feedc0de/wolfssl
1
0
Fork 0
forked from wolfSSL/wolfssl
Code Pull Requests Activity

PKCS#11: compile time check in finding keys

Browse Source 
When WC_PKCS11_FIND_WITH_ID_ONLY defined, don't add key class and
type to attributes of search for by Id.
This commit is contained in:
Sean Parkinson
2022-11-01 10:29:10 +10:00
parent 502a395723
commit ae22babf8b
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
wolfcrypt/src/wc_pkcs11.c
View File

@@ -1464,8 +1464,10 @@ static int Pkcs11FindKeyById(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass,
int ret = 0; int ret = 0;
CK_ULONG count; CK_ULONG count;
CK_ATTRIBUTE keyTemplate[] = { CK_ATTRIBUTE keyTemplate[] = {
#ifndef WC_PKCS11_FIND_WITH_ID_ONLY
{ CKA_CLASS, &keyClass, sizeof(keyClass) }, { CKA_CLASS, &keyClass, sizeof(keyClass) },
{ CKA_KEY_TYPE, &keyType, sizeof(keyType) }, { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
#endif
{ CKA_ID, id, (CK_ULONG)idLen } { CKA_ID, id, (CK_ULONG)idLen }
}; };
CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate); CK_ULONG keyTmplCnt = sizeof(keyTemplate) / sizeof(*keyTemplate);