pkcs1: Accept EC private keys without public key but make sure of an OID

author Tobias Brunner <tobias@strongswan.org>

Thu, 9 Aug 2018 06:45:48 +0000 (08:45 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Wed, 12 Sep 2018 14:25:00 +0000 (16:25 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 9 Aug 2018 06:45:48 +0000 (08:45 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Wed, 12 Sep 2018 14:25:00 +0000 (16:25 +0200)
diff --git a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c

index 967e501d1960e33cd21ddbe95fd6ede61e4e0c05..c934f0b1d4ddbd7251396d51e107b7a525d5aa89 100644 (file)
--- a/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
+++ b/src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
@@ -271,7 +271,8 @@ end:
   * }
   *
   * While the parameters and publicKey fields are OPTIONAL, RFC 5915 says that
- * parameters MUST be included and publicKey SHOULD be.
+ * parameters MUST be included (an errata clarifies this, so this is only the
+ * case for plain private keys, not encoded in PKCS#8) and publicKey SHOULD be.
   */
  static bool is_ec_private_key(chunk_t blob)
  {
@@ -281,7 +282,8 @@ static bool is_ec_private_key(chunk_t blob)
                    asn1_parse_integer_uint64(data) == 1 &&
                    asn1_unwrap(&blob, &data) == ASN1_OCTET_STRING &&
                    asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_0 &&
-                  asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_1;
+                  asn1_unwrap(&data, &data) == ASN1_OID &&
+                  (!blob.len || (asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_1));
  }
  
  /**
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 9 Aug 2018 06:45:48 +0000 (08:45 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Wed, 12 Sep 2018 14:25:00 +0000 (16:25 +0200)