diff options
Diffstat (limited to 'src/libcharon')
| -rw-r--r-- | src/libcharon/plugins/stroke/stroke_cred.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/libcharon/plugins/stroke/stroke_cred.c b/src/libcharon/plugins/stroke/stroke_cred.c index eda746f7e..6c47a7b06 100644 --- a/src/libcharon/plugins/stroke/stroke_cred.c +++ b/src/libcharon/plugins/stroke/stroke_cred.c @@ -291,17 +291,24 @@ METHOD(stroke_cred_t, load_pubkey, certificate_t*, } else if (strncaseeq(filename, "0x", 2) || strncaseeq(filename, "0s", 2)) { - chunk_t printable_key, rfc3110_key; + chunk_t printable_key, raw_key; public_key_t *key; printable_key = chunk_create(filename + 2, strlen(filename) - 2); - rfc3110_key = strncaseeq(filename, "0x", 2) ? + raw_key = strncaseeq(filename, "0x", 2) ? chunk_from_hex(printable_key, NULL) : chunk_from_base64(printable_key, NULL); - key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, - BUILD_BLOB_DNSKEY, rfc3110_key, + key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, + BUILD_BLOB_ASN1_DER, raw_key, BUILD_END); - free(rfc3110_key.ptr); + if (!key) + { /* try RFC 3110 format (as it accepts nearly any blob, the above has + * to be tried first) */ + key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, + BUILD_BLOB_DNSKEY, raw_key, + BUILD_END); + } + chunk_free(&raw_key); if (key) { cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, |