lib: rsa: Fix PKCS11 URI if one is not given in `keydir`

If `keydir` is not present, we need to build a PKCS11 URI
from just the key name. In this case, we *do* need 'pkcs11:'

Fixes: ece85cc020 rsa: use pkcs11 uri as defined in rfc7512
Signed-off-by: Csókás Bence <[email protected]>

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 858ad92a6f6f51f88b64c5166178fc439e1f9aad..fd587d8deb60d7c4fd40a88d170cef6a63faac78 100644 (file)
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -124,7 +124,7 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
                                         keydir, name);
                else
                        snprintf(key_id, sizeof(key_id),
-                                "object=%s;type=public",
+                                "pkcs11:object=%s;type=public",
                                 name);
        } else if (engine_id) {
                if (keydir)
@@ -246,7 +246,7 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
                                         keydir, name);
                else
                        snprintf(key_id, sizeof(key_id),
-                                "object=%s;type=private",
+                                "pkcs11:object=%s;type=private",
                                 name);
        } else if (engine_id) {
                if (keydir && name)