From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 21 Jun 2021 09:44:51 +0000 (+0200)
Subject: pubkey: Don't assume blobs are only ASN.1 DER
X-Git-Tag: 5.9.4dr2~16^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4dfa31c8a0b197d20fa7bce034c6a3bac2d96cec;p=thirdparty%2Fstrongswan.git

pubkey: Don't assume blobs are only ASN.1 DER

Also forward the blob's type when parsing pubkeys.
---

diff --git a/src/libstrongswan/plugins/pubkey/pubkey_cert.c b/src/libstrongswan/plugins/pubkey/pubkey_cert.c
index a7bf87e5ba..68866d2ad5 100644
--- a/src/libstrongswan/plugins/pubkey/pubkey_cert.c
+++ b/src/libstrongswan/plugins/pubkey/pubkey_cert.c
@@ -264,15 +264,20 @@ pubkey_cert_t *pubkey_cert_wrap(certificate_type_t type, va_list args)
 {
 	public_key_t *key = NULL;
 	chunk_t blob = chunk_empty;
+	builder_part_t part, blob_type = BUILD_END;
 	identification_t *subject = NULL;
 	time_t notBefore = UNDEFINED_TIME, notAfter = UNDEFINED_TIME;
 
 	while (TRUE)
 	{
-		switch (va_arg(args, builder_part_t))
+		part = va_arg(args, builder_part_t);
+		switch (part)
 		{
+			case BUILD_BLOB:
+			case BUILD_BLOB_PEM:
 			case BUILD_BLOB_ASN1_DER:
 				blob = va_arg(args, chunk_t);
+				blob_type = part;
 				continue;
 			case BUILD_PUBLIC_KEY:
 				key = va_arg(args, public_key_t*);
@@ -300,7 +305,7 @@ pubkey_cert_t *pubkey_cert_wrap(certificate_type_t type, va_list args)
 	else if (blob.ptr)
 	{
 		key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
-								 BUILD_BLOB_ASN1_DER, blob, BUILD_END);
+								 blob_type, blob, BUILD_END);
 	}
 	if (key)
 	{