From e0d1f791a33c3bf3f164b8c5abbd87a87d376471 Mon Sep 17 00:00:00 2001 From: Mattes D Date: Tue, 19 Sep 2017 18:28:51 +0200 Subject: Fixed webadmin certificate reading. --- src/mbedTLS++/CryptoKey.cpp | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/mbedTLS++/CryptoKey.cpp') diff --git a/src/mbedTLS++/CryptoKey.cpp b/src/mbedTLS++/CryptoKey.cpp index d9069e4e6..6615991d6 100644 --- a/src/mbedTLS++/CryptoKey.cpp +++ b/src/mbedTLS++/CryptoKey.cpp @@ -120,16 +120,19 @@ int cCryptoKey::ParsePublic(const void * a_Data, size_t a_NumBytes) int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password) { ASSERT(!IsValid()); // Cannot parse a second key + // mbedTLS requires that PEM-encoded data is passed including the terminating NUL byte, + // and DER-encoded data is decoded properly even with an extra trailing NUL byte, so we simply add one to everything: + AString keyData(reinterpret_cast(a_Data), a_NumBytes); if (a_Password.empty()) { - return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast(a_Data), a_NumBytes, nullptr, 0); + return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast(keyData.data()), a_NumBytes + 1, nullptr, 0); } else { return mbedtls_pk_parse_key( &m_Pk, - reinterpret_cast(a_Data), a_NumBytes, + reinterpret_cast(keyData.data()), a_NumBytes + 1, reinterpret_cast(a_Password.c_str()), a_Password.size() ); } -- cgit v1.2.3