Fix: the hash-based RSA algo's can only do sign/verify, no wrap, encrypt, ...)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1475 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
1055045267
commit
d9fbbc6ec3
|
@ -704,10 +704,14 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card,
|
|||
{
|
||||
sc_pkcs11_mechanism_type_t *hash_type, *new_type;
|
||||
struct hash_signature_info *info;
|
||||
CK_MECHANISM_INFO mech_info = sign_type->mech_info;
|
||||
|
||||
if (!(hash_type = sc_pkcs11_find_mechanism(p11card, hash_mech, CKF_DIGEST)))
|
||||
return CKR_MECHANISM_INVALID;
|
||||
|
||||
/* These hash-based mechs can only be used for sign/verify */
|
||||
mech_info.flags &= (CKF_SIGN | CKF_SIGN_RECOVER | CKF_VERIFY | CKF_VERIFY_RECOVER);
|
||||
|
||||
info = (struct hash_signature_info *) calloc(1, sizeof(*info));
|
||||
info->mech = mech;
|
||||
info->sign_type = sign_type;
|
||||
|
@ -715,7 +719,7 @@ sc_pkcs11_register_sign_and_hash_mechanism(struct sc_pkcs11_card *p11card,
|
|||
info->sign_mech = sign_type->mech;
|
||||
info->hash_mech = hash_mech;
|
||||
|
||||
new_type = sc_pkcs11_new_fw_mechanism(mech, &sign_type->mech_info,
|
||||
new_type = sc_pkcs11_new_fw_mechanism(mech, &mech_info,
|
||||
sign_type->key_type, info);
|
||||
if (new_type)
|
||||
sc_pkcs11_register_mechanism(p11card, new_type);
|
||||
|
|
Loading…
Reference in New Issue