latchset · simo5 · Feb 13, 2026 · Feb 12, 2026
diff --git a/src/ec/ecdh.rs b/src/ec/ecdh.rs
@@ -7,21 +7,20 @@
 use std::fmt::Debug;
 use std::sync::LazyLock;
 
-use crate::ec::ecdsa::{MAX_EC_SIZE_BITS, MIN_EC_SIZE_BITS};
+use crate::ec::*;
 use crate::error::Result;
 use crate::mechanism::{Derive, Mechanism, Mechanisms};
 use crate::misc::cast_params;
 use crate::object::ObjectFactories;
 use crate::ossl::ecdh::ECDHOperation;
-use crate::pkcs11::*;
 
 /// Object that holds Mechanisms for ECDH
 static ECDH_MECH: LazyLock<Box<dyn Mechanism>> = LazyLock::new(|| {
     Box::new(ECDHMechanism {
         info: CK_MECHANISM_INFO {
             ulMinKeySize: CK_ULONG::try_from(MIN_EC_SIZE_BITS).unwrap(),
             ulMaxKeySize: CK_ULONG::try_from(MAX_EC_SIZE_BITS).unwrap(),
-            flags: CKF_DERIVE,
+            flags: CKF_DERIVE | COMMON_CKF_EC_FLAGS,
         },
     })
 });

diff --git a/src/ec/ecdsa.rs b/src/ec/ecdsa.rs
@@ -19,26 +19,21 @@ use crate::ossl::ecdsa::EcdsaOperation;
 
 use asn1;
 
-/// Minimum ECDSA key size
-pub const MIN_EC_SIZE_BITS: usize = BITS_SECP256R1;
-/// Maximum ECDSA key size
-pub const MAX_EC_SIZE_BITS: usize = BITS_SECP521R1;
-
 /// Object that holds Mechanisms for ECDSA
 static ECDSA_MECHS: LazyLock<[Box<dyn Mechanism>; 2]> = LazyLock::new(|| {
     [
         Box::new(EcdsaMechanism {
             info: CK_MECHANISM_INFO {
                 ulMinKeySize: CK_ULONG::try_from(MIN_EC_SIZE_BITS).unwrap(),
                 ulMaxKeySize: CK_ULONG::try_from(MAX_EC_SIZE_BITS).unwrap(),
-                flags: CKF_SIGN | CKF_VERIFY,
+                flags: CKF_SIGN | CKF_VERIFY | COMMON_CKF_EC_FLAGS,
             },
         }),
         Box::new(EcdsaMechanism {
             info: CK_MECHANISM_INFO {
                 ulMinKeySize: CK_ULONG::try_from(MIN_EC_SIZE_BITS).unwrap(),
                 ulMaxKeySize: CK_ULONG::try_from(MAX_EC_SIZE_BITS).unwrap(),
-                flags: CKF_GENERATE_KEY_PAIR,
+                flags: CKF_GENERATE_KEY_PAIR | COMMON_CKF_EC_FLAGS,
             },
         }),
     ]

diff --git a/src/ec/eddsa.rs b/src/ec/eddsa.rs
@@ -18,24 +18,21 @@ use crate::object::*;
 use crate::ossl::common::extract_public_key;
 use crate::ossl::eddsa::EddsaOperation;
 
-pub const MIN_EDDSA_SIZE_BITS: usize = BITS_ED25519;
-pub const MAX_EDDSA_SIZE_BITS: usize = BITS_ED448;
-
 /// Object that holds Mechanisms for EDDSA
 static EDDSA_MECHS: LazyLock<[Box<dyn Mechanism>; 2]> = LazyLock::new(|| {
     [
         Box::new(EddsaMechanism {
             info: CK_MECHANISM_INFO {
-                ulMinKeySize: CK_ULONG::try_from(MIN_EDDSA_SIZE_BITS).unwrap(),
-                ulMaxKeySize: CK_ULONG::try_from(MAX_EDDSA_SIZE_BITS).unwrap(),
-                flags: CKF_SIGN | CKF_VERIFY,
+                ulMinKeySize: MIN_EC_EDWARDS_SIZE_BITS as CK_ULONG,
+                ulMaxKeySize: MAX_EC_EDWARDS_SIZE_BITS as CK_ULONG,
+                flags: CKF_SIGN | CKF_VERIFY | COMMON_CKF_EC_FLAGS,
             },
         }),
         Box::new(EddsaMechanism {
             info: CK_MECHANISM_INFO {
-                ulMinKeySize: CK_ULONG::try_from(MIN_EDDSA_SIZE_BITS).unwrap(),
-                ulMaxKeySize: CK_ULONG::try_from(MAX_EDDSA_SIZE_BITS).unwrap(),
-                flags: CKF_GENERATE_KEY_PAIR,
+                ulMinKeySize: MIN_EC_EDWARDS_SIZE_BITS as CK_ULONG,
+                ulMaxKeySize: MAX_EC_EDWARDS_SIZE_BITS as CK_ULONG,
+                flags: CKF_GENERATE_KEY_PAIR | COMMON_CKF_EC_FLAGS,
             },
         }),
     ]

diff --git a/src/ec/mod.rs b/src/ec/mod.rs
@@ -27,6 +27,26 @@ pub mod eddsa;
 #[cfg(feature = "ec_montgomery")]
 pub mod montgomery;
 
+/// Minimum EC key size
+pub const MIN_EC_SIZE_BITS: usize = BITS_SECP256R1;
+/// Maximum EC key size
+pub const MAX_EC_SIZE_BITS: usize = BITS_SECP521R1;
+/// Minimum Edwards key size
+pub const MIN_EC_EDWARDS_SIZE_BITS: usize = BITS_ED25519;
+/// Maximum Edwards key size
+pub const MAX_EC_EDWARDS_SIZE_BITS: usize = BITS_ED448;
+/// Minimum Montgomery key size
+pub const MIN_EC_MONTGOMERY_SIZE_BITS: usize = BITS_X25519;
+/// Maximum Montgomery key size
+pub const MAX_EC_MONTGOMERY_SIZE_BITS: usize = BITS_X448;
+
+/// Common flags for supported features of EC curves to be exposed on mechanisms.
+pub const COMMON_CKF_EC_FLAGS: CK_FLAGS = CKF_EC_F_P
+    | CKF_EC_OID
+    | CKF_EC_UNCOMPRESS
+    | CKF_EC_COMPRESS
+    | CKF_EC_CURVENAME;
+
 /* Bit sizes for curves */
 pub const BITS_SECP256R1: usize = 256;
 #[allow(dead_code)]

diff --git a/src/ec/montgomery.rs b/src/ec/montgomery.rs
@@ -25,7 +25,7 @@ static MONTGOMERY_MECHS: LazyLock<Box<dyn Mechanism>> = LazyLock::new(|| {
                 .unwrap(),
             ulMaxKeySize: CK_ULONG::try_from(MAX_EC_MONTGOMERY_SIZE_BITS)
                 .unwrap(),
-            flags: CKF_GENERATE_KEY_PAIR,
+            flags: CKF_GENERATE_KEY_PAIR | COMMON_CKF_EC_FLAGS,
         },
     })
 });
@@ -84,9 +84,6 @@ pub fn register(mechs: &mut Mechanisms, ot: &mut ObjectFactories) {
     );
 }
 
-pub const MIN_EC_MONTGOMERY_SIZE_BITS: usize = BITS_X25519;
-pub const MAX_EC_MONTGOMERY_SIZE_BITS: usize = BITS_X448;
-
 /// The EC-Montgomery Public-Key Factory
 #[derive(Debug, Default)]
 pub struct ECMontgomeryPubFactory {