6fe950bc0c
Tested against relevant hardware for generating both RSA and ECDSA roots and intermediates with keys generated using `gen-key`. Also this makes a few changes to the `gen-key` tool after further experience with the HSM and more reading of the PCKS#11 specification. Main change is the removal of `compatMode`, which was intended to provide support for two naming schemes for EC used in subsequent PKCS#11 drafts. It turns out these schemes were changes in name only and the underlying structs/ints were the exact same (i.e. `CKA_ECDSA_PARAMS == CKA_EC_PARAMS` and `CKM_ECDSA_KEY_PAIR_GEN == CKM_EC_KEY_PAIR_GEN`) and just allowed using one of the two names based on preference. This meant with `compatMode` enabled or disabled the tool did the exact same thing. Fixes #3697. |
||
|---|---|---|
| .. | ||
| ecdsa.go | ||
| ecdsa_test.go | ||
| main.go | ||
| rsa.go | ||
| rsa_test.go | ||