projects / pdns / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8d56a31)
Do not use CKA_SIGN or CKA_VERIFy
authorAki Tuomi <cmouse@cmouse.fi>
Sun, 29 Mar 2015 17:36:01 +0000 (20:36 +0300)
committerAki Tuomi <cmouse@desteem.org>
Mon, 30 Mar 2015 12:48:38 +0000 (15:48 +0300)
These are not supported by OpenSC for some cards

pdns/pkcs11signers.cc patch | blob | history

diff --git a/pdns/pkcs11signers.cc b/pdns/pkcs11signers.cc
index 60fd42b3719c7483761058eca4302eeaacf100d6..763cc3691c38f5ff42f2d3b996ff203476f6e936 100644 (file)
--- a/pdns/pkcs11signers.cc
+++ b/pdns/pkcs11signers.cc
@@ -305,7 +305,7 @@ class Pkcs11Token {
       std::vector<P11KitAttribute> attr;
       std::vector<CK_OBJECT_HANDLE> key;
       attr.push_back(P11KitAttribute(CKA_CLASS, (unsigned long)CKO_PRIVATE_KEY));
-      attr.push_back(P11KitAttribute(CKA_SIGN, (char)CK_TRUE));
+//      attr.push_back(P11KitAttribute(CKA_SIGN, (char)CK_TRUE));
       attr.push_back(P11KitAttribute(CKA_LABEL, d_label));
       FindObjects2(attr, key, 1);
       if (key.size() == 0) {
@@ -315,7 +315,7 @@ class Pkcs11Token {
       d_private_key = key[0];
       attr.clear();
       attr.push_back(P11KitAttribute(CKA_CLASS, (unsigned long)CKO_PUBLIC_KEY));
-      attr.push_back(P11KitAttribute(CKA_VERIFY, (char)CK_TRUE));
+//      attr.push_back(P11KitAttribute(CKA_VERIFY, (char)CK_TRUE));
       attr.push_back(P11KitAttribute(CKA_LABEL, d_label));
       FindObjects2(attr, key, 1);
       if (key.size() == 0) {
Unnamed repository; edit this file 'description' to name the repository.