pkcs11: fix key pair generation for EdDSA
Previouly we used the CKM_EDDSA mechanism to generate key pair, though the mechanism can only be used for signing and verification as specified in PKCS#11 3.1 section 6.3. For key generation, the CKM_EC_EDWARDS_KEY_PAIR_GEN mechanism (or CKM_EC_MONTGOMERY_KEY_PAIR_GEN, if the point is represented in the Montgomery form) needs to be used.
Fixes: #1309 (closed)
Checklist
-
Commits have Signed-off-by:
with name/author being identical to the commit author -
Code modified for feature -
Test suite updated with functionality tests -
Test suite updated with negative tests -
Documentation updated / NEWS entry present (for non-trivial changes) -
CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)
Reviewer's checklist:
-
Any issues marked for closing are addressed -
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
-
This feature/change has adequate documentation added -
No obvious mistakes in the code