summaryrefslogtreecommitdiff
path: root/security/nss/lib/pk11wrap/pk11akey.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/lib/pk11wrap/pk11akey.c')
-rw-r--r--security/nss/lib/pk11wrap/pk11akey.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c
index c45901ec39..346e473a96 100644
--- a/security/nss/lib/pk11wrap/pk11akey.c
+++ b/security/nss/lib/pk11wrap/pk11akey.c
@@ -804,12 +804,30 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType,
/* don't know? look it up */
if (keyType == nullKey) {
CK_KEY_TYPE pk11Type = CKK_RSA;
+ SECItem info;
pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE);
isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE);
switch (pk11Type) {
case CKK_RSA:
keyType = rsaKey;
+ /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */
+ rv = PK11_ReadAttribute(slot, privID, CKA_PUBLIC_KEY_INFO, NULL, &info);
+ if (rv == SECSuccess) {
+ CERTSubjectPublicKeyInfo *spki;
+
+ spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&info);
+ if (spki) {
+ SECOidTag tag;
+
+ tag = SECOID_GetAlgorithmTag(&spki->algorithm);
+ if (tag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE)
+ keyType = rsaPssKey;
+ SECKEY_DestroySubjectPublicKeyInfo(spki);
+ }
+ SECITEM_FreeItem(&info, PR_FALSE);
+ }
+
break;
case CKK_DSA:
keyType = dsaKey;
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-11 05:50:09 +0000