From 8a71e282f99bf27d5a60ce35b994e55cb405a6bf Mon Sep 17 00:00:00 2001 From: Doug Engert Date: Sat, 20 Jan 2024 12:51:08 -0600 Subject: [PATCH] pkcs11-tool.c calculate size in bits for eddsa and xeddsa CDA_EC_POINT CKA_EC_POINT for eddsa and xeddsa are bit strings. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c --- src/tools/pkcs11-tool.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c index 0ae694ad7d7..1eb0e0beb3d 100644 --- a/src/tools/pkcs11-tool.c +++ b/src/tools/pkcs11-tool.c @@ -5134,8 +5134,17 @@ show_key(CK_SESSION_HANDLE sess, CK_OBJECT_HANDLE obj) else ksize = (size - 5) * 4; } else { - /* This should be 255 for ed25519 and 448 for ed448 curves so roughly */ - ksize = size * 8; + /* + * EDDSA and XEDDSA in PKCS11 are in bit strings. + * need to drop '03' tag, len (in bytes) and 00 bits in last byte. + */ + if ((size - 3) < 127) + ksize = (size - 3) * 8; + else if ((size - 4) <= 255) + ksize = (size - 4) * 8; + else + ksize = (size - 5) * 8; + } printf(" EC_POINT %u bits\n", ksize);