Extend OID config module format.

[oweals/openssl.git] / crypto / asn1 / n_pkey.c

diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index 9146ee02c966191e8aab9244661609cdc3a66c09..a5a02e843c1f249c5f4b9d082019783619458627 100644 (file)
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -56,9 +56,9 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include "cryptlib.h"
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
 #include <openssl/objects.h>
 #include <openssl/asn1t.h>
@@ -187,7 +187,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
        i2d_NETSCAPE_PKEY(pkey,&zz);
 
        /* Wipe the private key encoding */
-       memset(pkey->private_key->data, 0, rsalen);
+       OPENSSL_cleanse(pkey->private_key->data, rsalen);
                
        if (cb == NULL)
                cb=EVP_read_pw_string;
@@ -206,7 +206,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
        }
 
        EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-       memset(buf,0,256);
+       OPENSSL_cleanse(buf,256);
 
        /* Encrypt private key in place */
        zz = enckey->enckey->digest->data;
@@ -294,7 +294,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
        }
                
        EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
-       memset(buf,0,256);
+       OPENSSL_cleanse(buf,256);
 
        EVP_CIPHER_CTX_init(&ctx);
        EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);