outl) != outl)) goto err; - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); - OPENSSL_free(buf); + OPENSSL_clear_free(buf, PEM_BUFSIZE * 8); buf = NULL; if ((BIO_write(bp, "-----END ", 9) != 9) || (BIO_write(bp, name, nlen) != nlen) || @@ -646,10 +642,7 @@ int PEM_write_bio(BIO *bp, const char *name, const char *header, goto err; return (i + outl); err: - if (buf) { - OPENSSL_cleanse(buf, PEM_BUFSIZE * 8); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, PEM_BUFSIZE * 8); PEMerr(PEM_F_PEM_WRITE_BIO, reason); return (0); } diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 80c316ed38..0a110e15b9 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -139,8 +139,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB); err: OPENSSL_free(nm); - OPENSSL_cleanse(data, len); - OPENSSL_free(data); + OPENSSL_clear_free(data, len); return (ret); } diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 14ddb33a26..8ac9348efe 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -772,10 +772,7 @@ EVP_PKEY *b2i_PVK_bio(BIO *in, pem_password_cb *cb, void *u) ret = do_PVK_body(&p, saltlen, keylen, cb, u); err: - if (buf) { - OPENSSL_cleanse(buf, buflen); - OPENSSL_free(buf); - } + OPENSSL_clear_free(buf, buflen); return ret; } |