From 11ad2bbfa2d83501a3d7b9fdbd567f55214fde0d Mon Sep 17 00:00:00 2001
From: =?utf8?q?Cs=C3=B3k=C3=A1s=20Bence?= <csokas.bence@prolan.hu>
Date: Fri, 5 Jan 2024 15:08:03 +0100
Subject: [PATCH] lib: rsa: Fix PKCS11 URI if one is not given in `keydir`
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

If `keydir` is not present, we need to build a PKCS11 URI
from just the key name. In this case, we *do* need 'pkcs11:'

Fixes: ece85cc020 rsa: use pkcs11 uri as defined in rfc7512

Signed-off-by: Csókás Bence <csokas.bence@prolan.hu>
---
 lib/rsa/rsa-sign.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index 858ad92a6f..fd587d8deb 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -124,7 +124,7 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
 					 keydir, name);
 		else
 			snprintf(key_id, sizeof(key_id),
-				 "object=%s;type=public",
+				 "pkcs11:object=%s;type=public",
 				 name);
 	} else if (engine_id) {
 		if (keydir)
@@ -246,7 +246,7 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
 					 keydir, name);
 		else
 			snprintf(key_id, sizeof(key_id),
-				 "object=%s;type=private",
+				 "pkcs11:object=%s;type=private",
 				 name);
 	} else if (engine_id) {
 		if (keydir && name)
-- 
2.39.5