summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorJan Luebbe <jlu@pengutronix.de>2020-05-13 12:26:24 +0200
committerTom Rini <trini@konsulko.com>2020-05-15 14:47:35 -0400
commit24bf6e84ce22cd1b53cb79e4f89a4036af7e9c6b (patch)
tree85c116fc3267a1ce16d6771f0a08675788d48ccd /lib
parent3b84809b7b34f1f099303767a48f20cfb7c4e78c (diff)
lib: rsa: avoid overriding the object name when already specified
If "object=" is specified in "keydir" when using the pkcs11 engine do not append another "object=<key-name-hint>". This makes it possible to use object names other than the key name hint. These two string identifiers are not necessarily equal. Signed-off-by: Jan Luebbe <jlu@pengutronix.de> Signed-off-by: Bastian Krause <bst@pengutronix.de> Reviewed-by: George McCollister <george.mccollister@gmail.com>
Diffstat (limited to 'lib')
-rw-r--r--lib/rsa/rsa-sign.c22
1 files changed, 16 insertions, 6 deletions
diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 621ddc4350..40ca1e1f57 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -135,9 +135,14 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
if (engine_id && !strcmp(engine_id, "pkcs11")) {
if (keydir)
- snprintf(key_id, sizeof(key_id),
- "pkcs11:%s;object=%s;type=public",
- keydir, name);
+ if (strstr(keydir, "object="))
+ snprintf(key_id, sizeof(key_id),
+ "pkcs11:%s;type=public",
+ keydir);
+ else
+ snprintf(key_id, sizeof(key_id),
+ "pkcs11:%s;object=%s;type=public",
+ keydir, name);
else
snprintf(key_id, sizeof(key_id),
"pkcs11:object=%s;type=public",
@@ -255,9 +260,14 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
if (engine_id && !strcmp(engine_id, "pkcs11")) {
if (keydir)
- snprintf(key_id, sizeof(key_id),
- "pkcs11:%s;object=%s;type=private",
- keydir, name);
+ if (strstr(keydir, "object="))
+ snprintf(key_id, sizeof(key_id),
+ "pkcs11:%s;type=private",
+ keydir);
+ else
+ snprintf(key_id, sizeof(key_id),
+ "pkcs11:%s;object=%s;type=private",
+ keydir, name);
else
snprintf(key_id, sizeof(key_id),
"pkcs11:object=%s;type=private",