-
Type:
Bug
-
Status: Closed
-
Priority:
Critical
-
Resolution: Fixed
-
Affects Version/s: 2.0.0
-
Fix Version/s: 2.0.0
-
Component/s: PKCS#11 Interface
-
Labels:None
Many functions are missing to check if the user is allowed to use the object in the crypto operation (missing a call to haveRead()).
C_Sign, C_Verify, C_Encrypt, C_Decrypt, ...
We must go through the different PKCS#11-functions and check this. Also to update the test cases to include unauthorized usage of key objects.