[rs-commit] r44 - /redwax-tool/trunk/redwax_p11kit.c
rs-commit at redwax.eu
rs-commit at redwax.eu
Fri Nov 19 15:59:23 CET 2021
Author: minfrin at redwax.eu
Date: Fri Nov 19 15:59:23 2021
New Revision: 44
Log:
Imported keys are by definition outside the token to start
with, so the default must be non sensitive and extractable.
Modified:
redwax-tool/trunk/redwax_p11kit.c
Modified: redwax-tool/trunk/redwax_p11kit.c
==============================================================================
--- redwax-tool/trunk/redwax_p11kit.c (original)
+++ redwax-tool/trunk/redwax_p11kit.c Fri Nov 19 15:59:23 2021
@@ -590,11 +590,13 @@
redwax_pkcs11_add_attribute(privateTemplate, CKA_PRIVATE, (void *)&true,
sizeof(true));
- /* private keys are always sensitive, and cannot be extracted */
- redwax_pkcs11_add_attribute(privateTemplate, CKA_SENSITIVE, (void *)&true,
+ /* imported private keys are outside the token already, by default mark the
+ * keys non-sensitive and extractable.
+ */
+ redwax_pkcs11_add_attribute(privateTemplate, CKA_SENSITIVE, (void *)&false,
+ sizeof(false));
+ redwax_pkcs11_add_attribute(privateTemplate, CKA_EXTRACTABLE, (void *)&true,
sizeof(true));
- redwax_pkcs11_add_attribute(privateTemplate, CKA_EXTRACTABLE, (void *)&false,
- sizeof(false));
/* CKA_PUBLIC_KEY_INFO */
if (key->common.subjectpublickeyinfo_len) {
More information about the rs-commit
mailing list