2728d0618e15ee3a2ecc5f6d15acd7898e6de85aTinderbox User * Copyright (C) 2014-2017 Internet Systems Consortium, Inc. ("ISC")
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews * file, You can obtain one at http://mozilla.org/MPL/2.0/.
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt#if defined(PKCS11CRYPTO) && defined(HAVE_PKCS11_ECDSA)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * FIPS 186-3 ECDSA keys:
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * mechanisms:
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * CKM_ECDSA,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * CKM_EC_KEY_PAIR_GEN
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * domain parameters:
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * CKA_EC_PARAMS (choice with OID namedCurve)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * public keys:
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * object class CKO_PUBLIC_KEY
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * key type CKK_EC
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * attribute CKA_EC_PARAMS (choice with OID namedCurve)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * attribute CKA_EC_POINT (point Q)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * private keys:
e20788e1216ed720aefa84f3295f7899d9f28c22Mark Andrews * object class CKO_PRIVATE_KEY
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * key type CKK_EC
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * attribute CKA_EC_PARAMS (choice with OID namedCurve)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * attribute CKA_VALUE (big int d)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt * point format: 0x04 (octet-string) <2*size+1> 0x4 (uncompressed) <x> <y>
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntstatic isc_result_t pkcs11ecdsa_todns(const dst_key_t *key,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntstatic isc_result_t pkcs11ecdsa_fetch(dst_key_t *key, const char *engine,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_createctx(dst_key_t *key, dst_context_t *dctx) {
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_ctx = (pk11_context_t *) isc_mem_get(dctx->mctx,
f5c17a057fc5974bb51d7bc8c5827a7fd6dc9aeeEvan Hunt ret = pk11_get_session(pk11_ctx, OP_EC, ISC_TRUE, ISC_FALSE,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt PK11_RET(pkcs_C_DigestInit, (pk11_ctx->session, &mech), ISC_R_FAILURE);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(dctx->mctx, pk11_ctx, sizeof(*pk11_ctx));
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_context_t *pk11_ctx = dctx->ctxdata.pk11_ctx;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DigestFinal(pk11_ctx->session, garbage, &len);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(dctx->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_adddata(dst_context_t *dctx, const isc_region_t *data) {
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_context_t *pk11_ctx = dctx->ctxdata.pk11_ctx;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_sign(dst_context_t *dctx, isc_buffer_t *sig) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_SIGN, &truevalue, (CK_ULONG) sizeof(truevalue) },
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_context_t *pk11_ctx = dctx->ctxdata.pk11_ctx;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt unsigned int i;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt if (ec->ontoken && (ec->object != CK_INVALID_HANDLE)) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, hKey);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(dctx->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_verify(dst_context_t *dctx, const isc_region_t *sig) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_VERIFY, &truevalue, (CK_ULONG) sizeof(truevalue) },
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_context_t *pk11_ctx = dctx->ctxdata.pk11_ctx;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt unsigned int i;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, hKey);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(dctx->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_compare(const dst_key_t *key1, const dst_key_t *key2) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr1 = pk11_attribute_bytype(ec1, CKA_EC_PARAMS);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr2 = pk11_attribute_bytype(ec2, CKA_EC_PARAMS);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt pk11_ecc_prime256v1, sizeof(pk11_ecc_prime256v1)); \
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt pk11_ecc_secp384r1, sizeof(pk11_ecc_secp384r1)); \
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, attr->pValue, attr->ulValueLen); \
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_generate(dst_key_t *key, int unused, void (*callback)(int)) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt CK_MECHANISM mech = { CKM_EC_KEY_PAIR_GEN, NULL, 0 };
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &pubClass, (CK_ULONG) sizeof(pubClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_VERIFY, &truevalue, (CK_ULONG) sizeof(truevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &privClass, (CK_ULONG) sizeof(privClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_PRIVATE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_SENSITIVE, &falsevalue, (CK_ULONG) sizeof(falsevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_EXTRACTABLE, &truevalue, (CK_ULONG) sizeof(truevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_SIGN, &truevalue, (CK_ULONG) sizeof(truevalue) }
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_ctx = (pk11_context_t *) isc_mem_get(key->mctx,
acbb301e648b82fcc38b876a44403cf0fe539cc9Evan Hunt ret = pk11_get_session(pk11_ctx, OP_EC, ISC_TRUE, ISC_FALSE,
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt ec = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*ec));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ec->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 3);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, attr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, attr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, priv);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, pub);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, priv);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_DestroyObject(pk11_ctx->session, pub);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt INSIST((ec->object == CK_INVALID_HANDLE) || ec->ontoken);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_todns(const dst_key_t *key, isc_buffer_t *data) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (((CK_BYTE_PTR) attr->pValue)[0] != TAG_OCTECT_STRING) ||
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (((CK_BYTE_PTR) attr->pValue)[2] != UNCOMPRESSED))
