|
|
17c662 |
diff --git a/src/p11tool.c b/src/p11tool.c
|
|
|
17c662 |
index 2abf23a27..a6fce78e3 100644
|
|
|
17c662 |
--- a/src/p11tool.c
|
|
|
17c662 |
+++ b/src/p11tool.c
|
|
|
17c662 |
@@ -68,7 +68,7 @@ int main(int argc, char **argv)
|
|
|
17c662 |
}
|
|
|
17c662 |
|
|
|
17c662 |
static
|
|
|
17c662 |
-unsigned opt_to_flags(void)
|
|
|
17c662 |
+unsigned opt_to_flags(common_info_st *cinfo)
|
|
|
17c662 |
{
|
|
|
17c662 |
unsigned flags = 0;
|
|
|
17c662 |
|
|
|
17c662 |
@@ -78,6 +78,12 @@ unsigned opt_to_flags(void)
|
|
|
17c662 |
} else {
|
|
|
17c662 |
flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE;
|
|
|
17c662 |
}
|
|
|
17c662 |
+ } else { /* if not given mark as private the private objects, and public the public ones */
|
|
|
17c662 |
+ if (cinfo->privkey)
|
|
|
17c662 |
+ flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_PRIVATE;
|
|
|
17c662 |
+ else if (cinfo->pubkey || cinfo->cert)
|
|
|
17c662 |
+ flags |= GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_PRIVATE;
|
|
|
17c662 |
+ /* else set the defaults of the token */
|
|
|
17c662 |
}
|
|
|
17c662 |
|
|
|
17c662 |
if (ENABLED_OPT(MARK_TRUSTED))
|
|
|
17c662 |
@@ -166,8 +172,6 @@ static void cmd_parser(int argc, char **argv)
|
|
|
17c662 |
|
|
|
17c662 |
memset(&cinfo, 0, sizeof(cinfo));
|
|
|
17c662 |
|
|
|
17c662 |
- flags = opt_to_flags();
|
|
|
17c662 |
-
|
|
|
17c662 |
if (HAVE_OPT(SECRET_KEY))
|
|
|
17c662 |
cinfo.secret_key = OPT_ARG(SECRET_KEY);
|
|
|
17c662 |
|
|
|
17c662 |
@@ -227,6 +231,8 @@ static void cmd_parser(int argc, char **argv)
|
|
|
17c662 |
sec_param = OPT_ARG(SEC_PARAM);
|
|
|
17c662 |
}
|
|
|
17c662 |
|
|
|
17c662 |
+ flags = opt_to_flags(&cinfo);
|
|
|
17c662 |
+
|
|
|
17c662 |
if (debug > 4) {
|
|
|
17c662 |
if (HAVE_OPT(MARK_PRIVATE))
|
|
|
17c662 |
fprintf(stderr, "Private: %s\n",
|
|
|
17c662 |
--
|
|
|
17c662 |
2.14.3
|
|
|
17c662 |
|