From c32570ec9f68408cd1d009eb751f12275485ad42 Mon Sep 17 00:00:00 2001 From: Marouene Boubakri Date: Thu, 30 Nov 2023 21:12:31 +0100 Subject: [PATCH] ta: pkcs11: pkcs11_attributes.c: calculate KCV on key derivation/unwrapping On client calls to C_UnwrapKey() and C_DeriveKey(): Modify set_secret_key_data() to set CKA_CHECK_VALUE attribute after setting key value CKA_VALUE. Signed-off-by: Marouene Boubakri --- ta/pkcs11/src/pkcs11_attributes.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/ta/pkcs11/src/pkcs11_attributes.c b/ta/pkcs11/src/pkcs11_attributes.c index c98a0fc1de7..6a413c6e135 100644 --- a/ta/pkcs11/src/pkcs11_attributes.c +++ b/ta/pkcs11/src/pkcs11_attributes.c @@ -2480,7 +2480,11 @@ static enum pkcs11_rc set_secret_key_data(struct obj_attrs **head, void *data, if (rc != PKCS11_CKR_OK && rc != PKCS11_RV_NOT_FOUND) return PKCS11_CKR_GENERAL_ERROR; - return add_attribute(head, PKCS11_CKA_VALUE, data, key_length); + rc = add_attribute(head, PKCS11_CKA_VALUE, data, key_length); + if (rc) + return rc; + + return set_check_value_attr(*head); } static enum pkcs11_rc set_private_key_data_rsa(struct obj_attrs **head,