Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Always login with PIN If FORCE_LOGIN is specified in openssl config
The HSM slot is queried with C_GetTokenInfo(...) if it requires login, checking the flag CKF_LOGIN_REQUIRED. If there are multiple objects in the slot, some may not require login (like certificates and public keys), other will require login (like private keys). In this case some HSM (like Thales PTK 7.1) responds that no login is required, which sets token->loginRequired = false. This makes it impossible to use the private key - no attempt is ever made to login. Even if the user explicitly sets the option FORCE_LOGIN - it is ignored. Now if ctx->force_login is specified, it will always login with the slot, regardless of the CKF_LOGIN_REQUIRED flag.
- Loading branch information