From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 18 Oct 2021 09:22:40 +0000 (+0200)
Subject: pkcs8: Don't forward NULL parameters when parsing keys
X-Git-Tag: 5.9.4~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d6d31fce2345b21cd99c08d93af6c0297108c6ec;p=thirdparty%2Fstrongswan.git

pkcs8: Don't forward NULL parameters when parsing keys

Other plugins don't expect this build part for RSA keys and will fail
parsing the keys further.
---

diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
index 22b7829a49..1d7a48fb26 100644
--- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
+++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
@@ -97,7 +97,8 @@ static private_key_t *parse_private_key(chunk_t blob)
 			case PKINFO_PRIVATE_KEY:
 			{
 				DBG2(DBG_ASN, "-- > --");
-				if (params.ptr)
+				if (params.len &&
+					!chunk_equals(params, chunk_from_chars(0x05, 0x00)))
 				{
 					key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
 											 type, BUILD_BLOB_ALGID_PARAMS,