From: Tobias Brunner <tobias@strongswan.org>
Date: Tue, 25 Oct 2011 16:23:59 +0000 (+0200)
Subject: pkcs11: Specify object class and key type when deriving DH secrets.
X-Git-Tag: 4.6.0~56
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7c78a6e631cef242a2f5d718aa2040b5396625bb;p=thirdparty%2Fstrongswan.git

pkcs11: Specify object class and key type when deriving DH secrets.

pkcs11_softtoken on OpenSolaris requires this (probably others too).
---

diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
index fc8a334871..a447eb6b58 100644
--- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
@@ -93,7 +93,11 @@ static bool get_cka_value(private_pkcs11_dh_t *this, CK_OBJECT_HANDLE obj,
 METHOD(diffie_hellman_t, set_other_public_value, void,
 	private_pkcs11_dh_t *this, chunk_t value)
 {
+	CK_OBJECT_CLASS klass = CKO_SECRET_KEY;
+	CK_KEY_TYPE type = CKK_GENERIC_SECRET;
 	CK_ATTRIBUTE attr[] = {
+		{ CKA_CLASS, &klass, sizeof(klass) },
+		{ CKA_KEY_TYPE, &type, sizeof(type) },
 	};
 	CK_MECHANISM mech = {
 		CKM_DH_PKCS_DERIVE,