Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Try harder to find PKCS#11 key to match a given cert
CKA_LABEL might not match, but CKA_ID should. So if the label (of the cert) was in the original search criteria, but the ID wasn't, then as a last resort try *dropping* CKA_LABEL from the URI and adding the CKA_ID of the cert. Now it works to use a PIV card with something simple like openconnect -c 'pkcs11:object=Certificate%20for%20PIV%20Authentication' Also allow ;object-type=cert to be specified for the certificate. We're clever enough to work out that a key needs to have that changed... Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
- Loading branch information
David Woodhouse
authored and
David Woodhouse
committed
Dec 4, 2014
1 parent
ad32265
commit 8af8f54
Showing
1 changed file
with
41 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters