rsa: use pkcs11 uri as defined in rfc7512

pkcs11 : change engine uri to use full pk11-URI as defined in:

https://www.rfc-editor.org/rfc/rfc7512.html
Signed-off-by: Ayoub Zaki <ayoub.zaki@embetrix.com>

diff --git a/doc/usage/fit/signature.rst b/doc/usage/fit/signature.rst
index 39edba14630b4d5693398334f09f4dcba4fcc794..03a71b5192d70530b61c0903ab6abb39ad5dcfe9 100644 (file)
--- a/doc/usage/fit/signature.rst
+++ b/doc/usage/fit/signature.rst
@@ -671,7 +671,7 @@ Create the fitImage::
 Sign the fitImage with the hardware key::
 
     $ ./tools/mkimage -F -k \
-    "model=PKCS%2315%20emulated;manufacturer=ZeitControl;serial=000xxxxxxxxx;token=OpenPGP%20card%20%28User%20PIN%20%28sig%29%29" \
+    "pkcs11:model=PKCS%2315%20emulated;manufacturer=ZeitControl;serial=000xxxxxxxxx;token=OpenPGP%20card%20%28User%20PIN%20%28sig%29%29" \
     -K u-boot.dtb -N pkcs11 -r fitImage
 
 

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index d20bdb58a57fb447ff786be4463eb86b0dfa1a38..7ae163f264b5aef394f3e76f65433dfd07df7e05 100644 (file)
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -116,15 +116,15 @@ static int rsa_engine_get_pub_key(const char *keydir, const char *name,
                if (keydir)
                        if (strstr(keydir, "object="))
                                snprintf(key_id, sizeof(key_id),
-                                        "pkcs11:%s;type=public",
+                                        "%s;type=public",
                                         keydir);
                        else
                                snprintf(key_id, sizeof(key_id),
-                                        "pkcs11:%s;object=%s;type=public",
+                                        "%s;object=%s;type=public",
                                         keydir, name);
                else
                        snprintf(key_id, sizeof(key_id),
-                                "pkcs11:object=%s;type=public",
+                                "object=%s;type=public",
                                 name);
        } else if (engine_id) {
                if (keydir)
@@ -238,15 +238,15 @@ static int rsa_engine_get_priv_key(const char *keydir, const char *name,
                if (keydir)
                        if (strstr(keydir, "object="))
                                snprintf(key_id, sizeof(key_id),
-                                        "pkcs11:%s;type=private",
+                                        "%s;type=private",
                                         keydir);
                        else
                                snprintf(key_id, sizeof(key_id),
-                                        "pkcs11:%s;object=%s;type=private",
+                                        "%s;object=%s;type=private",
                                         keydir, name);
                else
                        snprintf(key_id, sizeof(key_id),
-                                "pkcs11:object=%s;type=private",
+                                "object=%s;type=private",
                                 name);
        } else if (engine_id) {
                if (keydir && name)