summaryrefslogtreecommitdiff
path: root/lib/pkcs11_write.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pkcs11_write.c')
-rw-r--r--lib/pkcs11_write.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/pkcs11_write.c b/lib/pkcs11_write.c
index b0b6e95f72..d1a19cf35c 100644
--- a/lib/pkcs11_write.c
+++ b/lib/pkcs11_write.c
@@ -79,7 +79,7 @@ static void mark_flags(unsigned flags, struct ck_attribute *a, unsigned *a_val)
* This function will copy a certificate into a PKCS #11 token specified by
* a URL. Valid flags to mark the certificate: %GNUTLS_PKCS11_OBJ_FLAG_MARK_TRUSTED,
* %GNUTLS_PKCS11_OBJ_FLAG_MARK_SENSITIVE, %GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE,
- * %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA.
+ * %GNUTLS_PKCS11_OBJ_FLAG_MARK_CA, %GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
@@ -431,6 +431,13 @@ gnutls_pkcs11_copy_x509_privkey(const char *token_url,
a_val++;
}
+ if (flags & GNUTLS_PKCS11_OBJ_FLAG_MARK_ALWAYS_AUTH) {
+ a[a_val].type = CKA_ALWAYS_AUTHENTICATE;
+ a[a_val].value = (void *) &tval;
+ a[a_val].value_len = sizeof(tval);
+ a_val++;
+ }
+
if (label) {
a[a_val].type = CKA_LABEL;
a[a_val].value = (void *) label;
View Lorry Controller Status