p11tool: explicitly mark generated keys as sensitive

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-08-25 16:15:24 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-08-26 08:37:41 +0200
commit: ca969496016c76ef3cdc556e02506042b389c038 (patch)
tree: 8cbe635915ece348956cf5bf468f29eb3bc7a242
parent: dc292d5097f183f06446a907021fe9a3f8b66836 (diff)
download: gnutls-ca969496016c76ef3cdc556e02506042b389c038.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/src/pkcs11.c b/src/pkcs11.c
index f0b251b834..ab2b81d601 100644
--- a/src/pkcs11.c
+++ b/src/pkcs11.c
@@ -1067,11 +1067,13 @@ pkcs11_generate(FILE * outfile, const char *url, gnutls_pk_algorithm_t pk,
 		label = read_str("warning: Label was not specified.\nLabel: ");
 	}
 
+	fprintf(stderr, "Generating an %s key...\n", gnutls_pk_get_name(pk));
+
 	ret =
 	    gnutls_pkcs11_privkey_generate3(url, pk, bits, label, &cid,
 					    GNUTLS_X509_FMT_PEM, &pubkey,
 					    info->key_usage,
-					    flags);
+					    flags|GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE);
 	if (ret < 0) {
 		fprintf(stderr, "Error in %s:%d: %s\n", __func__, __LINE__,
 			gnutls_strerror(ret));
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-08-25 16:15:24 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-08-26 08:37:41 +0200
commit	ca969496016c76ef3cdc556e02506042b389c038 (patch)
tree	8cbe635915ece348956cf5bf468f29eb3bc7a242
parent	dc292d5097f183f06446a907021fe9a3f8b66836 (diff)
download	gnutls-ca969496016c76ef3cdc556e02506042b389c038.tar.gz