From ca56b79209287df2949439f66b30d110a09ad351 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Fri, 15 Sep 2023 15:18:11 +0200 Subject: [PATCH] Add compile-time option WOLFSSL_PKCS11_RW_TOKENS By default, wolfcrypt PKCS11 interface accesses tokens in read-only mode. In some cases, we might want to build the client with write permissions, i.e. when initializing tokens via C_InitToken(). The WOLFSSL_PKCS11_RW_TOKENS option, if present, allows write access to PKCS11 tokens. --- wolfcrypt/src/wc_pkcs11.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/wolfcrypt/src/wc_pkcs11.c b/wolfcrypt/src/wc_pkcs11.c index 2f679bbf02..0d7bd6e211 100644 --- a/wolfcrypt/src/wc_pkcs11.c +++ b/wolfcrypt/src/wc_pkcs11.c @@ -3755,7 +3755,12 @@ int wc_Pkcs11_CryptoDevCb(int devId, wc_CryptoInfo* info, void* ctx) int ret = 0; Pkcs11Token* token = (Pkcs11Token*)ctx; Pkcs11Session session; + +#ifdef WOLFSSL_PKCS11_RW_TOKENS + int readWrite = 1; +#else int readWrite = 0; +#endif if (devId <= INVALID_DEVID || info == NULL || ctx == NULL) ret = BAD_FUNC_ARG;