DESERIALIZER: Implement decryption of password protected objects

[openssl.git] / crypto / serializer / deserializer_lib.c

diff --git a/crypto/serializer/deserializer_lib.c b/crypto/serializer/deserializer_lib.c
index 2d2b1b7e7a75f209983f3b0a88825a4169fe05d2..2fbb7782cf2e0af6f3ea9c6b88c53a67c6908d3b 100644 (file)
--- a/crypto/serializer/deserializer_lib.c
+++ b/crypto/serializer/deserializer_lib.c
@@ -29,12 +29,19 @@ static int deser_process(const OSSL_PARAM params[], void *arg);
 int OSSL_DESERIALIZER_from_bio(OSSL_DESERIALIZER_CTX *ctx, BIO *in)
 {
     struct deser_process_data_st data;
+    int ok = 0;
 
     memset(&data, 0, sizeof(data));
     data.ctx = ctx;
     data.bio = in;
 
-    return deser_process(NULL, &data);
+    ok = deser_process(NULL, &data);
+
+    /* Clear any cached passphrase */
+    OPENSSL_clear_free(ctx->cached_passphrase, ctx->cached_passphrase_len);
+    ctx->cached_passphrase = NULL;
+    ctx->cached_passphrase_len = 0;
+    return ok;
 }
 
 #ifndef OPENSSL_NO_STDIO