fixed parsing of openssl format public keys

2 files changed, 18 insertions, 23 deletions

diff --git a/src/libstrongswan/plugins/gmp/gmp_public_key.c b/src/libstrongswan/plugins/gmp/gmp_public_key.c
index 37a079ae3..4105f58be 100644
--- a/src/libstrongswan/plugins/gmp/gmp_public_key.c
+++ b/src/libstrongswan/plugins/gmp/gmp_public_key.c
@@ -29,7 +29,7 @@
 static const asn1Object_t pkinfoObjects[] = {
 	{ 0, "subjectPublicKeyInfo",ASN1_SEQUENCE,		ASN1_NONE	}, /* 0 */
 	{ 1,   "algorithm",			ASN1_EOC,			ASN1_RAW	}, /* 1 */
-	{ 1,   "subjectPublicKey",	ASN1_BIT_STRING,	ASN1_OBJ	}, /* 2 */
+	{ 1,   "subjectPublicKey",	ASN1_BIT_STRING,	ASN1_BODY	}, /* 2 */
 	{ 0, "exit",				ASN1_EOC,			ASN1_EXIT	}
 };
 #define PKINFO_SUBJECT_PUBLIC_KEY_ALGORITHM	1
@@ -73,13 +73,11 @@ static public_key_t *load(chunk_t blob)
 				if (object.len > 0 && *object.ptr == 0x00)
 				{
 					/* skip initial bit string octet defining 0 unused bits */
-					object.ptr++;
-					object.len--;				
-					key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type,
-											 BUILD_BLOB_ASN1_DER,
-											 chunk_clone(object),
-											 BUILD_END);
+					object = chunk_skip(object, 1);
 				}
+				key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, type,
+										 BUILD_BLOB_ASN1_DER, chunk_clone(object),
+										 BUILD_END);
 				break;
 		}
 	} 
diff --git a/src/libstrongswan/plugins/x509/x509_cert.c b/src/libstrongswan/plugins/x509/x509_cert.c
index 79c1678b3..ff176b710 100644
--- a/src/libstrongswan/plugins/x509/x509_cert.c
+++ b/src/libstrongswan/plugins/x509/x509_cert.c
@@ -731,22 +731,19 @@ static bool parse_certificate(private_x509_cert_t *this)
 				if (object.len > 0 && *object.ptr == 0x00)
 				{
 					/* skip initial bit string octet defining 0 unused bits */
-					object.ptr++;
-					object.len--;
-
-					switch (key_alg)
-					{
-						case OID_RSA_ENCRYPTION:
-							this->public_key = lib->creds->create(lib->creds,
-													CRED_PUBLIC_KEY, KEY_RSA,
-													BUILD_BLOB_ASN1_DER,
-													chunk_clone(object),
-													BUILD_END);
-							break;
-						default:
-							DBG1("parsing key type %d failed", key_alg);
-							goto end;
-					}
+					object = chunk_skip(object, 1);
+				}
+				switch (key_alg)
+				{
+					case OID_RSA_ENCRYPTION:
+						this->public_key = lib->creds->create(lib->creds,
+									CRED_PUBLIC_KEY, KEY_RSA,
+									BUILD_BLOB_ASN1_DER, chunk_clone(object),
+									BUILD_END);
+						break;
+					default:
+						DBG1("parsing key type %d failed", key_alg);
+						goto end;
 				}
 				break;
 			case X509_OBJ_EXTN_ID: