diff --git a/bin/pkcs11/pkcs11-keygen.c b/bin/pkcs11/pkcs11-keygen.c index 706ee0862e..120bc62d46 100644 --- a/bin/pkcs11/pkcs11-keygen.c +++ b/bin/pkcs11/pkcs11-keygen.c @@ -67,6 +67,8 @@ #include #include +#define WANT_ECC_CURVES +#define WANT_ECX_CURVES #include #include #include @@ -351,12 +353,12 @@ main(int argc, char *argv[]) { id_offset = ECC_ID; if (bits == 256) { - public_template[4].pValue = pk11_ecc_ed25519; + public_template[4].pValue = pk11_ecx_ed25519; public_template[4].ulValueLen = - sizeof(pk11_ecc_ed25519); + sizeof(pk11_ecx_ed25519); } else { - public_template[4].pValue = pk11_ecc_ed448; - public_template[4].ulValueLen = sizeof(pk11_ecc_ed448); + public_template[4].pValue = pk11_ecx_ed448; + public_template[4].ulValueLen = sizeof(pk11_ecx_ed448); } #endif /* ifndef CKM_EDDSA_KEY_PAIR_GEN */ diff --git a/lib/dns/pkcs11ecdsa_link.c b/lib/dns/pkcs11ecdsa_link.c index d6160aa414..ba833e3cfb 100644 --- a/lib/dns/pkcs11ecdsa_link.c +++ b/lib/dns/pkcs11ecdsa_link.c @@ -20,6 +20,7 @@ #include #include +#define WANT_ECC_CURVES #include #include #include diff --git a/lib/dns/pkcs11eddsa_link.c b/lib/dns/pkcs11eddsa_link.c index 39df97ccbf..d52c6822b3 100644 --- a/lib/dns/pkcs11eddsa_link.c +++ b/lib/dns/pkcs11eddsa_link.c @@ -20,6 +20,7 @@ #include #include +#define WANT_ECX_CURVES #include #include #include @@ -399,16 +400,16 @@ pkcs11eddsa_compare(const dst_key_t *key1, const dst_key_t *key2) { #define SETCURVE() \ if (key->key_alg == DST_ALG_ED25519) { \ attr->pValue = isc_mem_get(key->mctx, \ - sizeof(pk11_ecc_ed25519)); \ + sizeof(pk11_ecx_ed25519)); \ \ - memmove(attr->pValue, pk11_ecc_ed25519, \ - sizeof(pk11_ecc_ed25519)); \ - attr->ulValueLen = sizeof(pk11_ecc_ed25519); \ + memmove(attr->pValue, pk11_ecx_ed25519, \ + sizeof(pk11_ecx_ed25519)); \ + attr->ulValueLen = sizeof(pk11_ecx_ed25519); \ } else { \ - attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecc_ed448)); \ + attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecx_ed448)); \ \ - memmove(attr->pValue, pk11_ecc_ed448, sizeof(pk11_ecc_ed448)); \ - attr->ulValueLen = sizeof(pk11_ecc_ed448); \ + memmove(attr->pValue, pk11_ecx_ed448, sizeof(pk11_ecx_ed448)); \ + attr->ulValueLen = sizeof(pk11_ecx_ed448); \ } #define FREECURVE() \ @@ -639,14 +640,14 @@ pkcs11eddsa_fromdns(dst_key_t *key, isc_buffer_t *data) { attr = ec->repr; attr->type = CKA_EC_PARAMS; if (key->key_alg == DST_ALG_ED25519) { - attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecc_ed25519)); - memmove(attr->pValue, pk11_ecc_ed25519, - sizeof(pk11_ecc_ed25519)); - attr->ulValueLen = sizeof(pk11_ecc_ed25519); + attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecx_ed25519)); + memmove(attr->pValue, pk11_ecx_ed25519, + sizeof(pk11_ecx_ed25519)); + attr->ulValueLen = sizeof(pk11_ecx_ed25519); } else { - attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecc_ed448)); - memmove(attr->pValue, pk11_ecc_ed448, sizeof(pk11_ecc_ed448)); - attr->ulValueLen = sizeof(pk11_ecc_ed448); + attr->pValue = isc_mem_get(key->mctx, sizeof(pk11_ecx_ed448)); + memmove(attr->pValue, pk11_ecx_ed448, sizeof(pk11_ecx_ed448)); + attr->ulValueLen = sizeof(pk11_ecx_ed448); } attr++; diff --git a/lib/isc/include/pk11/constants.h b/lib/isc/include/pk11/constants.h index defc514598..6102a9d618 100644 --- a/lib/isc/include/pk11/constants.h +++ b/lib/isc/include/pk11/constants.h @@ -19,12 +19,17 @@ /*% * Static arrays of data used for key template initialization */ +#ifdef WANT_ECC_CURVES static CK_BYTE pk11_ecc_prime256v1[] = { 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 }; static CK_BYTE pk11_ecc_secp384r1[] = { 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22 }; -static CK_BYTE pk11_ecc_ed25519[] = { 0x06, 0x03, 0x2b, 0x65, 0x70 }; -static CK_BYTE pk11_ecc_ed448[] = { 0x06, 0x03, 0x2b, 0x65, 0x71 }; +#endif /* WANT_ECC_CURVES */ + +#ifdef WANT_ECX_CURVES +static CK_BYTE pk11_ecx_ed25519[] = { 0x06, 0x03, 0x2b, 0x65, 0x70 }; +static CK_BYTE pk11_ecx_ed448[] = { 0x06, 0x03, 0x2b, 0x65, 0x71 }; +#endif /* WANT_ECX_CURVES */ #endif /* PK11_CONSTANTS_H */