Fixing Identity::from_pem which was failing when there was a PKCS1 RSA private key but not PKCS8 key (#458)

2019-02-16 20:30:18 +00:00
parent e49f5ee404
commit f96f9454fd
1 changed files with 18 additions and 0 deletions
--- a/src/tls.rs
+++ b/src/tls.rs
@@ -187,6 +187,13 @@ impl Identity {
                .map_err(|_| TLSError::General(String::from("No valid certificate was found"))));
            pem.set_position(0);
            let mut sk = try_!(pemfile::pkcs8_private_keys(&mut pem)
+                .and_then(|pkcs8_keys| {
+                    if pkcs8_keys.is_empty() {
+                        Err(())
+                    } else {
+                        Ok(pkcs8_keys)
+                    }
+                })
                .or_else(|_| {
                    pem.set_position(0);
                    pemfile::rsa_private_keys(&mut pem)
@@ -312,4 +319,15 @@ mod tests {
    fn identity_from_pem_invalid() {
        Identity::from_pem(b"not pem").unwrap_err();
    }
+
+    #[cfg(feature = "rustls-tls")]
+    #[test]
+    fn identity_from_pem_pkcs1_key() {
+        let pem = b"-----BEGIN CERTIFICATE-----\n\
+            -----END CERTIFICATE-----\n\
+            -----BEGIN RSA PRIVATE KEY-----\n\
+            -----END RSA PRIVATE KEY-----\n";
+
+        Identity::from_pem(pem).unwrap();
+    }
 }