Hello,
I need to force authentication on the device everytime a sign operation
is requested from my PKCS#11 library. From the specification, I
understood that there is a flag CKA_ALWAYS_AUTHENTICATE of the private
key which should be set to TRUE. However, NSS does not request the value
of this attribute anywhere so I have no way of telling it that in order
to use the key, C_Login needs to be called with user type
CKU_CONTEXT_SPECIFIC.
I did some google research and found out that currently NSS does not
support any of these features (but the posts were quite older). My
question is; is the described behavior still unsupported? If yes, are
there any possibilities to achieve at least similar effect?
Thanks,
M. Kurpel
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
