Searched hist:c2c23cd49c9f9d88d4fb25917fbb6b237a95f270 (Results 1 – 1 of 1) sorted by relevance
| /optee_os/ta/pkcs11/src/ |
| H A D | processing_rsa.c | c2c23cd49c9f9d88d4fb25917fbb6b237a95f270 Tue Oct 14 05:42:14 UTC 2025 Etienne Carriere <etienne.carriere@st.com> ta: pkcs11: be flexible on RSA private key optional attributes
Allow RSA private key to partially store the RSA private key optional
attributes without facing complaints from the GP TEE API.
On one hand, in the PKCS#11 specification, RSA private key attributes
CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and
CKA_COEFFICIENT are optional and the spec does not add much constraints
on their presence.
On the other hand, the GP TEE Internal Core API requests that these
5 optional attributes are all present or none is present at all.
As a trade-off, allow PKCS#11 client to partially provide them but do not
load them into the TEE object unless they are all present.
Fixes: 3dc4089afde2 ("ta: pkcs11: correct RSA keys extended attributes sanitation")
Closes: https://github.com/OP-TEE/optee_os/issues/5418
Closes: https://github.com/OP-TEE/optee_os/issues/7520
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
|