Switch ykcs11 to use private key import from libykpiv.
This commit is contained in:
+31
-8
@@ -858,6 +858,13 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
|
||||
CK_BYTE_PTR dp;
|
||||
CK_BYTE_PTR dq;
|
||||
CK_BYTE_PTR qinv;
|
||||
CK_ULONG p_len;
|
||||
CK_ULONG q_len;
|
||||
CK_ULONG dp_len;
|
||||
CK_ULONG dq_len;
|
||||
CK_ULONG qinv_len;
|
||||
CK_BYTE_PTR ec_data;
|
||||
CK_ULONG ec_data_len;
|
||||
CK_ULONG vendor_defined;
|
||||
token_vendor_t token;
|
||||
CK_BBOOL is_new;
|
||||
@@ -980,11 +987,17 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
|
||||
|
||||
// Try to parse the key as EC
|
||||
is_rsa = CK_FALSE;
|
||||
rv = check_create_ec_key(pTemplate, ulCount, &id, &value, &value_len, &vendor_defined);
|
||||
rv = check_create_ec_key(pTemplate, ulCount, &id, &ec_data, &ec_data_len, &vendor_defined);
|
||||
if (rv != CKR_OK) {
|
||||
// Try to parse the key as RSA
|
||||
is_rsa = CK_TRUE;
|
||||
rv = check_create_rsa_key(pTemplate, ulCount, &id, &p, &q, &dp, &dq, &qinv, &value_len, &vendor_defined);
|
||||
rv = check_create_rsa_key(pTemplate, ulCount, &id,
|
||||
&p, &p_len,
|
||||
&q, &q_len,
|
||||
&dp, &dp_len,
|
||||
&dq, &dq_len,
|
||||
&qinv, &qinv_len,
|
||||
&vendor_defined);
|
||||
if (rv != CKR_OK) {
|
||||
DBG("Private key template not valid");
|
||||
return rv;
|
||||
@@ -997,9 +1010,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
|
||||
|
||||
if (is_rsa == CK_TRUE) {
|
||||
DBG("Key is RSA");
|
||||
rv = token.token_import_private_key(piv_state, piv_2_ykpiv(object), p, q, dp, dq, qinv,
|
||||
NULL,
|
||||
value_len, vendor_defined);
|
||||
rv = token.token_import_private_key(piv_state, piv_2_ykpiv(object),
|
||||
p, p_len,
|
||||
q, q_len,
|
||||
dp, dp_len,
|
||||
dq, dq_len,
|
||||
qinv, qinv_len,
|
||||
NULL, 0,
|
||||
vendor_defined);
|
||||
if (rv != CKR_OK) {
|
||||
DBG("Unable to import RSA private key");
|
||||
return rv;
|
||||
@@ -1007,9 +1025,14 @@ CK_DEFINE_FUNCTION(CK_RV, C_CreateObject)(
|
||||
}
|
||||
else {
|
||||
DBG("Key is ECDSA");
|
||||
rv = token.token_import_private_key(piv_state, piv_2_ykpiv(object), NULL, NULL, NULL, NULL, NULL,
|
||||
value,
|
||||
value_len, vendor_defined);
|
||||
rv = token.token_import_private_key(piv_state, piv_2_ykpiv(object),
|
||||
NULL, 0,
|
||||
NULL, 0,
|
||||
NULL, 0,
|
||||
NULL, 0,
|
||||
NULL, 0,
|
||||
ec_data, ec_data_len,
|
||||
vendor_defined);
|
||||
if (rv != CKR_OK) {
|
||||
DBG("Unable to import ECDSA private key");
|
||||
return rv;
|
||||
|
||||
Reference in New Issue
Block a user