In PKINIT NSS crypto, support encrypted PEM keys

When the PEM module is given an encrypted key, it changes its token
flags to indicate that a password is required (by setting needs-login)
to signal the application that we need to supply a password to decrypt
it.  Attempts to load any other items will fail until the flag is
cleared.

If we detect that the flag is set after we've attempted to load a
private key, attempt to "log in" to the "token" using a password.  Even
if we fail, the token will reset its needs-login flag, which is
necessary before we can import anything else.

0 files changed, 0 insertions, 0 deletions