pvpkcs11 consists of a input validation library and a set of PKCS#11 implementations that wrap operating system and browser cryptographic implementations.
This code works for EC and RSA private keys on C_CopyObject method calling. If CKA_PIN_FLAGS presents and greater than 0 it uses NCRYPT_UI_POLICY for key container creation, otherwise the key will be created without the NCRYPT_UI_POLICY policy.
This code works for EC and RSA private keys on
C_CopyObject
method calling. IfCKA_PIN_FLAGS
presents and greater than 0 it usesNCRYPT_UI_POLICY
for key container creation, otherwise the key will be created without theNCRYPT_UI_POLICY
policy.Key generation with NCRYPT_UI_PROTECT_KEY_FLAG flag
Key generation with NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG flag