diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-06-09 14:10:44 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-06-09 14:10:44 +0200 |
commit | 0e0c9260ff9c862f47598e9ee6bccbc024d280b4 (patch) | |
tree | aa6a5f46f57fb3a7c9cae74d32bf21920b61b1a7 /lib/pkcs11_secret.c | |
parent | 8ac3afecd4a2a3a1db66417a8dc6fdd541ff8232 (diff) | |
download | gnutls-0e0c9260ff9c862f47598e9ee6bccbc024d280b4.tar.gz |
In tokens that allow multiple sessions make the private key session persistent.
This prevents asking for PIN on every private key operation.
Diffstat (limited to 'lib/pkcs11_secret.c')
-rw-r--r-- | lib/pkcs11_secret.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/lib/pkcs11_secret.c b/lib/pkcs11_secret.c index 54205f741e..10d39c7855 100644 --- a/lib/pkcs11_secret.c +++ b/lib/pkcs11_secret.c @@ -50,8 +50,6 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, gnutls_datum_t * key, /* GNUTLS_PKCS11_OBJ_FLAG_* */ ) { int ret; - struct ck_function_list *module; - ck_session_handle_t pks; struct p11_kit_uri *info = NULL; ck_rv_t rv; struct ck_attribute a[12]; @@ -61,6 +59,9 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, gnutls_datum_t * key, ck_bool_t tval = 1; int a_val; uint8_t id[16]; + struct pkcs11_session_info sinfo; + + memset(&sinfo, 0, sizeof(sinfo)); ret = pkcs11_url_to_info (token_url, &info); if (ret < 0) @@ -78,7 +79,7 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, gnutls_datum_t * key, } ret = - pkcs11_open_session (&module, &pks, info, + pkcs11_open_session (&sinfo, info, SESSION_WRITE | pkcs11_obj_flags_to_int (flags)); p11_kit_uri_free (info); @@ -129,7 +130,7 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, gnutls_datum_t * key, a[a_val].value_len = sizeof (tval); a_val++; - rv = pkcs11_create_object (module, pks, a, a_val, &obj); + rv = pkcs11_create_object (sinfo.module, sinfo.pks, a, a_val, &obj); if (rv != CKR_OK) { gnutls_assert (); @@ -144,7 +145,7 @@ gnutls_pkcs11_copy_secret_key (const char *token_url, gnutls_datum_t * key, ret = 0; cleanup: - pkcs11_close_session (module, pks); + pkcs11_close_session (&sinfo); return ret; |