]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
projects / thirdparty / gnutls.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e6e6dde)
gnutls_pkcs11_privkey_generate2(): corrected public key extraction (for ECDSA keys)
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 1 Jul 2014 13:17:38 +0000 (15:17 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 1 Jul 2014 13:45:28 +0000 (15:45 +0200)
lib/pkcs11.c patch | blob | blame | history
lib/pkcs11_int.h patch | blob | blame | history
lib/pkcs11_privkey.c patch | blob | blame | history

diff --git a/lib/pkcs11.c b/lib/pkcs11.c
index 38630839b65f74833d9ee1a3f18b6909f392ab75..c4b84cde92c801b0161264b66ecb99afb2f4b8f7 100644 (file)
--- a/lib/pkcs11.c
+++ b/lib/pkcs11.c
@@ -1393,6 +1393,7 @@ int pkcs11_read_pubkey(struct ck_function_list *module,
 
                break;
        default:
+               _gnutls_debug_log("requested reading public key of unsupported type %u\n", (unsigned)key_type);
                ret = gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
                goto cleanup;
        }
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h
index f94473e26cb77c1837bd8435c958e4bb55d08b57..478b63627e0f37a28c14dcde69632e83e3e01a33 100644 (file)
--- a/lib/pkcs11_int.h
+++ b/lib/pkcs11_int.h
@@ -162,14 +162,18 @@ static inline gnutls_pk_algorithm_t mech_to_pk(ck_key_type_t m)
                return GNUTLS_PK_UNKNOWN;
 }
 
-static inline int pk_to_genmech(gnutls_pk_algorithm_t pk)
+static inline int pk_to_genmech(gnutls_pk_algorithm_t pk, ck_key_type_t *type)
 {
-       if (pk == GNUTLS_PK_DSA)
+       if (pk == GNUTLS_PK_DSA) {
+               *type = CKK_DSA;
                return CKM_DSA_KEY_PAIR_GEN;
-       else if (pk == GNUTLS_PK_EC)
+       } else if (pk == GNUTLS_PK_EC) {
+               *type = CKK_ECDSA;
                return CKM_ECDSA_KEY_PAIR_GEN;
-       else
+       } else {
+               *type = CKK_RSA;
                return CKM_RSA_PKCS_KEY_PAIR_GEN;
+       }
 }
 
 ck_rv_t
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index 1a3ee22c6afd7fd037c473cb8b4a0e0f5766cb2c..fcdae3551afc42b9cfcef1833bdd4c4b9f1c34f6 100644 (file)
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -621,6 +621,7 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
        struct ck_mechanism mech;
        gnutls_pubkey_t pkey = NULL;
        gnutls_pkcs11_obj_t obj = NULL;
+       ck_key_type_t key_type;
 
        PKCS11_CHECK_INIT;
 
@@ -648,7 +649,7 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
        a_val = p_val = 0;
        mech.parameter = NULL;
        mech.parameter_len = 0;
-       mech.mechanism = pk_to_genmech(pk);
+       mech.mechanism = pk_to_genmech(pk, &key_type);
 
        switch (pk) {
        case GNUTLS_PK_RSA:
@@ -785,7 +786,7 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk,
                obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
                ret =
                    pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub,
-                                      mech.mechanism, obj->pubkey);
+                                      key_type, obj->pubkey);
                if (ret < 0) {
                        gnutls_assert();
                        goto cleanup;
Mirror of https://gitlab.com/gnutls/gnutls.git