diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-03-26 16:21:28 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-03-26 16:21:53 +0100 |
commit | d0d3cb89a949d629016429ccf897dc4b90ef770e (patch) | |
tree | 0c19492da8f6d37fb7fb6dd98ffceb97e10fe213 | |
parent | 560c727fabce611e90b6b3265710ab19382b6359 (diff) | |
download | gnutls-d0d3cb89a949d629016429ccf897dc4b90ef770e.tar.gz |
pkcs11: set the CKA_SIGN and CKA_DECRYPT flags when writing a private key
-rw-r--r-- | lib/pkcs11_write.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c index 34ff41c004..9630675a5b 100644 --- a/lib/pkcs11_write.c +++ b/lib/pkcs11_write.c @@ -282,6 +282,8 @@ gnutls_pkcs11_copy_x509_privkey(const char *token_url, return ret; } + pk = gnutls_x509_privkey_get_pk_algorithm(key); + /* FIXME: copy key usage flags */ a_val = 0; a[a_val].type = CKA_CLASS; @@ -294,6 +296,18 @@ gnutls_pkcs11_copy_x509_privkey(const char *token_url, a[a_val].value_len = id_size; a_val++; + a[a_val].type = CKA_SIGN; + a[a_val].value = (void*)&tval; + a[a_val].value_len = sizeof(tval); + a_val++; + + if (pk == GNUTLS_PK_RSA) { + a[a_val].type = CKA_DECRYPT; + a[a_val].value = (void*)&tval; + a[a_val].value_len = sizeof(tval); + a_val++; + } + a[a_val].type = CKA_KEY_TYPE; a[a_val].value = &type; a[a_val].value_len = sizeof(type); @@ -338,7 +352,6 @@ gnutls_pkcs11_copy_x509_privkey(const char *token_url, a_val++; } - pk = gnutls_x509_privkey_get_pk_algorithm(key); switch (pk) { case GNUTLS_PK_RSA: { |