diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c index fb786b0c..6b4eec3b 100644 --- a/src/tools/pkcs11-tool.c +++ b/src/tools/pkcs11-tool.c @@ -2458,6 +2458,7 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session, int n_privkey_attr = 4; unsigned char *ecparams = NULL; size_t ecparams_size; + CK_ULONG key_type = CKK_RSA; CK_RV rv; if (type != NULL) { @@ -2502,6 +2503,10 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session, FILL_ATTR(privateKeyTemplate[n_privkey_attr], CKA_UNWRAP, &_true, sizeof(_true)); n_privkey_attr++; } + FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_KEY_TYPE, &key_type, sizeof(key_type)); + n_pubkey_attr++; + FILL_ATTR(privateKeyTemplate[n_privkey_attr], CKA_KEY_TYPE, &key_type, sizeof(key_type)); + n_privkey_attr++; } else if (strncmp(type, "EC:", strlen("EC:")) == 0 || strncmp(type, "ec:", strlen("ec:")) == 0) { CK_MECHANISM_TYPE mtypes[] = {CKM_EC_KEY_PAIR_GEN}; @@ -2511,6 +2516,7 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session, if (!opt_mechanism_used) if (!find_mechanism(slot, CKF_GENERATE_KEY_PAIR, mtypes, mtypes_num, &opt_mechanism)) util_fatal("Generate EC key mechanism not supported\n"); + key_type = CKK_EC; for (ii=0; ec_curve_infos[ii].name; ii++) { if (!strcmp(ec_curve_infos[ii].name, type + 3)) @@ -2546,6 +2552,10 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session, FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_EC_PARAMS, ecparams, ecparams_size); n_pubkey_attr++; + FILL_ATTR(publicKeyTemplate[n_pubkey_attr], CKA_KEY_TYPE, &key_type, sizeof(key_type)); + n_pubkey_attr++; + FILL_ATTR(privateKeyTemplate[n_privkey_attr], CKA_KEY_TYPE, &key_type, sizeof(key_type)); + n_privkey_attr++; } else if (strncmp(type, "GOSTR3410", strlen("GOSTR3410")) == 0 || strncmp(type, "gostr3410", strlen("gostr3410")) == 0) { const struct sc_aid GOST2001_PARAMSET_A_OID = { { 0x06, 0x07, 0x2a, 0x85, 0x03, 0x02, 0x02, 0x23, 0x01 }, 9 };