swanctl: Support any key type for decrypted keys

The previous code required explicit support for a particular key type, of which Ed25519 and Ed448 were missing. While a fallback to `any` would have been possible (this is already the case for unencrypted keys in the `private` and `pkcs8` directories, which are not parsed by swanctl), it's not necessary (as long as swanctl and the daemon are from the same release) and does not require the daemon to detect the key type again. Fixes #3586.
2020-10-08 09:40:12 +02:00 · 2020-10-08 09:40:12 +02:00 · 30d47ea4cb
parent 6839256773
commit 30d47ea4cb
1 changed files with 8 additions and 13 deletions
--- a/src/swanctl/commands/load_creds.c
+++ b/src/swanctl/commands/load_creds.c
@ -195,26 +195,21 @@ static bool load_key_anytype(load_ctx_t *ctx, char *path,
 {
 	bool loaded = FALSE;
 	chunk_t encoding;
+	char *type;

 	if (!private->get_encoding(private, PRIVKEY_ASN1_DER, &encoding))
 	{
 		fprintf(stderr, "encoding private key from '%s' failed\n", path);
 		return FALSE;
 	}
-	switch (private->get_type(private))
+	type = enum_to_name(key_type_names, private->get_type(private));
+	if (type)
 	{
-		case KEY_RSA:
-			loaded = load_key(ctx, path, "rsa", encoding);
-			break;
-		case KEY_ECDSA:
-			loaded = load_key(ctx, path, "ecdsa", encoding);
-			break;
-		case KEY_BLISS:
-			loaded = load_key(ctx, path, "bliss", encoding);
-			break;
-		default:
-			fprintf(stderr, "unsupported key type in '%s'\n", path);
-			break;
+		loaded = load_key(ctx, path, type, encoding);
+	}
+	if (!loaded)
+	{
+		fprintf(stderr, "unsupported key type in '%s'\n", path);
 	}
 	chunk_clear(&encoding);
 	return loaded;