- ASN1_OCTET_STRING *oct;
- unsigned char *in, *p;
- int inlen;
- if (!(oct = ASN1_OCTET_STRING_new ())) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- if (seq) inlen = i2d_ASN1_SET((STACK *)obj, NULL, i2d, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
- else inlen = i2d (obj, NULL);
- if (!inlen) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCODE_ERROR);
- return NULL;
- }
- if (!(in = Malloc (inlen))) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,ERR_R_MALLOC_FAILURE);
- return NULL;
- }
- p = in;
- if (seq) i2d_ASN1_SET((STACK *)obj, &p, i2d, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
- else i2d (obj, &p);
- if (!PKCS12_pbe_crypt (algor, pass, passlen, in, inlen, &oct->data,
- &oct->length, 1)) {
- PKCS12err(PKCS12_F_PKCS12_I2D_ENCRYPT,PKCS12_R_ENCRYPT_ERROR);
- Free(in);
- return NULL;
- }
- Free (in);
- return oct;
+ ASN1_OCTET_STRING *oct = NULL;
+ unsigned char *in = NULL;
+ int inlen;
+
+ if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
+ PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ inlen = ASN1_item_i2d(obj, &in, it);
+ if (!in) {
+ PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCODE_ERROR);
+ goto err;
+ }
+ if (!PKCS12_pbe_crypt(algor, pass, passlen, in, inlen, &oct->data,
+ &oct->length, 1)) {
+ PKCS12err(PKCS12_F_PKCS12_ITEM_I2D_ENCRYPT, PKCS12_R_ENCRYPT_ERROR);
+ OPENSSL_free(in);
+ goto err;
+ }
+ if (zbuf)
+ OPENSSL_cleanse(in, inlen);
+ OPENSSL_free(in);
+ return oct;
+ err:
+ ASN1_OCTET_STRING_free(oct);
+ return NULL;