a3b516a1e1
When OpenSC is used with a card that enforces user_consent and the calling PKCS#11 application does not understand how to handle the CKA_ALWAYS_AUTHENTICATE, signature operations will fail. OpenSC will not cache a PIN that protects a user_consent object as one would expect. This mods allows PINs to be cached even if protecting a user_consent object by adding pin_cache_ignore_user_consent = true; option in opensc.conf. Thunderbird is the prime example of this situation. Mozilla has accepted mods (357025 and 613507) to support CKA_ALWAYS_AUTHENTICATE that will appear in NSS-3.14 but this may be some time before this version is in vendor distribution. |
||
---|---|---|
.. | ||
Makefile.am | ||
Makefile.mak | ||
opensc.conf.in |