From d6d31fce2345b21cd99c08d93af6c0297108c6ec Mon Sep 17 00:00:00 2001
From: Tobias Brunner <tobias@strongswan.org>
Date: Mon, 18 Oct 2021 11:22:40 +0200
Subject: [PATCH] pkcs8: Don't forward NULL parameters when parsing keys

Other plugins don't expect this build part for RSA keys and will fail
parsing the keys further.
---
 src/libstrongswan/plugins/pkcs8/pkcs8_builder.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
index 22b7829a4..1d7a48fb2 100644
--- a/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
+++ b/src/libstrongswan/plugins/pkcs8/pkcs8_builder.c
@@ -97,7 +97,8 @@ static private_key_t *parse_private_key(chunk_t blob)
 			case PKINFO_PRIVATE_KEY:
 			{
 				DBG2(DBG_ASN, "-- > --");
-				if (params.ptr)
+				if (params.len &&
+					!chunk_equals(params, chunk_from_chars(0x05, 0x00)))
 				{
 					key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
 											 type, BUILD_BLOB_ALGID_PARAMS,
-- 
2.47.3