diff options
Diffstat (limited to 'base/native-tools/src')
| -rw-r--r-- | base/native-tools/src/tkstool/tkstool.c | 20 | ||||
| -rw-r--r-- | base/native-tools/src/tkstool/tkstool.h | 2 |
2 files changed, 13 insertions, 9 deletions
diff --git a/base/native-tools/src/tkstool/tkstool.c b/base/native-tools/src/tkstool/tkstool.c index 5368b2e7b..6fd2a9774 100644 --- a/base/native-tools/src/tkstool/tkstool.c +++ b/base/native-tools/src/tkstool/tkstool.c @@ -1682,13 +1682,14 @@ main( int argc, char **argv ) "on the specified token . . .\n\n" ); if( MASTER_KEY_LENGTH == ( 2 * DES_LENGTH ) ) { - masterKey = PK11_TokenKeyGen( + masterKey = PK11_TokenKeyGenWithFlags( /* slot */ slot, /* mechanism */ CKM_DES2_KEY_GEN, /* param */ 0, /* keySize */ 0, /* keyid */ 0, - /* isToken (i. e. - isPerm) */ PR_TRUE, + /* opFlags */ CKF_SIGN | CKF_DECRYPT | CKF_ENCRYPT | CKF_DERIVE, + /* pk11AtrFlags */ PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE | PK11_ATTR_TOKEN, /* wincx */ &pwdata ); if( masterKey == NULL ) { PR_fprintf( PR_STDERR, @@ -1701,13 +1702,14 @@ main( int argc, char **argv ) goto shutdown; } } else if( MASTER_KEY_LENGTH == ( 3 * DES_LENGTH ) ) { - masterKey = PK11_TokenKeyGen( + masterKey = PK11_TokenKeyGenWithFlags( /* slot */ slot, /* mechanism */ CKM_DES3_KEY_GEN, /* param */ 0, /* keySize */ 0, /* keyid */ 0, - /* isToken (i. e. - isPerm) */ PR_TRUE, + /* opFlags */ CKF_SIGN | CKF_DECRYPT | CKF_ENCRYPT | CKF_DERIVE, + /* pk11AtrFlags */ PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE | PK11_ATTR_TOKEN, /* wincx */ &pwdata ); if( masterKey == NULL ) { PR_fprintf( PR_STDERR, @@ -2307,13 +2309,14 @@ main( int argc, char **argv ) "on the specified token . . .\n\n" ); if( WRAPPED_KEY_LENGTH == ( 2 * DES_LENGTH ) ) { - masterKey = PK11_TokenKeyGen( + masterKey = PK11_TokenKeyGenWithFlags( /* slot */ slot, /* mechanism */ CKM_DES2_KEY_GEN, /* param */ 0, /* keySize */ 0, /* keyid */ 0, - /* isToken (i. e. - isPerm) */ PR_TRUE, + /* opFlags */ CKF_SIGN | CKF_DECRYPT | CKF_ENCRYPT | CKF_DERIVE, + /* pk11AtrFlags */ PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE | PK11_ATTR_TOKEN, /* wincx */ &pwdata ); if( masterKey == NULL ) { PR_fprintf( PR_STDERR, @@ -2326,13 +2329,14 @@ main( int argc, char **argv ) goto shutdown; } } else if( WRAPPED_KEY_LENGTH == ( 3 * DES_LENGTH ) ) { - masterKey = PK11_TokenKeyGen( + masterKey = PK11_TokenKeyGenWithFlags( /* slot */ slot, /* mechanism */ CKM_DES3_KEY_GEN, /* param */ 0, /* keySize */ 0, /* keyid */ 0, - /* isToken (i. e. - isPerm) */ PR_TRUE, + /* opFlags */ CKF_SIGN | CKF_DECRYPT | CKF_ENCRYPT | CKF_DERIVE, + /* pk11AtrFlags */ PK11_ATTR_SENSITIVE | PK11_ATTR_PRIVATE | PK11_ATTR_TOKEN, /* wincx */ &pwdata ); if( masterKey == NULL ) { PR_fprintf( PR_STDERR, diff --git a/base/native-tools/src/tkstool/tkstool.h b/base/native-tools/src/tkstool/tkstool.h index 3b0407227..4c276b040 100644 --- a/base/native-tools/src/tkstool/tkstool.h +++ b/base/native-tools/src/tkstool/tkstool.h @@ -94,7 +94,7 @@ #define HEX_SESSION_KEY_BUF_LENGTH 32 #define HEX_SESSION_KEY_KCV_BUF_LENGTH 8 -#define MASTER_KEY_LENGTH 16 +#define MASTER_KEY_LENGTH 24 #define WRAPPED_KEY_LENGTH 16 #define HEX_WRAPPED_KEY_LENGTH 32 |