Fix serialization pub key

Currently, EVP_PKEY_print_public specifies an incorrect key class for the generated EVP_PKEY. Now selection is also used to get the key class. Signed-off-by: Eduard Sabirov <[email protected]>
latchset · Dec 23, 2024 · ce1a190 · ce1a190
1 parent d7b1339
commit ce1a190
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 7 deletions.
diff --git a/src/encoder.c b/src/encoder.c
@@ -140,7 +140,7 @@ static int p11prov_rsa_encoder_encode_text(void *inctx, OSSL_CORE_BIO *cbio,
         }
     }
 
-    uri = p11prov_key_to_uri(ctx->provctx, key);
+    uri = p11prov_key_to_uri(ctx->provctx, key, selection);
     if (uri) {
         BIO_printf(out, "URI %s\n", uri);
         free(uri);
@@ -474,7 +474,7 @@ static P11PROV_PK11_URI *p11prov_encoder_private_key_to_asn1(P11PROV_CTX *pctx,
     size_t uri_len;
     int ret = RET_OSSL_ERR;
 
-    uri = p11prov_key_to_uri(pctx, key);
+    uri = p11prov_key_to_uri(pctx, key, OSSL_KEYMGMT_SELECT_PRIVATE_KEY);
     if (!uri) {
         goto done;
     }
@@ -896,7 +896,7 @@ static int p11prov_ec_encoder_encode_text(void *inctx, OSSL_CORE_BIO *cbio,
         }
     }
 
-    uri = p11prov_key_to_uri(ctx->provctx, key);
+    uri = p11prov_key_to_uri(ctx->provctx, key, selection);
     if (uri) {
         BIO_printf(out, "URI %s\n", uri);
     }
@@ -1014,7 +1014,7 @@ static int p11prov_ec_edwards_encoder_encode_text(
         }
     }
 
-    uri = p11prov_key_to_uri(ctx->provctx, key);
+    uri = p11prov_key_to_uri(ctx->provctx, key, selection);
     if (uri) {
         BIO_printf(out, "URI %s\n", uri);
     }

diff --git a/src/util.c b/src/util.c
@@ -670,7 +670,7 @@ static char *uri_component(const char *name, const char *val, size_t vlen,
     return c;
 }
 
-char *p11prov_key_to_uri(P11PROV_CTX *ctx, P11PROV_OBJ *key)
+char *p11prov_key_to_uri(P11PROV_CTX *ctx, P11PROV_OBJ *key, int selection)
 {
     P11PROV_SLOTS_CTX *slots;
     P11PROV_SLOT *slot;
@@ -691,7 +691,11 @@ char *p11prov_key_to_uri(P11PROV_CTX *ctx, P11PROV_OBJ *key)
     size_t size_hint = 0;
     CK_RV ret;
 
-    class = p11prov_obj_get_class(key);
+    if (selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) {
+        class = CKO_PUBLIC_KEY;
+    } else {
+        class = p11prov_obj_get_class(key);
+    }
     slot_id = p11prov_obj_get_slotid(key);
     cka_id = p11prov_obj_get_attr(key, CKA_ID);
     cka_label = p11prov_obj_get_attr(key, CKA_LABEL);

diff --git a/src/util.h b/src/util.h
@@ -54,7 +54,7 @@ void p11prov_fetch_attrs_free(struct fetch_attrs *attrs, int num);
 #define MAX_PIN_LENGTH 32
 int parse_ulong(P11PROV_CTX *ctx, const char *str, size_t len, void **output);
 P11PROV_URI *p11prov_parse_uri(P11PROV_CTX *ctx, const char *uri);
-char *p11prov_key_to_uri(P11PROV_CTX *ctx, P11PROV_OBJ *key);
+char *p11prov_key_to_uri(P11PROV_CTX *ctx, P11PROV_OBJ *key, int selection);
 void p11prov_uri_free(P11PROV_URI *parsed_uri);
 CK_OBJECT_CLASS p11prov_uri_get_class(P11PROV_URI *uri);
 void p11prov_uri_set_class(P11PROV_URI *uri, CK_OBJECT_CLASS class);