diff --git a/libnm-util/crypto.c b/libnm-util/crypto.c index ffb3cbdd8e..991b3c3e47 100644 --- a/libnm-util/crypto.c +++ b/libnm-util/crypto.c @@ -585,14 +585,19 @@ crypto_load_and_verify_certificate (const char *file, return contents; } - array = extract_pem_cert_data (contents, error); - if (!array) { - g_byte_array_free (contents, TRUE); - return NULL; - } + /* Check for plain DER format */ + if (contents->len > 2 && contents->data[0] == 0x30 && contents->data[1] == 0x82) { + *out_file_format = crypto_verify_cert (contents->data, contents->len, error); + } else { + array = extract_pem_cert_data (contents, error); + if (!array) { + g_byte_array_free (contents, TRUE); + return NULL; + } - *out_file_format = crypto_verify_cert (array->data, array->len, error); - g_byte_array_free (array, TRUE); + *out_file_format = crypto_verify_cert (array->data, array->len, error); + g_byte_array_free (array, TRUE); + } if (*out_file_format != NM_CRYPTO_FILE_FORMAT_X509) { g_byte_array_free (contents, TRUE); diff --git a/libnm-util/tests/Makefile.am b/libnm-util/tests/Makefile.am index 4e2a8a78e1..daf4d688e2 100644 --- a/libnm-util/tests/Makefile.am +++ b/libnm-util/tests/Makefile.am @@ -93,6 +93,9 @@ check-local: test-settings-defaults test-crypto test-secrets # Another CA certificate $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test2_ca_cert.pem +# Normal CA certificate (DER format) + $(abs_builddir)/test-crypto --cert $(srcdir)/certs/test_ca_cert.der + # CA certificate without an ending newline $(abs_builddir)/test-crypto --cert $(srcdir)/certs/ca-no-ending-newline.pem diff --git a/libnm-util/tests/certs/Makefile.am b/libnm-util/tests/certs/Makefile.am index 4cd8a24bc6..02d5a5f526 100644 --- a/libnm-util/tests/certs/Makefile.am +++ b/libnm-util/tests/certs/Makefile.am @@ -9,6 +9,7 @@ EXTRA_DIST = \ test_ca_cert.pem \ + test_ca_cert.der \ test_key_and_cert.pem \ test-cert.p12 \ test2_ca_cert.pem \ diff --git a/libnm-util/tests/certs/test_ca_cert.der b/libnm-util/tests/certs/test_ca_cert.der new file mode 100644 index 0000000000..e844f65b2c Binary files /dev/null and b/libnm-util/tests/certs/test_ca_cert.der differ