pkcs11: Specify object class and key type when deriving DH secrets.
authorTobias Brunner <tobias@strongswan.org>
Tue, 25 Oct 2011 16:23:59 +0000 (18:23 +0200)
committerTobias Brunner <tobias@strongswan.org>
Mon, 31 Oct 2011 17:45:36 +0000 (18:45 +0100)
pkcs11_softtoken on OpenSolaris requires this (probably others too).

src/libstrongswan/plugins/pkcs11/pkcs11_dh.c

index fc8a334..a447eb6 100644 (file)
@@ -93,7 +93,11 @@ static bool get_cka_value(private_pkcs11_dh_t *this, CK_OBJECT_HANDLE obj,
 METHOD(diffie_hellman_t, set_other_public_value, void,
        private_pkcs11_dh_t *this, chunk_t value)
 {
+       CK_OBJECT_CLASS klass = CKO_SECRET_KEY;
+       CK_KEY_TYPE type = CKK_GENERIC_SECRET;
        CK_ATTRIBUTE attr[] = {
+               { CKA_CLASS, &klass, sizeof(klass) },
+               { CKA_KEY_TYPE, &type, sizeof(type) },
        };
        CK_MECHANISM mech = {
                CKM_DH_PKCS_DERIVE,