EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
{
char *nm=NULL;
- unsigned char *p=NULL,*data=NULL;
+ const unsigned char *p=NULL;
+ unsigned char *data=NULL;
long len;
EVP_PKEY *ret=NULL;
p8inf=d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, len);
if(!p8inf) goto p8err;
ret = EVP_PKCS82PKEY(p8inf);
+ if(x) {
+ if(*x) EVP_PKEY_free((EVP_PKEY *)*x);
+ *x = ret;
+ }
PKCS8_PRIV_KEY_INFO_free(p8inf);
} else if (strcmp(nm,PEM_STRING_PKCS8) == 0) {
PKCS8_PRIV_KEY_INFO *p8inf;
if (cb) klen=cb(psbuf,PEM_BUFSIZE,0,u);
else klen=PEM_def_callback(psbuf,PEM_BUFSIZE,0,u);
if (klen <= 0) {
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,
+ PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,
PEM_R_BAD_PASSWORD_READ);
+ X509_SIG_free(p8);
goto err;
}
p8inf = PKCS8_decrypt(p8, psbuf, klen);
}
p8err:
if (ret == NULL)
- PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+ PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY,ERR_R_ASN1_LIB);
err:
OPENSSL_free(nm);
+ OPENSSL_cleanse(data, len);
OPENSSL_free(data);
return(ret);
}
if ((b=BIO_new(BIO_s_file())) == NULL)
{
- PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
+ PEMerr(PEM_F_PEM_READ_PRIVATEKEY,ERR_R_BUF_LIB);
return(0);
}
BIO_set_fp(b,fp,BIO_NOCLOSE);