diff options
author | Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com> | 2014-08-04 15:32:53 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-08-06 14:47:46 +0200 |
commit | 19cf9366c174bddaf3a9cbdfd15bdd90ab12e3ca (patch) | |
tree | 454d7b3e49307cdd950ede026b9a1cfc9b736e07 /lib/pkcs11_privkey.c | |
parent | bd186af143f9df4610b7fcc4bbb3bbf83bd282b3 (diff) | |
download | gnutls-19cf9366c174bddaf3a9cbdfd15bdd90ab12e3ca.tar.gz |
improve compatibility in pkcs11 key generation
* add key wrap/unwrap key usage
* explicitly set public exponent in template
Signed-off-by: Wolfgang Meyer zu Bergsten <w.bergsten@sirrix.com>
Diffstat (limited to 'lib/pkcs11_privkey.c')
-rw-r--r-- | lib/pkcs11_privkey.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c index a9c473e711..5575efc016 100644 --- a/lib/pkcs11_privkey.c +++ b/lib/pkcs11_privkey.c @@ -655,6 +655,7 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk, gnutls_pkcs11_obj_t obj = NULL; gnutls_datum_t der = {NULL, 0}; ck_key_type_t key_type; + char pubEx[3] = { 1,0,1 }; // 65537 = 0x10001 PKCS11_CHECK_INIT; @@ -710,6 +711,12 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk, a[a_val].value = &_bits; a[a_val].value_len = sizeof(_bits); a_val++; + + a[a_val].type = CKA_PUBLIC_EXPONENT; + a[a_val].value = pubEx; + a[a_val].value_len = sizeof(pubEx); + a_val++; + break; case GNUTLS_PK_DSA: p[p_val].type = CKA_SIGN; @@ -760,6 +767,20 @@ gnutls_pkcs11_privkey_generate2(const char *url, gnutls_pk_algorithm_t pk, goto cleanup; } + /* + * on request, add the CKA_WRAP/CKA_UNWRAP key attribute + */ + if (flags & GNUTLS_PKCS11_OBJ_FLAG_KEY_WRAP) { + p[p_val].type = CKA_UNWRAP; + p[p_val].value = (void*)&tval; + p[p_val].value_len = sizeof(tval); + p_val++; + a[a_val].type = CKA_WRAP; + a[a_val].value = (void*)&tval; + a[a_val].value_len = sizeof(tval); + a_val++; + } + /* a private key is set always as private unless * requested otherwise */ |