diff options
| author | Vladimir Stoiakin <VStoiakin@lavabit.com> | 2023-10-24 18:00:43 +0200 |
|---|---|---|
| committer | Vladimir Stoiakin <VStoiakin@lavabit.com> | 2024-01-05 10:32:36 +0100 |
| commit | 85828ef92027b935f49e6cce02d69d6717d95f18 (patch) | |
| tree | c97c089c313d2f81c6155fc5b680650d1a09106d /src/shared/pkcs11-util.h | |
| parent | siphash24: introduce siphash24_compress_typesafe() macro (diff) | |
| download | systemd-85828ef92027b935f49e6cce02d69d6717d95f18.tar.xz systemd-85828ef92027b935f49e6cce02d69d6717d95f18.zip | |
cryptenroll: change class in provided PKCS#11 URI if necessary
cryptenroll accepts only PKCS#11 URIs that match both a certificate and a private key in a token.
This patch allows users to provide a PKCS#11 URI that points to a certificate only, and makes possible to use output of some PKCS#11 tools directly.
Internally the patch changes 'type=cert' in the provided PKCS#11 URI to 'type=private' before storing in a LUKS2 header.
Fixes: #23479
Diffstat (limited to 'src/shared/pkcs11-util.h')
| -rw-r--r-- | src/shared/pkcs11-util.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/shared/pkcs11-util.h b/src/shared/pkcs11-util.h index 2ff6997823..d901bbea91 100644 --- a/src/shared/pkcs11-util.h +++ b/src/shared/pkcs11-util.h @@ -26,6 +26,8 @@ extern const char *(*sym_p11_kit_strerror)(CK_RV rv); extern int (*sym_p11_kit_uri_format)(P11KitUri *uri, P11KitUriType uri_type, char **string); extern void (*sym_p11_kit_uri_free)(P11KitUri *uri); extern CK_ATTRIBUTE_PTR (*sym_p11_kit_uri_get_attributes)(P11KitUri *uri, CK_ULONG *n_attrs); +extern CK_ATTRIBUTE_PTR (*sym_p11_kit_uri_get_attribute)(P11KitUri *uri, CK_ATTRIBUTE_TYPE attr_type); +extern int (*sym_p11_kit_uri_set_attribute)(P11KitUri *uri, CK_ATTRIBUTE_PTR attr); extern CK_INFO_PTR (*sym_p11_kit_uri_get_module_info)(P11KitUri *uri); extern CK_SLOT_INFO_PTR (*sym_p11_kit_uri_get_slot_info)(P11KitUri *uri); extern CK_TOKEN_INFO_PTR (*sym_p11_kit_uri_get_token_info)(P11KitUri *uri); |