diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2015-03-03 14:20:23 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2015-03-08 16:27:55 +0000 |
commit | a8ae0891d4bfd18f224777aed1fbb172504421f1 (patch) | |
tree | 0a220c89779a4a667e1eedfc1eab1e37b031064e /crypto/asn1 | |
parent | e3013932df2d899e8600c305342bc14b682dc0d1 (diff) | |
download | openssl-a8ae0891d4bfd18f224777aed1fbb172504421f1.tar.gz |
Cleanse PKCS#8 private key components.
New function ASN1_STRING_clear_free which cleanses an ASN1_STRING
structure before freeing it.
Call ASN1_STRING_clear_free on PKCS#8 private key components.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/asn1')
-rw-r--r-- | crypto/asn1/asn1.h | 1 | ||||
-rw-r--r-- | crypto/asn1/asn1_lib.c | 7 |
2 files changed, 8 insertions, 0 deletions
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 5254c7d3c7..692b81a44c 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -799,6 +799,7 @@ DECLARE_ASN1_SET_OF(ASN1_OBJECT) ASN1_STRING *ASN1_STRING_new(void); void ASN1_STRING_free(ASN1_STRING *a); +void ASN1_STRING_clear_free(ASN1_STRING *a); int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); ASN1_STRING *ASN1_STRING_type_new(int type); diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index bf8452689b..1586aaff14 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -427,6 +427,13 @@ void ASN1_STRING_free(ASN1_STRING *a) OPENSSL_free(a); } +void ASN1_STRING_clear_free(ASN1_STRING *a) +{ + if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) + OPENSSL_cleanse(a->data, a->length); + ASN1_STRING_free(a); +} + int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) { int i; |