i=PEM_read_bio(bp,&name,&header,&data,&len);
if (i == 0)
{
- error=ERR_GET_REASON(ERR_peek_error());
+ error=ERR_GET_REASON(ERR_peek_last_error());
if (error == PEM_R_NO_START_LINE)
{
ERR_clear_error();
}
else
#endif
-#ifndef OPENSSL_NO_ECDSA
- if (strcmp(name,PEM_STRING_ECDSA) == 0)
+#ifndef OPENSSL_NO_EC
+ if (strcmp(name,PEM_STRING_ECPRIVATEKEY) == 0)
{
- d2i=(char *(*)())d2i_ECDSAPrivateKey;
+ d2i=(char *(*)())d2i_ECPrivateKey;
if (xi->x_pkey != NULL)
{
if (!sk_X509_INFO_push(ret,xi)) goto err;
xi->x_pkey=X509_PKEY_new();
if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
goto err;
- xi->x_pkey->dec_pkey->type=EVP_PKEY_ECDSA;
- pp=(char **)&(xi->x_pkey->dec_pkey->pkey.ecdsa);
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_EC;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.eckey);
if ((int)strlen(header) > 10) /* assume encrypted */
raw=1;
}
}
/* create the right magic header stuff */
+ OPENSSL_assert(strlen(objstr)+23+2*enc->iv_len+13 <= sizeof buf);
buf[0]='\0';
PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
PEM_dek_info(buf,objstr,enc->iv_len,(char *)iv);
}
/* if we have a certificate then write it out now */
- if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+ if ((xi->x509 != NULL) && (PEM_write_bio_X509(bp,xi->x509) <= 0))
goto err;
/* we are ignoring anything else that is loaded into the X509_INFO
ret=1;
err:
- memset((char *)&ctx,0,sizeof(ctx));
- memset(buf,0,PEM_BUFSIZE);
+ OPENSSL_cleanse((char *)&ctx,sizeof(ctx));
+ OPENSSL_cleanse(buf,PEM_BUFSIZE);
return(ret);
}