From 6286f8120ac9986b418f4f08f26d6808cf028a9b Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Fri, 9 Nov 2018 13:34:33 +0100
Subject: [PATCH 66/74] p11_child(NSS): print key type in a debug message
NSS can handle EC keys automatically but a debug message indicating
which key type is used might be useful.
Related to https://pagure.io/SSSD/sssd/issue/3887
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/p11_child/p11_child_nss.c | 36 +++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/src/p11_child/p11_child_nss.c b/src/p11_child/p11_child_nss.c
index f9cbf3f37..d3064ff98 100644
--- a/src/p11_child/p11_child_nss.c
+++ b/src/p11_child/p11_child_nss.c
@@ -477,6 +477,40 @@ bool do_verification_b64(struct p11_ctx *p11_ctx, const char *cert_b64)
return res;
}
+static const char *keytype2str(KeyType keyType) {
+ switch (keyType) {
+ case nullKey:
+ return "nullKey";
+ break;
+ case rsaKey:
+ return "rsaKey";
+ break;
+ case dsaKey:
+ return "dsaKey";
+ break;
+ case fortezzaKey:
+ return "fortezzaKey";
+ break;
+ case dhKey:
+ return "dhKey";
+ break;
+ case keaKey:
+ return "keaKey";
+ break;
+ case ecKey:
+ return "ecKey";
+ break;
+ case rsaPssKey:
+ return "rsaPssKey";
+ break;
+ case rsaOaepKey:
+ return "rsaOaepKey";
+ break;
+ default:
+ return "Unknown key type";
+ }
+}
+
errno_t do_card(TALLOC_CTX *mem_ctx, struct p11_ctx *p11_ctx,
enum op_mode mode, const char *pin,
const char *module_name_in, const char *token_name_in,
@@ -798,6 +832,8 @@ errno_t do_card(TALLOC_CTX *mem_ctx, struct p11_ctx *p11_ctx,
goto done;
}
+ DEBUG(SSSDBG_TRACE_ALL, "Private key has type [%s].\n",
+ keytype2str(priv_key->keyType));
algtag = SEC_GetSignatureAlgorithmOidTag(priv_key->keyType,
SEC_OID_SHA1);
if (algtag == SEC_OID_UNKNOWN) {
--
2.19.1