i=i2d_ASN1_OCTET_STRING(&sig,NULL);
j=RSA_size(rsa);
- if ((i-RSA_PKCS1_PADDING) > j)
+ if (i > (j-RSA_PKCS1_PADDING_SIZE))
{
RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
return(0);
else
*siglen=i;
- memset(s,0,(unsigned int)j+1);
+ OPENSSL_cleanse(s,(unsigned int)j+1);
OPENSSL_free(s);
return(ret);
}
RSA *rsa)
{
int i,ret=0;
- unsigned char *p,*s;
+ unsigned char *s;
+ const unsigned char *p;
ASN1_OCTET_STRING *sig=NULL;
if (siglen != (unsigned int)RSA_size(rsa))
ret=1;
err:
if (sig != NULL) M_ASN1_OCTET_STRING_free(sig);
- memset(s,0,(unsigned int)siglen);
- OPENSSL_free(s);
+ if (s != NULL)
+ {
+ OPENSSL_cleanse(s,(unsigned int)siglen);
+ OPENSSL_free(s);
+ }
return(ret);
}