ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity

pkcs1: Accept EC private keys without public key but make sure of an OID

This commit is contained in:
Tobias Brunner 2018-08-09 08:45:48 +02:00
parent de2a24310c
commit ba7e74291e
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/libstrongswan/plugins/pkcs1/pkcs1_builder.c
View File

@ -271,7 +271,8 @@ end:
* }
*
* While the parameters and publicKey fields are OPTIONAL, RFC 5915 says that
* parameters MUST be included and publicKey SHOULD be.
* parameters MUST be included (an errata clarifies this, so this is only the
* case for plain private keys, not encoded in PKCS#8) and publicKey SHOULD be.
*/
static bool is_ec_private_key(chunk_t blob)
{
@ -281,7 +282,8 @@ static bool is_ec_private_key(chunk_t blob)
asn1_parse_integer_uint64(data) == 1 &&
asn1_unwrap(&blob, &data) == ASN1_OCTET_STRING &&
asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_0 &&
asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_1;
asn1_unwrap(&data, &data) == ASN1_OID &&
(!blob.len || (asn1_unwrap(&blob, &data) == ASN1_CONTEXT_C_1));
}
/**