diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-01 15:55:50 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-07-01 15:59:39 +0200 |
commit | cb07d56ebe10a07bf83599d200e58259016fa18c (patch) | |
tree | 14ae1b756dde04f329a413492270467947b5865e | |
parent | 75b6ae8dbcc7b924b4027820ba2ef445effb958c (diff) | |
download | gnutls-cb07d56ebe10a07bf83599d200e58259016fa18c.tar.gz |
gnutls_pkcs11_privkey_generate2(): corrected public key extraction (for ECDSA keys)
-rw-r--r-- | lib/pkcs11_int.h | 14 | ||||
-rw-r--r-- | lib/pkcs11_privkey.c | 5 |
2 files changed, 12 insertions, 7 deletions
diff --git a/lib/pkcs11_int.h b/lib/pkcs11_int.h index 0afd7152d7..e07a400715 100644 --- a/lib/pkcs11_int.h +++ b/lib/pkcs11_int.h @@ -132,7 +132,7 @@ static inline int pk_to_mech(gnutls_pk_algorithm_t pk) return CKM_DSA; else if (pk == GNUTLS_PK_EC) return CKM_ECDSA; - else + else return CKM_RSA_PKCS; } @@ -147,14 +147,18 @@ static inline gnutls_pk_algorithm_t mech_to_pk(ck_key_type_t m) else return GNUTLS_PK_UNKNOWN; } -static inline int pk_to_genmech(gnutls_pk_algorithm_t pk) +static inline int pk_to_genmech(gnutls_pk_algorithm_t pk, ck_key_type_t *type) { - if (pk == GNUTLS_PK_DSA) + if (pk == GNUTLS_PK_DSA) { + *type = CKK_DSA; return CKM_DSA_KEY_PAIR_GEN; - else if (pk == GNUTLS_PK_EC) + } else if (pk == GNUTLS_PK_EC) { + *type = CKK_ECDSA; return CKM_ECDSA_KEY_PAIR_GEN; - else + } else { + *type = CKK_RSA; return CKM_RSA_PKCS_KEY_PAIR_GEN; + } } ck_rv_t diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c index a6f73e1e7c..20bd835b5f 100644 --- a/lib/pkcs11_privkey.c +++ b/lib/pkcs11_privkey.c @@ -638,6 +638,7 @@ gnutls_pkcs11_privkey_generate2 (const char* url, gnutls_pk_algorithm_t pk, struct ck_mechanism mech; gnutls_pubkey_t pkey = NULL; gnutls_pkcs11_obj_t obj = NULL; + ck_key_type_t key_type; memset(&sinfo, 0, sizeof(sinfo)); @@ -664,7 +665,7 @@ gnutls_pkcs11_privkey_generate2 (const char* url, gnutls_pk_algorithm_t pk, a_val = p_val = 0; mech.parameter = NULL; mech.parameter_len = 0; - mech.mechanism = pk_to_genmech(pk); + mech.mechanism = pk_to_genmech(pk, &key_type); switch(pk) { @@ -810,7 +811,7 @@ gnutls_pkcs11_privkey_generate2 (const char* url, gnutls_pk_algorithm_t pk, obj->pk_algorithm = pk; obj->type = GNUTLS_PKCS11_OBJ_PUBKEY; - ret = pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub, mech.mechanism, obj->pubkey); + ret = pkcs11_read_pubkey(sinfo.module, sinfo.pks, pub, key_type, obj->pubkey); if (ret < 0) { gnutls_assert (); |