Delete MD2 from algorithm tables as in 0.9.8-stable. However since this is

[openssl.git] / crypto / evp / evp_key.c

diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
index 4271393069d7f1359ed96d389ce958f402bec80f..361ea69ab6d5fd685ca98dfb0f94de238988a9af 100644 (file)
--- a/crypto/evp/evp_key.c
+++ b/crypto/evp/evp_key.c
@@ -66,7 +66,7 @@
 /* should be init to zeros. */
 static char prompt_string[80];
 
-void EVP_set_pw_prompt(char *prompt)
+void EVP_set_pw_prompt(const char *prompt)
        {
        if (prompt == NULL)
                prompt_string[0]='\0';
@@ -103,7 +103,7 @@ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
                        buff,0,(len>=BUFSIZ)?BUFSIZ-1:len,buf);
        ret = UI_process(ui);
        UI_free(ui);
-       memset(buff,0,BUFSIZ);
+       OPENSSL_cleanse(buff,BUFSIZ);
        return ret;
        }
 
@@ -118,13 +118,16 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
 
        nkey=type->key_len;
        niv=type->iv_len;
+       OPENSSL_assert(nkey <= EVP_MAX_KEY_LENGTH);
+       OPENSSL_assert(niv <= EVP_MAX_IV_LENGTH);
 
        if (data == NULL) return(nkey);
 
        EVP_MD_CTX_init(&c);
        for (;;)
                {
-               EVP_DigestInit_ex(&c,md, NULL);
+               if (!EVP_DigestInit_ex(&c,md, NULL))
+                       return 0;
                if (addmd++)
                        EVP_DigestUpdate(&c,&(md_buf[0]),mds);
                EVP_DigestUpdate(&c,data,datal);
@@ -166,7 +169,7 @@ int EVP_BytesToKey(const EVP_CIPHER *type, const EVP_MD *md,
                if ((nkey == 0) && (niv == 0)) break;
                }
        EVP_MD_CTX_cleanup(&c);
-       memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+       OPENSSL_cleanse(&(md_buf[0]),EVP_MAX_MD_SIZE);
        return(type->key_len);
        }