ta: pkcs11: pkcs11_attributes.c: calculate KCV on key derivation/unwr…

…apping On client calls to C_UnwrapKey() and C_DeriveKey(): Modify set_secret_key_data() to set CKA_CHECK_VALUE attribute after setting key value CKA_VALUE. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
OP-TEE · Dec 1, 2023 · c32570e · c32570e
1 parent fcd6bc5
commit c32570e
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/ta/pkcs11/src/pkcs11_attributes.c b/ta/pkcs11/src/pkcs11_attributes.c
@@ -2480,7 +2480,11 @@ static enum pkcs11_rc set_secret_key_data(struct obj_attrs **head, void *data,
 	if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND)
 		return PKCS11_CKR_GENERAL_ERROR;
 
-	return add_attribute(head, PKCS11_CKA_VALUE, data, key_length);
+	rc = add_attribute(head, PKCS11_CKA_VALUE, data, key_length);
+	if (rc)
+		return rc;
+
+	return set_check_value_attr(*head);
 }
 
 static enum pkcs11_rc set_private_key_data_rsa(struct obj_attrs **head,