err:
EVP_PKEY_free(pkey);
EVP_PKEY_CTX_free(pctx);
- if (ek)
- OPENSSL_free(ek);
+ OPENSSL_free(ek);
return ret;
}
ret = 1;
- if (*pek) {
- OPENSSL_cleanse(*pek, *peklen);
- OPENSSL_free(*pek);
- }
-
+ OPENSSL_clear_free(*pek, *peklen);
*pek = ek;
*peklen = eklen;
err:
EVP_PKEY_CTX_free(pctx);
- if (!ret && ek)
+ if (!ret)
OPENSSL_free(ek);
return ret;
*/
if (!EVP_CIPHER_CTX_set_key_length(evp_ctx, eklen)) {
/* Use random key as MMA defence */
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
+ OPENSSL_clear_free(ek, eklen);
ek = tkey;
eklen = tkeylen;
tkey = NULL;
if (EVP_CipherInit_ex(evp_ctx, NULL, NULL, ek, NULL, 0) <= 0)
goto err;
- if (ek) {
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
- ek = NULL;
- }
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- tkey = NULL;
- }
+ OPENSSL_clear_free(ek, eklen);
+ ek = NULL;
+ OPENSSL_clear_free(tkey, tkeylen);
+ tkey = NULL;
if (out == NULL)
out = etmp;
}
BIO_push(out, bio);
bio = NULL;
- if (0) {
+ return out;
+
err:
- if (ek) {
- OPENSSL_cleanse(ek, eklen);
- OPENSSL_free(ek);
- }
- if (tkey) {
- OPENSSL_cleanse(tkey, tkeylen);
- OPENSSL_free(tkey);
- }
- BIO_free_all(out);
- BIO_free_all(btmp);
- BIO_free_all(etmp);
- BIO_free_all(bio);
- out = NULL;
- }
- return (out);
+ OPENSSL_clear_free(ek, eklen);
+ OPENSSL_clear_free(tkey, tkeylen);
+ BIO_free_all(out);
+ BIO_free_all(btmp);
+ BIO_free_all(etmp);
+ BIO_free_all(bio);
+ return NULL;
}
static BIO *PKCS7_find_digest(EVP_MD_CTX **pmd, BIO *bio, int nid)
return 1;
err:
- if (abuf)
- OPENSSL_free(abuf);
+ OPENSSL_free(abuf);
EVP_MD_CTX_cleanup(&mctx);
return 0;
{
int i;
- if (p7si->auth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
+ sk_X509_ATTRIBUTE_pop_free(p7si->auth_attr, X509_ATTRIBUTE_free);
p7si->auth_attr = sk_X509_ATTRIBUTE_dup(sk);
if (p7si->auth_attr == NULL)
return 0;
{
int i;
- if (p7si->unauth_attr != NULL)
- sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
+ sk_X509_ATTRIBUTE_pop_free(p7si->unauth_attr, X509_ATTRIBUTE_free);
p7si->unauth_attr = sk_X509_ATTRIBUTE_dup(sk);
if (p7si->unauth_attr == NULL)
return 0;