Displaying 1 result from an estimated 1 matches for "pkcs11_login_slot".
2023 Nov 19
2
[Bug 3635] New: ssh-add -s always asks for PKCS#11 PIN
...n_session checks if the
CKF_LOGIN_REQUIRED flag is set [8] and fails if it is set but no PIN
was provided.
4. After establishing a session pkcs11_fetch_keys is called [9], to
derive keys
5. If it was not possible to derive at least one key and no login took
place yet and the session is interactive, pkcs11_login_slot [10] is
called to perform a login.
pkcs11_login_slot checks for the CKF_PROTECTED_AUTHENTICATION_PATH
flag [11] and allows the PIN entry to happen outside the PKCS#11
library.
If the login was successful, pkcs11_fetch_keys is called again to
derive keys.
With these findings, the following q...