Fix reading broken BER in gcrypt/rsa.c

[tinc] / src / gcrypt / rsagen.c

diff --git a/src/gcrypt/rsagen.c b/src/gcrypt/rsagen.c
index 01bb137..b89225d 100644 (file)
--- a/src/gcrypt/rsagen.c
+++ b/src/gcrypt/rsagen.c
@@ -22,16 +22,12 @@
 #include <gcrypt.h>
 #include <assert.h>
 
+#include "asn1.h"
 #include "rsa.h"
 #include "pem.h"
 #include "../rsagen.h"
 #include "../xalloc.h"
-
-// ASN.1 tags.
-typedef enum {
-       TAG_INTEGER = 2,
-       TAG_SEQUENCE = 16,
-} asn1_tag_t;
+#include "../utils.h"
 
 static size_t der_tag_len(size_t n) {
        if(n < 128) {
@@ -240,7 +236,9 @@ bool rsa_write_pem_private_key(rsa_t *rsa, FILE *fp) {
        gcry_mpi_release(params[dq]);
        gcry_mpi_release(params[u]);
 
-       return pem_encode(fp, "RSA PRIVATE KEY", derbuf, derlen);
+       bool success = pem_encode(fp, "RSA PRIVATE KEY", derbuf, derlen);
+       memzero(derbuf, sizeof(derbuf));
+       return success;
 }
 
 static gcry_mpi_t find_mpi(const gcry_sexp_t rsa, const char *token) {