[gnutls-devel] [PATCH 0/2] Support for DSA key pairs generating in PKCS #11
Jan Vcelak
jan.vcelak at nic.cz
Thu Feb 25 15:21:28 CET 2016
Hello,
this patch set adds support for generating DSA key pairs via PKCS#11.
The former code was incorrectly passing CKA_MODULUS_BITS directy to the
C_GenerateKeyPair function. However, according to the specification, the
implementation expects CKA_PRIME, CKA_SUBPRIME, and CKA_BASE attributes.
The new code uses CKM_DSA_PARAMETER_GEN mechanism for C_GenerateKey to generate
the DSA parameters to be later used with C_GenerateKeyPair.
The implementation has been tested with SoftHSM 2.0.
Best regards,
Jan
Jan Vcelak (2):
pkcs11: add interface for C_GenerateKey
pkcs11: implement correct DSA key pair generating
lib/pkcs11_int.c | 11 +++++++++
lib/pkcs11_int.h | 8 +++++++
lib/pkcs11_privkey.c | 63 ++++++++++++++++++++++++++++++++++++++++++++++++----
3 files changed, 78 insertions(+), 4 deletions(-)
--
2.5.0
More information about the Gnutls-devel
mailing list