diff --git a/lib/ykpiv.c b/lib/ykpiv.c index 1a76965..ab58f94 100644 --- a/lib/ykpiv.c +++ b/lib/ykpiv.c @@ -873,7 +873,7 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u if (key == YKPIV_KEY_CARDMGM || key < YKPIV_KEY_RETIRED1 || (key > YKPIV_KEY_RETIRED20 && key < YKPIV_KEY_AUTHENTICATION) || - key > YKPIV_KEY_CARDAUTH) { + (key > YKPIV_KEY_CARDAUTH && key != YKPIV_KEY_ATTESTATION)) { return YKPIV_KEY_ERROR; } diff --git a/lib/ykpiv.h b/lib/ykpiv.h index 9670dee..f567d0e 100644 --- a/lib/ykpiv.h +++ b/lib/ykpiv.h @@ -141,6 +141,7 @@ extern "C" #define YKPIV_KEY_RETIRED18 0x93 #define YKPIV_KEY_RETIRED19 0x94 #define YKPIV_KEY_RETIRED20 0x95 +#define YKPIV_KEY_ATTESTATION 0xf9 #define YKPIV_OBJ_CAPABILITY 0x5fc107 #define YKPIV_OBJ_CHUID 0x5fc102