X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fpem%2Fpem_seal.c;h=4e554e5481e0c60cf520906671b7c2498ff8d2c1;hp=2a6c5133481afeea02762f983ace99ed1cb96bf1;hb=fe591284be1575d85d3a2f40d8ba93436ba2b3db;hpb=26a3a48d65c7464b400ec1de439994d7f0d25fed;ds=sidebyside

diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
index 2a6c513348..4e554e5481 100644
--- a/crypto/pem/pem_seal.c
+++ b/crypto/pem/pem_seal.c
@@ -56,7 +56,8 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef NO_RSA
+#include <openssl/opensslconf.h>	/* for OPENSSL_NO_RSA */
+#ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
@@ -64,6 +65,7 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/rsa.h>
 
 int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 	     unsigned char **ek, int *ekl, unsigned char *iv, EVP_PKEY **pubk,
@@ -91,10 +93,13 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 		goto err;
 		}
 
-	EVP_EncodeInit(&(ctx->encode));
-	EVP_SignInit(&(ctx->md),md_type);
+	EVP_EncodeInit(&ctx->encode);
 
-	ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
+	EVP_MD_CTX_init(&ctx->md);
+	EVP_SignInit(&ctx->md,md_type);
+
+	EVP_CIPHER_CTX_init(&ctx->cipher);
+	ret=EVP_SealInit(&ctx->cipher,type,ek,ekl,iv,pubk,npubk);
 	if (!ret) goto err;
 
 	/* base64 encode the keys */
@@ -109,7 +114,7 @@ int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type, EVP_MD *md_type,
 	ret=npubk;
 err:
 	if (s != NULL) OPENSSL_free(s);
-	memset(key,0,EVP_MAX_KEY_LENGTH);
+	OPENSSL_cleanse(key,EVP_MAX_KEY_LENGTH);
 	return(ret);
 	}
 
@@ -120,7 +125,7 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 	int i,j;
 
 	*outl=0;
-	EVP_SignUpdate(&(ctx->md),in,inl);
+	EVP_SignUpdate(&ctx->md,in,inl);
 	for (;;)
 		{
 		if (inl <= 0) break;
@@ -128,8 +133,8 @@ void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
 			i=1200;
 		else
 			i=inl;
-		EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
-		EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
+		EVP_EncryptUpdate(&ctx->cipher,buffer,&j,in,i);
+		EVP_EncodeUpdate(&ctx->encode,out,&j,buffer,j);
 		*outl+=j;
 		out+=j;
 		in+=i;
@@ -158,24 +163,24 @@ int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig, int *sigl,
 		goto err;
 		}
 
-	EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
-	EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
+	EVP_EncryptFinal_ex(&ctx->cipher,s,(int *)&i);
+	EVP_EncodeUpdate(&ctx->encode,out,&j,s,i);
 	*outl=j;
 	out+=j;
-	EVP_EncodeFinal(&(ctx->encode),out,&j);
+	EVP_EncodeFinal(&ctx->encode,out,&j);
 	*outl+=j;
 
-	if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
+	if (!EVP_SignFinal(&ctx->md,s,&i,priv)) goto err;
 	*sigl=EVP_EncodeBlock(sig,s,i);
 
 	ret=1;
 err:
-	memset((char *)&(ctx->md),0,sizeof(ctx->md));
-	memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
+	EVP_MD_CTX_cleanup(&ctx->md);
+	EVP_CIPHER_CTX_cleanup(&ctx->cipher);
 	if (s != NULL) OPENSSL_free(s);
 	return(ret);
 	}
-#else /* !NO_RSA */
+#else /* !OPENSSL_NO_RSA */
 
 # if PEDANTIC
 static void *dummy=&dummy;