Fix: the hash-based RSA algo's can only do sign/verify, no wrap, encrypt, ...)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1475 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
1055045267
commit
d9fbbc6ec3
|
@ -704,10 +704,14 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card,
|
||||||
{
|
{
|
||||||
sc_pkcs11_mechanism_type_t *hash_type, *new_type;
|
sc_pkcs11_mechanism_type_t *hash_type, *new_type;
|
||||||
struct hash_signature_info *info;
|
struct hash_signature_info *info;
|
||||||
|
CK_MECHANISM_INFO mech_info = sign_type->mech_info;
|
||||||
|
|
||||||
if (!(hash_type = sc_pkcs11_find_mechanism(p11card, hash_mech, CKF_DIGEST)))
|
if (!(hash_type = sc_pkcs11_find_mechanism(p11card, hash_mech, CKF_DIGEST)))
|
||||||
return CKR_MECHANISM_INVALID;
|
return CKR_MECHANISM_INVALID;
|
||||||
|
|
||||||
|
/* These hash-based mechs can only be used for sign/verify */
|
||||||
|
mech_info.flags &= (CKF_SIGN | CKF_SIGN_RECOVER | CKF_VERIFY | CKF_VERIFY_RECOVER);
|
||||||
|
|
||||||
info = (struct hash_signature_info *) calloc(1, sizeof(*info));
|
info = (struct hash_signature_info *) calloc(1, sizeof(*info));
|
||||||
info->mech = mech;
|
info->mech = mech;
|
||||||
info->sign_type = sign_type;
|
info->sign_type = sign_type;
|
||||||
|
@ -715,7 +719,7 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card,
|
||||||
info->sign_mech = sign_type->mech;
|
info->sign_mech = sign_type->mech;
|
||||||
info->hash_mech = hash_mech;
|
info->hash_mech = hash_mech;
|
||||||
|
|
||||||
new_type = sc_pkcs11_new_fw_mechanism(mech, &sign_type->mech_info,
|
new_type = sc_pkcs11_new_fw_mechanism(mech, &mech_info,
|
||||||
sign_type->key_type, info);
|
sign_type->key_type, info);
|
||||||
if (new_type)
|
if (new_type)
|
||||||
sc_pkcs11_register_mechanism(p11card, new_type);
|
sc_pkcs11_register_mechanism(p11card, new_type);
|
||||||
|
|
Loading…
Reference in New Issue