YKCS11: accept EC keys that are 1 byte shorter.

This commit is contained in:
Alessio Di Mauro
2015-11-09 14:40:34 +01:00
parent 55351c0dc1
commit b11dcfd14b
+5 -4
View File
@@ -1150,11 +1150,12 @@ CK_RV check_create_ec_key(CK_ATTRIBUTE_PTR templ, CK_ULONG n, CK_BYTE_PTR id,
has_params == CK_FALSE)
return CKR_TEMPLATE_INCOMPLETE;
if (*value_len != 32)
if (*value_len == 32 || *value_len == 31) {
if (ec_params_len != 10 || memcmp(ec_params, PRIME256V1, ec_params_len) != 0)
return CKR_ATTRIBUTE_VALUE_INVALID;
}
else /*if () TODO: P384*/
return CKR_ATTRIBUTE_VALUE_INVALID;
if (*value_len == 32 && (ec_params_len != 10 || memcmp(ec_params, PRIME256V1, ec_params_len)) != 0)
return CKR_TEMPLATE_INCONSISTENT;
return CKR_OK;
}