diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-05-07 11:44:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2011-05-07 12:48:04 +0200 |
commit | b705430a0ad51fcbc48252f439b346de85636e9c (patch) | |
tree | 71ee744e258fa07c89b82e18c1f5cacb16a27789 /lib | |
parent | e13d76f950064d753bb3b8c56aada70bb1ca3686 (diff) | |
download | gnutls-b705430a0ad51fcbc48252f439b346de85636e9c.tar.gz |
gnutls_pkcs11_privkey_import_url() will correctly set algorithm of private key.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/pkcs11_privkey.c | 42 |
1 files changed, 38 insertions, 4 deletions
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c index cf02a24778..e0f7675b86 100644 --- a/lib/pkcs11_privkey.c +++ b/lib/pkcs11_privkey.c @@ -1,6 +1,6 @@ /* * GnuTLS PKCS#11 support - * Copyright (C) 2010 Free Software Foundation + * Copyright (C) 2010,2011 Free Software Foundation * * Author: Nikos Mavrogiannopoulos * @@ -122,8 +122,11 @@ gnutls_pkcs11_privkey_get_info (gnutls_pkcs11_privkey_t pkey, ret = pkcs11_find_object (&pks, &obj, &key->info, \ SESSION_LOGIN); \ if (ret < 0) { \ - rret = token_func(token_data, key->info.token, retries++); \ - if (rret == 0) continue; \ + if (token_func) \ + { \ + rret = token_func(token_data, key->info.token, retries++); \ + if (rret == 0) continue; \ + } \ gnutls_assert(); \ return ret; \ } \ @@ -221,6 +224,10 @@ gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, const char *url, unsigned int flags) { int ret; + pakchois_session_t *pks; + ck_object_handle_t obj; + struct ck_attribute a[4]; + ck_key_type_t key_type; ret = pkcs11_url_to_info (url, &pkey->info); if (ret < 0) @@ -243,7 +250,34 @@ gnutls_pkcs11_privkey_import_url (gnutls_pkcs11_privkey_t pkey, return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; } - return 0; + FIND_OBJECT (pks, obj, pkey); + a[0].type = CKA_KEY_TYPE; + a[0].value = &key_type; + a[0].value_len = sizeof (key_type); + + if (pakchois_get_attribute_value (pks, obj, a, 1) == CKR_OK) + { + switch (key_type) + { + case CKK_RSA: + pkey->pk_algorithm = GNUTLS_PK_RSA; + break; + case CKK_DSA: + pkey->pk_algorithm = GNUTLS_PK_DSA; + break; + default: + _gnutls_debug_log("Cannot determine PKCS #11 key algorithm\n"); + ret = GNUTLS_E_UNKNOWN_ALGORITHM; + goto cleanup; + } + } + + ret = 0; + +cleanup: + pakchois_close_session (pks); + + return ret; } /*- |