make update

[openssl.git] / crypto / pem / pem_info.c

diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
index 7fc5e5c4c0c83e9c24d7006a9410218688a741cd..17ea85e4d79c260052ebde437fa61d4e7b816eb6 100644 (file)
--- a/crypto/pem/pem_info.c
+++ b/crypto/pem/pem_info.c
@@ -111,7 +111,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pe
                i=PEM_read_bio(bp,&name,&header,&data,&len);
                if (i == 0)
                        {
-                       error=ERR_GET_REASON(ERR_peek_error());
+                       error=ERR_GET_REASON(ERR_peek_last_error());
                        if (error == PEM_R_NO_START_LINE)
                                {
                                ERR_clear_error();
@@ -203,10 +203,10 @@ start:
                        }
                else
 #endif
-#ifndef OPENSSL_NO_ECDSA
-                       if (strcmp(name,PEM_STRING_ECDSA) == 0)
+#ifndef OPENSSL_NO_EC
+                       if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
                        {
-                               d2i=(char *(*)())d2i_ECDSAPrivateKey;
+                               d2i=(char *(*)())d2i_ECPrivateKey;
                                if (xi->x_pkey != NULL) 
                                {
                                        if (!sk_X509_INFO_push(ret,xi)) goto err;
@@ -220,8 +220,8 @@ start:
                        xi->x_pkey=X509_PKEY_new();
                        if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
                                goto err;
-                       xi->x_pkey->dec_pkey->type=EVP_PKEY_ECDSA;
-                       pp=(char **)&(xi->x_pkey->dec_pkey->pkey.ecdsa);
+                       xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
+                       pp=(char **)&(xi->x_pkey->dec_pkey->pkey.eckey);
                        if ((int)strlen(header) > 10) /* assume encrypted */
                                raw=1;
                        }
@@ -348,6 +348,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
                                }
 
                        /* create the right magic header stuff */
+                       OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
                        buf[0]='\0';
                        PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
                        PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
@@ -370,7 +371,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
                }
 
        /* if we have a certificate then write it out now */
-       if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+       if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
                goto err;
 
        /* we are ignoring anything else that is loaded into the X509_INFO
@@ -382,7 +383,7 @@ int PEM_X509_INFO_write_bio(BIO *bp, X509_INFO *xi, EVP_CIPHER *enc,
        ret=1;
 
 err:
-       memset((char *)&ctx,0,sizeof(ctx));
-       memset(buf,0,PEM_BUFSIZE);
+       OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
+       OPENSSL_cleanse(buf,PEM_BUFSIZE);
        return(ret);
        }