Add retired key definitions to libykpiv.

Include retired keys in import_key's check.
This commit is contained in:
Alessio Di Mauro
2015-11-20 15:38:11 +01:00
parent 3b81112aeb
commit 4849e494be
3 changed files with 26 additions and 5 deletions
+4 -4
View File
@@ -808,10 +808,10 @@ ykpiv_rc ykpiv_import_private_key(ykpiv_state *state, const unsigned char key, u
if (state == NULL)
return YKPIV_GENERIC_ERROR;
if (key != YKPIV_KEY_AUTHENTICATION &&
key != YKPIV_KEY_SIGNATURE &&
key != YKPIV_KEY_KEYMGM &&
key != YKPIV_KEY_CARDAUTH) {
if (key == YKPIV_KEY_CARDMGM ||
key < YKPIV_KEY_RETIRED1 ||
(key > YKPIV_KEY_RETIRED20 && key < YKPIV_KEY_AUTHENTICATION) ||
key > YKPIV_KEY_CARDAUTH) {
return YKPIV_KEY_ERROR;
}