[gnutls-devel] [PATCH] pkcs11: fix passing of incorrect variable in privkey_get_pubkey

Sun Dec 6 00:46:39 CET 2015

The code worked for RSA because the content of the variables matched.
But it doesn't match for ECC.

CKM_RSA_PKCS_KEY_PAIR_GEN (0x0) == CKK_RSA (0x0)
CKM_ECDSA_KEY_PAIR_GEN (0x1040) != CKK_ECDSA (0x3)

Signed-off-by: Jan Vcelak <jan.vcelak at nic.cz>
---
 lib/pkcs11_privkey.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/pkcs11_privkey.c b/lib/pkcs11_privkey.c
index 935ee8a..c1ab560 100644
--- a/lib/pkcs11_privkey.c
+++ b/lib/pkcs11_privkey.c
@@ -1022,7 +1022,7 @@ _pkcs11_privkey_get_pubkey (gnutls_pkcs11_privkey_t pkey, gnutls_pubkey_t *pub,
 	obj->pk_algorithm = gnutls_pkcs11_privkey_get_pk_algorithm(pkey, 0);
 	obj->type = GNUTLS_PKCS11_OBJ_PUBKEY;
 	mech.mechanism = pk_to_genmech(obj->pk_algorithm, &key_type);
-	ret = pkcs11_read_pubkey(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, mech.mechanism, obj->pubkey);
+	ret = pkcs11_read_pubkey(pkey->sinfo.module, pkey->sinfo.pks, pkey->ref, key_type, obj->pubkey);
 	if (ret < 0) {
 		gnutls_assert();
 		goto cleanup;
-- 
2.5.0


