aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/libstrongswan/plugins/openssl/openssl_x509.c16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/libstrongswan/plugins/openssl/openssl_x509.c b/src/libstrongswan/plugins/openssl/openssl_x509.c
index 451510584..05b3c63ec 100644
--- a/src/libstrongswan/plugins/openssl/openssl_x509.c
+++ b/src/libstrongswan/plugins/openssl/openssl_x509.c
@@ -666,10 +666,18 @@ static bool parse_authKeyIdentifier_ext(private_openssl_x509_t *this,
static bool parse_subjectKeyIdentifier_ext(private_openssl_x509_t *this,
X509_EXTENSION *ext)
{
- free(this->subjectKeyIdentifier.ptr);
- this->subjectKeyIdentifier = chunk_clone(openssl_asn1_str2chunk(
- X509_EXTENSION_get_data(ext)));
- return TRUE;
+ chunk_t ostr;
+
+ ostr = openssl_asn1_str2chunk(X509_EXTENSION_get_data(ext));
+ /* quick and dirty unwrap of octet string */
+ if (ostr.len > 2 &&
+ ostr.ptr[0] == V_ASN1_OCTET_STRING && ostr.ptr[1] == ostr.len - 2)
+ {
+ free(this->subjectKeyIdentifier.ptr);
+ this->subjectKeyIdentifier = chunk_clone(chunk_skip(ostr, 2));
+ return TRUE;
+ }
+ return FALSE;
}
/**
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-15 02:29:22 +0000