From e81438a422cade9a512bf4457629a663ccd18666 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 13 Feb 2015 08:35:44 -0600
Subject: move gc above potential exception

---
 src/cryptography/hazmat/backends/openssl/backend.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 3e95c88b..87ee1d7a 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -725,12 +725,12 @@ class Backend(object):
         mem_bio = self._bytes_to_bio(data)
         key = self._lib.d2i_PrivateKey_bio(mem_bio.bio, self._ffi.NULL)
         if key != self._ffi.NULL:
+            key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
             if password is not None:
                 raise TypeError(
                     "Password was given but private key is not encrypted."
                 )
 
-            key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
             return key
         else:
             self._consume_errors()
@@ -744,11 +744,11 @@ class Backend(object):
         if info != self._ffi.NULL:
             key = self._lib.EVP_PKCS82PKEY(info)
             assert key != self._ffi.NULL
+            key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
             if password is not None:
                 raise TypeError(
                     "Password was given but private key is not encrypted."
                 )
-            key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
             return key
         else:
             self._consume_errors()
-- 
cgit v1.2.3