diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-06-17 20:31:58 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-06-17 20:31:58 +0200 |
commit | f6010587f6f766199849eb58d95a5148ad5ce79f (patch) | |
tree | 6581997f64c1c9ec8840c2f8115b9264e3433c0d | |
parent | f750c4949f085735e840e065a8eec7a42d7190c8 (diff) | |
download | gnutls-f6010587f6f766199849eb58d95a5148ad5ce79f.tar.gz |
When writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to FALSE, to allow the SO to write it. Reported by Rickard Bellgrim.
-rw-r--r-- | lib/pkcs11_write.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index e9b5f404ce..823b715e25 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -53,11 +53,12 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, size_t der_size, id_size; opaque *der = NULL; opaque id[20]; - struct ck_attribute a[10]; + struct ck_attribute a[16]; ck_object_class_t class = CKO_CERTIFICATE; ck_certificate_type_t type = CKC_X_509; ck_object_handle_t obj; ck_bool_t tval = 1; + ck_bool_t fval = 0; int a_val; gnutls_datum_t subject = { NULL, 0 }; @@ -139,6 +140,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, a[a_val].value_len = subject.size; a_val++; + if (label) { a[a_val].type = CKA_LABEL; @@ -153,6 +155,11 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url, a[a_val].value = &tval; a[a_val].value_len = sizeof (tval); a_val++; + + a[a_val].type = CKA_PRIVATE; + a[a_val].value = &fval; + a[a_val].value_len = sizeof(fval); + a_val++; } rv = pakchois_create_object (pks, a, a_val, &obj); |