Skip to content

Commit

Permalink
YKCS11: Return CKA_EC_POINT for ED keys
Browse files Browse the repository at this point in the history
  • Loading branch information
aveenismail committed Aug 23, 2024
1 parent b0084c3 commit 5ca7d8a
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 4 deletions.
4 changes: 2 additions & 2 deletions ykcs11/objects.c
Original file line number Diff line number Diff line change
Expand Up @@ -723,7 +723,7 @@ static CK_RV get_proa(ykcs11_slot_t *s, piv_obj_id_t obj, CK_ATTRIBUTE_PTR templ
ul_tmp = do_get_key_type(s->pkeys[piv_objects[obj].sub_id]); // Getting the info from the pubk
if (ul_tmp == CKK_VENDOR_DEFINED)
return CKR_FUNCTION_FAILED;
if (ul_tmp != CKK_EC)
if (ul_tmp == CKK_RSA)
return CKR_ATTRIBUTE_TYPE_INVALID;

if ((rv = do_get_public_key(s->pkeys[piv_objects[obj].sub_id], b_tmp, &len)) != CKR_OK)
Expand Down Expand Up @@ -1030,7 +1030,7 @@ static CK_RV get_puoa(ykcs11_slot_t *s, piv_obj_id_t obj, CK_ATTRIBUTE_PTR templ
ul_tmp = do_get_key_type(s->pkeys[piv_objects[obj].sub_id]); // Getting the info from the pubk
if (ul_tmp == CKK_VENDOR_DEFINED)
return CKR_FUNCTION_FAILED;
if (ul_tmp != CKK_EC)
if (ul_tmp == CKK_RSA)
return CKR_ATTRIBUTE_TYPE_INVALID;

if ((rv = do_get_public_key(s->pkeys[piv_objects[obj].sub_id], b_tmp, &len)) != CKR_OK)
Expand Down
6 changes: 6 additions & 0 deletions ykcs11/openssl_utils.c
Original file line number Diff line number Diff line change
Expand Up @@ -694,6 +694,12 @@ CK_RV do_get_public_key(ykcs11_pkey_t *key, CK_BYTE_PTR data, CK_ULONG_PTR len)
*len += 2;

break;
case EVP_PKEY_ED25519:
case EVP_PKEY_X25519:
if(EVP_PKEY_get_raw_public_key(key, data, len) != 1) {
return CKR_FUNCTION_FAILED;
}
break;

default:
return CKR_FUNCTION_FAILED;
Expand Down
8 changes: 6 additions & 2 deletions ykcs11/tests/ykcs11_edx_test.c
Original file line number Diff line number Diff line change
Expand Up @@ -261,30 +261,34 @@ static void test_xkey_attributes() {
CK_BBOOL obj_token;
CK_BBOOL obj_private;
CK_ULONG obj_key_type;
CK_BYTE obj_point[64] = {0};

CK_ATTRIBUTE template[] = {
{CKA_CLASS, &obj_class, sizeof(CK_ULONG)},
{CKA_TOKEN, &obj_token, sizeof(CK_BBOOL)},
{CKA_PRIVATE, &obj_private, sizeof(CK_BBOOL)},
{CKA_KEY_TYPE, &obj_key_type, sizeof(CK_ULONG)},
{CKA_EC_POINT, obj_point, sizeof(obj_point)}
};

init_connection();
asrt(funcs->C_OpenSession(0, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session), CKR_OK, "OpenSession1");

generate_ex_key(funcs, session, &pubkey, &privkey);

asrt(funcs->C_GetAttributeValue(session, pubkey, template, 4), CKR_OK, "GET BASIC ATTRIBUTES");
asrt(funcs->C_GetAttributeValue(session, pubkey, template, 5), CKR_OK, "GET BASIC ATTRIBUTES");
asrt(obj_class, CKO_PUBLIC_KEY, "CLASS");
asrt(obj_token, CK_TRUE, "TOKEN");
asrt(obj_private, CK_FALSE, "PRIVATE");
asrt(obj_key_type, CKK_EC_MONTGOMERY, "KEY_TYPE");
asrt(template[4].ulValueLen, 32, "EC_POINT LEN");

asrt(funcs->C_GetAttributeValue(session, privkey, template, 4), CKR_OK, "GET BASIC ATTRIBUTES");
asrt(funcs->C_GetAttributeValue(session, privkey, template, 5), CKR_OK, "GET BASIC ATTRIBUTES");
asrt(obj_class, CKO_PRIVATE_KEY, "CLASS");
asrt(obj_token, CK_TRUE, "TOKEN");
asrt(obj_private, CK_TRUE, "PRIVATE");
asrt(obj_key_type, CKK_EC_MONTGOMERY, "KEY_TYPE");
asrt(template[4].ulValueLen, 32, "EC_POINT LEN");

destroy_test_objects(funcs, session, &privkey, 1);
asrt(funcs->C_CloseSession(session), CKR_OK, "CloseSession");
Expand Down

0 comments on commit 5ca7d8a

Please sign in to comment.