summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2011-06-17 20:31:58 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2011-06-17 20:39:25 +0200
commit3da801fa9301088a7bdc470e8f2a40f14199fdee (patch)
tree6a0f23f0c03eb69050d809dabb473a5f52a8af07
parent27a424cf6668b61c8c92ed88d5331b3010be3374 (diff)
downloadgnutls-3da801fa9301088a7bdc470e8f2a40f14199fdee.tar.gz
When writing an object with CKA_TRUSTED set CKA_PRIVATE explicitly to FALSE, to allow the SO to write it. Reported by Rickard Bellgrim.
Diffstat
-rw-r--r--lib/pkcs11_write.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index 15ed1322a6..3083faf8e0 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -54,11 +54,12 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
size_t der_size, id_size;
opaque *der = NULL;
opaque id[20];
- struct ck_attribute a[10];
+ struct ck_attribute a[16];
ck_object_class_t class = CKO_CERTIFICATE;
ck_certificate_type_t type = CKC_X_509;
ck_object_handle_t obj;
ck_bool_t tval = 1;
+ ck_bool_t fval = 0;
int a_val;
gnutls_datum_t subject = { NULL, 0 };
@@ -142,6 +143,7 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
a[a_val].value_len = subject.size;
a_val++;
+
if (label)
{
a[a_val].type = CKA_LABEL;
@@ -156,6 +158,11 @@ gnutls_pkcs11_copy_x509_crt (const char *token_url,
a[a_val].value = &tval;
a[a_val].value_len = sizeof (tval);
a_val++;
+
+ a[a_val].type = CKA_PRIVATE;
+ a[a_val].value = &fval;
+ a[a_val].value_len = sizeof(fval);
+ a_val++;
}
rv = pkcs11_create_object (module, pks, a, a_val, &obj);
View Lorry Controller Status