From 70b382e6cfbc15f90b2df7068d6579844f9ff176 Mon Sep 17 00:00:00 2001 From: David Garske Date: Fri, 5 Feb 2021 11:49:31 -0800 Subject: [PATCH] Fix for PKCS11 not properly exporting the public key due to a missing key type field. This broke due to changes in PR #3687. Also resolved mismatch of enum types for the key type check. --- wolfcrypt/src/ecc.c | 4 ++-- wolfcrypt/src/wc_pkcs11.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/wolfcrypt/src/ecc.c b/wolfcrypt/src/ecc.c index 66bb3eef9..08356d2ea 100644 --- a/wolfcrypt/src/ecc.c +++ b/wolfcrypt/src/ecc.c @@ -7178,7 +7178,7 @@ int wc_ecc_export_x963(ecc_key* key, byte* out, word32* outLen) if (key->type == ECC_PRIVATEKEY_ONLY) return ECC_PRIVATEONLY_E; - if (key->type == ECC_STATE_NONE || + if (key->type == 0 || wc_ecc_is_valid_idx(key->idx) == 0 || key->dp == NULL) { return ECC_BAD_ARG_E; @@ -11297,7 +11297,7 @@ static int wc_ecc_export_x963_compressed(ecc_key* key, byte* out, word32* outLen if (key->type == ECC_PRIVATEKEY_ONLY) return ECC_PRIVATEONLY_E; - if (key->type == ECC_STATE_NONE || + if (key->type == 0 || wc_ecc_is_valid_idx(key->idx) == 0 || key->dp == NULL) { return ECC_BAD_ARG_E; diff --git a/wolfcrypt/src/wc_pkcs11.c b/wolfcrypt/src/wc_pkcs11.c index e92f5548e..3520c0d91 100644 --- a/wolfcrypt/src/wc_pkcs11.c +++ b/wolfcrypt/src/wc_pkcs11.c @@ -935,6 +935,8 @@ static int Pkcs11CreateEccPublicKey(CK_OBJECT_HANDLE* publicKey, if (len >= ASN_LONG_LENGTH) ecPoint[i++] = ASN_LONG_LENGTH | 1; ecPoint[i++] = len; + if (public_key->type == 0) + public_key->type = ECC_PUBLICKEY; ret = wc_ecc_export_x963(public_key, ecPoint + i, &len); } if (ret == 0) { @@ -1936,6 +1938,8 @@ static int Pkcs11FindEccKey(CK_OBJECT_HANDLE* key, CK_OBJECT_CLASS keyClass, if (len >= ASN_LONG_LENGTH) ecPoint[i++] = (ASN_LONG_LENGTH | 1); ecPoint[i++] = len; + if (public_key->type == 0) + public_key->type = ECC_PUBLICKEY; ret = wc_ecc_export_x963(eccKey, ecPoint + i, &len); } if (ret == 0 && keyClass == CKO_PUBLIC_KEY) {