From 65c696bc3679f5c4d8de8a466773be6594c18a6d Mon Sep 17 00:00:00 2001
From: Per Nilsson <per.nilsson@yubico.com>
Date: Thu, 21 Mar 2024 09:52:46 +0100
Subject: [PATCH] Support pSharedData

---
 pkcs11/yubihsm_pkcs11.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/pkcs11/yubihsm_pkcs11.c b/pkcs11/yubihsm_pkcs11.c
index 3902bab7..999186d1 100644
--- a/pkcs11/yubihsm_pkcs11.c
+++ b/pkcs11/yubihsm_pkcs11.c
@@ -5647,12 +5647,6 @@ CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey)
 
   CK_ECDH1_DERIVE_PARAMS *params = pMechanism->pParameter;
 
-  if (params->pSharedData != NULL || params->ulSharedDataLen != 0) {
-    DBG_ERR("Mechanism parameters incompatible with key derivation function");
-    rv = CKR_MECHANISM_PARAM_INVALID;
-    goto c_drv_out;
-  }
-
   int seq = session->ecdh_session_keys.length + 1;
   if (seq > MAX_ECDH_SESSION_KEYS) {
     DBG_ERR("There are already %d ECDH keys available for this session. "
@@ -5689,7 +5683,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_DeriveKey)
 
   DBG_INFO("ECDH ecdh_key.len = %zu", ecdh_key.len);
 
-  rv = ecdh_kdf(&ecdh_key, NULL, 0, params->kdf, value_len);
+  rv = ecdh_kdf(&ecdh_key, params->pSharedData, params->ulSharedDataLen, params->kdf, value_len);
   if (rv != CKR_OK) {
     DBG_ERR("Failed to derive ECDH key with KDF %lu", params->kdf);
     goto c_drv_out;