in addition to 'm'/'c' mode, asn1_wrap accepts a 's' mode clearing sensitive information

diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c
index ec46b16..ea6702d 100644 (file)
--- a/src/libstrongswan/asn1/asn1.c
+++ b/src/libstrongswan/asn1/asn1.c
@@ -832,9 +832,16 @@ chunk_t asn1_wrap(asn1_t type, const char *mode, ...)
                memcpy(pos, ch.ptr, ch.len);
                pos += ch.len;
 
-               if (*mode++ == 'm')
+               switch (*mode++)
                {
-                       free(ch.ptr);
+                       case 's':
+                               chunk_clear(&ch);
+                               break;
+                       case 'm':
+                               free(ch.ptr);
+                               break;
+                       default:
+                               break;
                }
        }
        va_end(chunks);

diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h
index 8072d62..6ed9bf4 100644 (file)
--- a/src/libstrongswan/asn1/asn1.h
+++ b/src/libstrongswan/asn1/asn1.h
@@ -250,8 +250,12 @@ chunk_t asn1_integer(const char *mode, chunk_t content);
 /**
  * Build an ASN.1 object from a variable number of individual chunks
  *
+ * The mode string specifies the number of chunks, and how to handle each of
+ * them with a single character: 'c' for copy (allocate new chunk), 'm' for move
+ * (free given chunk) or 's' for sensitive-copy (clear given chunk, then free).
+ *
  * @param type         ASN.1 type to be created
- * @param mode         for each list member: 'c' for copy or 'm' for move
+ * @param mode         for each list member: 'c', 'm' or 's'
  * @return                     chunk containing the ASN.1 coded object
  */
 chunk_t asn1_wrap(asn1_t type, const char *mode, ...);