native-pkcs11 icon indicating copy to clipboard operation
native-pkcs11 copied to clipboard
verified publisher icon google

CKA_EC_PARAMS of Key objects is always set to P256 curve

Open sake opened this issue 1 year ago • 0 comments

The Object.attribute function always returns a fixed value of the P256 curve OID (see following code excerpt). This is obviously wrong for non P256 keys and leads to errors when using the module with at least pkcs11-tool.

AttributeType::EcParams => {
    Some(Attribute::EcParams(p256::NistP256::OID.to_der().ok()?))
}

The real information about the key could be found in the certificate (SubjectPublicKeyInfo), but that is not available in the PrivateKey and PublicKey trait.

Maybe the Key objects could be extended to provide this information.

sake avatar May 31 '24 12:05 sake