Only strip pkcs8 header for Private Keys (Fixes Issue Kitura#85)

* Also address build warning about an unused variable
LowAmmo · Feb 5, 2025 · 0eb3c15 · 0eb3c15
1 parent b70be8c
commit 0eb3c15
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 5 deletions.
diff --git a/Sources/CryptorRSA/CryptorRSAKey.swift b/Sources/CryptorRSA/CryptorRSAKey.swift
@@ -659,7 +659,7 @@ extension CryptorRSA {
 				let base64Data = Data(base64Encoded: base64String) {
 				data = base64Data
 			}
-			data = try CryptorRSA.stripX509CertificateHeader(for: data)
+			data = try CryptorRSA.stripX509CertificateHeader(for: data, type: type)
 			self.pemString = CryptorRSA.convertDerToPem(from: data, type: type)
 			self.type = type            
             reference = try CryptorRSA.createKey(from: data, type: type)
@@ -777,7 +777,7 @@ extension CryptorRSA {
 					guard let derData = Data(base64Encoded: derString) else {
 						throw Error(code: ERR_INIT_PK, reason: "Couldn't read PEM String")
 					}
-					let strippedDer = try CryptorRSA.stripX509CertificateHeader(for: derData)
+					let strippedDer = try CryptorRSA.stripX509CertificateHeader(for: derData, type: keyType)
 					let pkcs1PEM = CryptorRSA.convertDerToPem(from: strippedDer, type: keyType)
 					return pkcs1PEM
 				}

diff --git a/Sources/CryptorRSA/CryptorRSAUtilities.swift b/Sources/CryptorRSA/CryptorRSAUtilities.swift
@@ -219,10 +219,10 @@ public extension CryptorRSA {
 	///
 	/// - Returns:					`Data` containing the public with header (if present) removed.
 	///
-	static func stripX509CertificateHeader(for keyData: Data) throws -> Data {
+	static func stripX509CertificateHeader(for keyData: Data, type: CryptorRSA.RSAKey.KeyType) throws -> Data {
 
 		// If private key in pkcs8 format, strip the header
-		if keyData[26] == 0x30 {
+        if keyData[26] == 0x30 && type == .privateType {
 			return(keyData.advanced(by: 26))
 		}
 

diff --git a/Tests/CryptorRSATests/CryptorRSATests.swift b/Tests/CryptorRSATests/CryptorRSATests.swift
@@ -807,7 +807,7 @@ AqJRAgMBAAE=
 		let data1 = Data(base64Encoded: pemString) ?? Data()
 		print("data1 count=\(data1.count)")
 		do {
-			let pubKey = try CryptorRSA.createPublicKey(withPEM: pemString)
+			let _ = try CryptorRSA.createPublicKey(withPEM: pemString)
 			print("pemString1 successful")
 		} catch {
 			XCTFail("Error creating public key from pemString: \(error)")