Make it possible to import private keys

4 files changed, 19 insertions, 7 deletions

diff --git a/examples/ncr.c b/examples/ncr.c
index 7de67ee..a02f750 100644
--- a/examples/ncr.c
+++ b/examples/ncr.c
@@ -321,6 +321,10 @@ test_ncr_wrap_key(int cfd)
 	memset(&kwrap, 0, sizeof(kwrap));
 	kwrap.algorithm = NCR_WALG_AES_RFC3394;
 	kwrap.keytowrap = key2;
+	kwrap.wrapped_key_algorithm = NCR_ALG_AES_CBC;
+	kwrap.wrapped_key_type = NCR_KEY_TYPE_SECRET;
+	kwrap.wrapped_key_flags
+		= NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE;
 	kwrap.key = key;
 	kwrap.io = data;
 	kwrap.io_size = data_size;
diff --git a/examples/pk.c b/examples/pk.c
index 032ae98..7199d53 100644
--- a/examples/pk.c
+++ b/examples/pk.c
@@ -647,6 +647,7 @@ test_ncr_wrap_key3(int cfd)
 			memset(&kwrap, 0, sizeof(kwrap));
 			kwrap.algorithm = NCR_WALG_AES_RFC5649;
 			kwrap.wrapped_key_algorithm = NCR_ALG_RSA;
+			kwrap.wrapped_key_type = NCR_KEY_TYPE_PRIVATE;
 			kwrap.keytowrap = privkey;
 			kwrap.key = key;
 			kwrap.io = data;
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c
index eea252e..0f9f0fe 100644
--- a/ncr-key-wrap.c
+++ b/ncr-key-wrap.c
@@ -39,8 +39,10 @@ typedef uint8_t val64_t[8];
 static const val64_t initA = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6";
 
 static int key_to_packed_data( uint8_t** sdata, size_t * sdata_size, const struct key_item_st *key);
-static int key_from_packed_data(ncr_algorithm_t algorithm, unsigned int flags,
-	struct key_item_st* key, const void* data, size_t data_size);
+static int key_from_packed_data(ncr_algorithm_t algorithm,
+				ncr_key_type_t key_type, unsigned int flags,
+				struct key_item_st* key, const void* data,
+				size_t data_size);
 
 
 static void val64_xor( val64_t val, uint32_t x)
@@ -303,8 +305,10 @@ size_t sdata_size = KEY_DATA_MAX_SIZE;
 		goto fail;
 	}
 
-	ret = key_from_packed_data(wrap_st->wrapped_key_algorithm, wrap_st->wrapped_key_flags, 
-		output, sdata, sdata_size);
+	ret = key_from_packed_data(wrap_st->wrapped_key_algorithm,
+				   wrap_st->wrapped_key_type,
+				   wrap_st->wrapped_key_flags, output, sdata,
+				   sdata_size);
 	if (ret < 0) {
 		err();
 		goto fail;
@@ -852,8 +856,10 @@ fail:
 	return ret;
 }
 
-static int key_from_packed_data(ncr_algorithm_t algorithm, unsigned int flags,
-	struct key_item_st* key, const void* data, size_t data_size)
+static int key_from_packed_data(ncr_algorithm_t algorithm,
+				ncr_key_type_t key_type, unsigned int flags,
+				struct key_item_st* key, const void* data,
+				size_t data_size)
 {
 	int ret;
 
@@ -868,7 +874,7 @@ static int key_from_packed_data(ncr_algorithm_t algorithm, unsigned int flags,
 		return -EINVAL;
 	}
 
-	key->type = key->algorithm->key_type;
+	key->type = key_type;
 	ret = ncr_key_assign_flags(key, flags);
 	if (ret != 0) {
 		err();
diff --git a/ncr.h b/ncr.h
index af4c279..94d1433 100644
--- a/ncr.h
+++ b/ncr.h
@@ -216,6 +216,7 @@ struct ncr_key_wrap_st {
 	 * For symmetric ciphers AES would do.
 	 */
 	ncr_algorithm_t wrapped_key_algorithm;
+	ncr_key_type_t wrapped_key_type;
 	unsigned int wrapped_key_flags; /* flags for the newly unwrapped key */
 
 	ncr_key_t keytowrap;