diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-04-28 11:14:34 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-05-03 09:19:57 +0200 |
commit | 333864750739df33020a8b48563051565100ba04 (patch) | |
tree | ed098d666d10feb1dab6ffa483da49bb70d3940f /lib/pkcs11_secret.c | |
parent | 0ce2a9b327c39a6ef98f411fed5da207091af813 (diff) | |
download | gnutls-333864750739df33020a8b48563051565100ba04.tar.gz |
pkcs11: mark private key objects as sensitive by defaulttmp-pkcs11-sensitive-fix
That is, to prevent accidentally creating objects which can
be exported.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'lib/pkcs11_secret.c')
-rw-r--r-- | lib/pkcs11_secret.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c index b9a88549ee..83cdf58457 100644 --- a/lib/pkcs11_secret.c +++ b/lib/pkcs11_secret.c @@ -119,7 +119,7 @@ gnutls_pkcs11_copy_secret_key(const char *token_url, gnutls_datum_t * key, a_val++; } - if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE) + if (!(flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE)) tval = 1; else tval = 0; |