Open salrashid123 opened 3 years ago
If there's no id=
or object=
in the URI used to specify the object, why do we even care if it has one? If I have a token with only one key in it, I should be able to use just pkcs11:manufacturer=mytoken;type=private
as the key, surely?
I may update http://david.woodhou.se/draft-woodhouse-cert-best-practice.html#rfc.section.8 to make that explicit.
FindKeyPair
only looks for keys that has anid
value here https://github.com/ThalesIgnite/crypto11/blob/master/keys.go#L122In my case, the tpm-backed key has a label but not an id
which still works with openssl with used with modules
i do not know if specs requires it or not but the fix used was to check for either