From 198ef1b2ed385d13724021faec5a00ebea6931bf Mon Sep 17 00:00:00 2001
From: Kshitiz Varshney <kshitiz.varshney@nxp.com>
Date: Sun, 28 Jul 2024 19:13:44 +0200
Subject: [PATCH] Add CKA_DERIVE flag in server's private key template

This commit adds CKA_DERIVE flag in server's private key template which is
required by optee subsystem.
Tested TLS1.2 with the change.

Signed-off-by: Kshitiz Varshney <kshitiz.varshney@nxp.com>
---
 src/keymgmt.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/keymgmt.c b/src/keymgmt.c
index 3b1b8518..bd2d2143 100644
--- a/src/keymgmt.c
+++ b/src/keymgmt.c
@@ -1289,6 +1289,7 @@ static void *p11prov_ec_gen(void *genctx, OSSL_CALLBACK *cb_fn, void *cb_arg)
 #define EC_PRIVKEY_TMPL_SIZE 5
     CK_ATTRIBUTE privkey_template[EC_PRIVKEY_TMPL_SIZE + COMMON_TMPL_SIZE] = {
         { CKA_TOKEN, DISCARD_CONST(&val_true), sizeof(CK_BBOOL) },
+        { CKA_DERIVE, DISCARD_CONST(&val_true), sizeof(CK_BBOOL) },
         { CKA_PRIVATE, DISCARD_CONST(&val_true), sizeof(CK_BBOOL) },
         { CKA_SENSITIVE, DISCARD_CONST(&val_true), sizeof(CK_BBOOL) },
         { CKA_SIGN, DISCARD_CONST(&val_true), sizeof(CK_BBOOL) },