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(r.base, (CK_BYTE_PTR) attr->pValue + 3, len);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_fromdns(dst_key_t *key, isc_buffer_t *data) {
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt ec = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*ec));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ec->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 2);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_get(key->mctx, sizeof(pk11_ecc_prime256v1));
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt pk11_ecc_prime256v1, sizeof(pk11_ecc_prime256v1));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_get(key->mctx, sizeof(pk11_ecc_secp384r1));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ((CK_BYTE_PTR) attr->pValue)[0] = TAG_OCTECT_STRING;
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove((CK_BYTE_PTR) attr->pValue + 3, r.base, len);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_tofile(const dst_key_t *key, const char *directory) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt unsigned int i = 0;
12bf5d4796505b4c20680531da96a31e6c2c1144Evan Hunt return (dst__privstruct_writefile(key, &priv, directory));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt priv.elements[i].length = (unsigned short) attr->ulValueLen;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt priv.elements[i].length = strlen(key->engine) + 1;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt priv.elements[i].data = (unsigned char *)key->engine;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt priv.elements[i].data = (unsigned char *)key->label;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ret = dst__privstruct_writefile(key, &priv, directory);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_fetch(dst_key_t *key, const char *engine, const char *label,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &truevalue, (CK_ULONG) sizeof(truevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ec->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 2);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt pubattr = pk11_attribute_bytype(pubec, CKA_EC_PARAMS);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(attr->pValue, pubattr->pValue, pubattr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt pubattr = pk11_attribute_bytype(pubec, CKA_EC_POINT);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, pubattr->ulValueLen);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(attr->pValue, pubattr->pValue, pubattr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ret = pk11_parse_uri(ec, label, key->mctx, OP_EC);
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_ctx = (pk11_context_t *) isc_mem_get(key->mctx,
acbb301e648b82fcc38b876a44403cf0fe539cc9Evan Hunt ret = pk11_get_session(pk11_ctx, OP_EC, ISC_TRUE, ISC_FALSE,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (pk11_ctx->session, searchTemplate, (CK_ULONG) 4),
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (pk11_ctx->session, &ec->object, (CK_ULONG) 1, &cnt),
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_FindObjectsFinal(pk11_ctx->session);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt unsigned int i;
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt /* read private key file */
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ret = dst__privstruct_parse(key, DST_ALG_ECDSA256, lexer, mctx, &priv);
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt ec = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*ec));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt /* Is this key is stored in a HSM? See if we can fetch it. */
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ec->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 3);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt pattr = pk11_attribute_bytype(pub->keydata.pkey, CKA_EC_PARAMS);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, pattr->ulValueLen);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(attr->pValue, pattr->pValue, pattr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt pattr = pk11_attribute_bytype(pub->keydata.pkey, CKA_EC_POINT);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, pattr->ulValueLen);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(attr->pValue, pattr->pValue, pattr->ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr->pValue = isc_mem_get(key->mctx, priv.elements[0].length);
1b255a0c4eaccf0feff70328a8c108a22abfbf3cEvan Hunt memmove(attr->pValue, priv.elements[0].data, priv.elements[0].length);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Huntpkcs11ecdsa_fromlabel(dst_key_t *key, const char *engine, const char *label,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt const char *pin)
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_CLASS, &keyClass, (CK_ULONG) sizeof(keyClass) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_KEY_TYPE, &keyType, (CK_ULONG) sizeof(keyType) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt { CKA_TOKEN, &truevalue, (CK_ULONG) sizeof(truevalue) },
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt unsigned int i;
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt ec = (pk11_object_t *) isc_mem_get(key->mctx, sizeof(*ec));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ec->repr = (CK_ATTRIBUTE *) isc_mem_get(key->mctx, sizeof(*attr) * 2);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt ret = pk11_parse_uri(ec, label, key->mctx, OP_EC);
dbb012765c735ee0d82dedb116cdc7cf18957814Evan Hunt pk11_ctx = (pk11_context_t *) isc_mem_get(key->mctx,
acbb301e648b82fcc38b876a44403cf0fe539cc9Evan Hunt ret = pk11_get_session(pk11_ctx, OP_EC, ISC_TRUE, ISC_FALSE,
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (pk11_ctx->session, searchTemplate, (CK_ULONG) 4),
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_FindObjectsFinal(pk11_ctx->session);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt for (i = 0; i <= 1; i++) {
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt attr[i].pValue = isc_mem_get(key->mctx, attr[i].ulValueLen);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (pk11_ctx->session, searchTemplate, (CK_ULONG) 4),
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (pk11_ctx->session, &ec->object, (CK_ULONG) 1, &cnt),
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt (void) pkcs_C_FindObjectsFinal(pk11_ctx->session);
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt isc_mem_put(key->mctx, pk11_ctx, sizeof(*pk11_ctx));
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt#else /* PKCS11CRYPTO && HAVE_PKCS11_ECDSA */
ba751492fcc4f161a18b983d4f018a1a52938cb9Evan Hunt#endif /* PKCS11CRYPTO && HAVE_PKCS11_ECDSA */