Add retired key definitions to libykpiv.
Include retired keys in import_key's check.
This commit is contained in:
+4
-4
@@ -808,10 +808,10 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
|
||||
if (state == NULL)
|
||||
return YKPIV_GENERIC_ERROR;
|
||||
|
||||
if (key != YKPIV_KEY_AUTHENTICATION &&
|
||||
key != YKPIV_KEY_SIGNATURE &&
|
||||
key != YKPIV_KEY_KEYMGM &&
|
||||
key != YKPIV_KEY_CARDAUTH) {
|
||||
if (key == YKPIV_KEY_CARDMGM ||
|
||||
key < YKPIV_KEY_RETIRED1 ||
|
||||
(key > YKPIV_KEY_RETIRED20 && key < YKPIV_KEY_AUTHENTICATION) ||
|
||||
key > YKPIV_KEY_CARDAUTH) {
|
||||
return YKPIV_KEY_ERROR;
|
||||
}
|
||||
|
||||
|
||||
+20
@@ -111,6 +111,26 @@ extern "C"
|
||||
#define YKPIV_KEY_SIGNATURE 0x9c
|
||||
#define YKPIV_KEY_KEYMGM 0x9d
|
||||
#define YKPIV_KEY_CARDAUTH 0x9e
|
||||
#define YKPIV_KEY_RETIRED1 0x82
|
||||
#define YKPIV_KEY_RETIRED2 0x83
|
||||
#define YKPIV_KEY_RETIRED3 0x84
|
||||
#define YKPIV_KEY_RETIRED4 0x85
|
||||
#define YKPIV_KEY_RETIRED5 0x86
|
||||
#define YKPIV_KEY_RETIRED6 0x87
|
||||
#define YKPIV_KEY_RETIRED7 0x88
|
||||
#define YKPIV_KEY_RETIRED8 0x89
|
||||
#define YKPIV_KEY_RETIRED9 0x8a
|
||||
#define YKPIV_KEY_RETIRED10 0x8b
|
||||
#define YKPIV_KEY_RETIRED11 0x8c
|
||||
#define YKPIV_KEY_RETIRED12 0x8d
|
||||
#define YKPIV_KEY_RETIRED13 0x8e
|
||||
#define YKPIV_KEY_RETIRED14 0x8f
|
||||
#define YKPIV_KEY_RETIRED15 0x90
|
||||
#define YKPIV_KEY_RETIRED16 0x91
|
||||
#define YKPIV_KEY_RETIRED17 0x92
|
||||
#define YKPIV_KEY_RETIRED18 0x93
|
||||
#define YKPIV_KEY_RETIRED19 0x94
|
||||
#define YKPIV_KEY_RETIRED20 0x95
|
||||
|
||||
#define YKPIV_OBJ_CAPABILITY 0x5fc107
|
||||
#define YKPIV_OBJ_CHUID 0x5fc102
|
||||
|
||||
Reference in New Issue
Block a user