diff options
| author | Tobias Brunner <tobias@strongswan.org> | 2011-11-01 11:05:49 +0100 |
|---|---|---|
| committer | Tobias Brunner <tobias@strongswan.org> | 2011-11-02 20:27:54 +0100 |
| commit | cf9d45ea08ca541e7b163ffd7c6daa3769785e48 (patch) | |
| tree | 6b68c95597352b697cbb15ed482ce60193decfd3 | |
| parent | 74d165a94b1bfd572d1373766eebde50d12a066e (diff) | |
| download | strongswan-cf9d45ea08ca541e7b163ffd7c6daa3769785e48.tar.bz2 strongswan-cf9d45ea08ca541e7b163ffd7c6daa3769785e48.tar.xz | |
pkcs11: Add attributes to specify what we use the DH/ECDH keys for.
| -rw-r--r-- | src/libstrongswan/plugins/pkcs11/pkcs11_dh.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c index e7cc22234..f3fc0303d 100644 --- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c +++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c @@ -220,12 +220,15 @@ static bool generate_key_pair(private_pkcs11_dh_t *this, CK_ATTRIBUTE_PTR pub, static bool generate_key_pair_modp(private_pkcs11_dh_t *this, size_t exp_len, chunk_t g, chunk_t p) { + CK_BBOOL ck_true = CK_TRUE; CK_ATTRIBUTE pub_attr[] = { + { CKA_DERIVE, &ck_true, sizeof(ck_true) }, { CKA_PRIME, p.ptr, p.len }, { CKA_BASE, g.ptr, g.len }, }; CK_ULONG bits = exp_len * 8; CK_ATTRIBUTE pri_attr[] = { + { CKA_DERIVE, &ck_true, sizeof(ck_true) }, { CKA_VALUE_BITS, &bits, sizeof(bits) }, }; return generate_key_pair(this, pub_attr, countof(pub_attr), pri_attr, @@ -238,11 +241,16 @@ static bool generate_key_pair_modp(private_pkcs11_dh_t *this, size_t exp_len, static bool generate_key_pair_ecp(private_pkcs11_dh_t *this, chunk_t ecparams) { + CK_BBOOL ck_true = CK_TRUE; CK_ATTRIBUTE pub_attr[] = { + { CKA_DERIVE, &ck_true, sizeof(ck_true) }, { CKA_EC_PARAMS, ecparams.ptr, ecparams.len }, }; - if (!generate_key_pair(this, pub_attr, countof(pub_attr), NULL, 0, - CKA_EC_POINT)) + CK_ATTRIBUTE pri_attr[] = { + { CKA_DERIVE, &ck_true, sizeof(ck_true) }, + }; + if (!generate_key_pair(this, pub_attr, countof(pub_attr), pri_attr, + countof(pri_attr), CKA_EC_POINT)) { return FALSE; } |