[pkg-opensc-commit] [opensc] 232/295: pkcs11-tool: Set CKA_PRIVATE=false for new public keys
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:35 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit c496af17d49606d5e3277595dad58ef24a822a30
Author: Jakub Jelen <jjelen at redhat.com>
Date: Thu Apr 13 11:35:54 2017 +0200
pkcs11-tool: Set CKA_PRIVATE=false for new public keys
Keygen should write public keys with explicit CKA_PRIVATE=false by default (possibility to modify by --private switch)
Related to 4df35b92 discussing writing separate objects years ago.
---
src/tools/pkcs11-tool.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index 555029d..169ee8a 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -1721,6 +1721,7 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
CK_ULONG modulusBits = 1024;
CK_BYTE publicExponent[] = { 0x01, 0x00, 0x01 }; /* 65537 in bytes */
CK_BBOOL _true = TRUE;
+ CK_BBOOL _false = FALSE;
CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY;
CK_OBJECT_CLASS privkey_class = CKO_PRIVATE_KEY;
CK_ATTRIBUTE publicKeyTemplate[20] = {
@@ -1849,6 +1850,17 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
n_privkey_attr++;
}
+ if (opt_is_private != 0) {
+ FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_PRIVATE,
+ &_true, sizeof(_true));
+ n_pubkey_attr++;
+ }
+ else {
+ FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_PRIVATE,
+ &_false, sizeof(_false));
+ n_pubkey_attr++;
+ }
+
rv = p11->C_GenerateKeyPair(session, &mechanism,
publicKeyTemplate, n_pubkey_attr,
privateKeyTemplate, n_privkey_attr,
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list