From daa157f872343552e7990a94ae0a71f4fc71aab9 Mon Sep 17 00:00:00 2001
From: Sergio Benitez <sb@sergio.bz>
Date: Thu, 23 Mar 2023 12:11:03 -0700
Subject: [PATCH] Ignore data before TLS key encapsulation boundary.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Resolves #2281.

Co-authored-by: Julian Büttner <me@julianbuettner.dev>
---
 core/http/src/tls/util.rs               | 19 ++++++++++++-------
 examples/tls/private/rsa_sha256_key.pem |  2 ++
 2 files changed, 14 insertions(+), 7 deletions(-)

diff --git a/core/http/src/tls/util.rs b/core/http/src/tls/util.rs
index 5f9f8832..a751ea18 100644
--- a/core/http/src/tls/util.rs
+++ b/core/http/src/tls/util.rs
@@ -16,16 +16,21 @@ pub fn load_certs(reader: &mut dyn io::BufRead) -> io::Result<Vec<Certificate>>
 pub fn load_private_key(reader: &mut dyn io::BufRead) -> io::Result<PrivateKey> {
     // "rsa" (PKCS1) PEM files have a different first-line header than PKCS8
     // PEM files, use that to determine the parse function to use.
-    let mut first_line = String::new();
-    reader.read_line(&mut first_line)?;
+    let mut header = String::new();
+    let private_keys_fn = loop {
+        header.clear();
+        if reader.read_line(&mut header)? == 0 {
+            return Err(err("failed to find key header; supported formats are: RSA, PKCS8"));
+        }
 
-    let private_keys_fn = match first_line.trim_end() {
-        "-----BEGIN RSA PRIVATE KEY-----" => rustls_pemfile::rsa_private_keys,
-        "-----BEGIN PRIVATE KEY-----" => rustls_pemfile::pkcs8_private_keys,
-        _ => return Err(err("invalid key header; supported formats are: RSA, PKCS8"))
+        break match header.trim_end() {
+            "-----BEGIN RSA PRIVATE KEY-----" => rustls_pemfile::rsa_private_keys,
+            "-----BEGIN PRIVATE KEY-----" => rustls_pemfile::pkcs8_private_keys,
+            _ => continue,
+        };
     };
 
-    let key = private_keys_fn(&mut Cursor::new(first_line).chain(reader))
+    let key = private_keys_fn(&mut Cursor::new(header).chain(reader))
         .map_err(|_| err("invalid key file"))
         .and_then(|mut keys| match keys.len() {
             0 => Err(err("no valid keys found; is the file malformed?")),
diff --git a/examples/tls/private/rsa_sha256_key.pem b/examples/tls/private/rsa_sha256_key.pem
index bf953e6b..a04af874 100644
--- a/examples/tls/private/rsa_sha256_key.pem
+++ b/examples/tls/private/rsa_sha256_key.pem
@@ -1,3 +1,5 @@
+# COMMENTARY
+
 -----BEGIN PRIVATE KEY-----
 MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDHZ4WW3kg1XXYi
 gzn/mV45QoaYLIiIs35Ryx7uLFqG92a8FgYiAqNn3s02aI3LxWjCaKKI5UoRDbiy