1 files changed, 40 insertions, 0 deletions

diff --git a/src/rsa.c b/src/rsa.c
index fa3d372..076e514 100644
--- a/src/rsa.c
+++ b/src/rsa.c
@@ -63,6 +63,16 @@ test_rsa_decrypt(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key,
 
 	n_decrypted = sizeof(decrypted);
 	rv = (p11t_module_funcs->C_Decrypt)(session, encrypted, n_encrypted, decrypted, &n_decrypted);
+
+	/* Requires authentication */
+	if (rv == CKR_USER_NOT_LOGGED_IN) {
+		rv = p11t_key_login_context_specific (session, key);
+		P11T_CHECK_RV("Always authenticate", rv, CKR_OK);
+
+		/* Try it again */
+		rv = (p11t_module_funcs->C_Decrypt)(session, encrypted, n_encrypted, decrypted, &n_decrypted);
+	}
+
 	P11T_CHECK_RV("Normal call", rv, CKR_OK);
 
 	if(n_decrypted != n_data)
@@ -164,6 +174,16 @@ test_rsa_pkcs_sign_hash(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key,
 
 	n_sig = sizeof(sig);
 	rv = (p11t_module_funcs->C_Sign)(session, hash, n_hash, sig, &n_sig);
+
+	/* Requires authentication */
+	if (rv == CKR_USER_NOT_LOGGED_IN) {
+		rv = p11t_key_login_context_specific (session, key);
+		P11T_CHECK_RV("Always authenticate", rv, CKR_OK);
+
+		/* Try it again */
+		rv = (p11t_module_funcs->C_Sign)(session, hash, n_hash, sig, &n_sig);
+	}
+
 	P11T_CHECK_RV("Normal call", rv, CKR_OK);
 
 	/* Hash the data again this time without wrapping */
@@ -207,6 +227,16 @@ test_rsa_x509_sign(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key, RSA* rsa)
 
 	n_sig = sizeof(sig);
 	rv = (p11t_module_funcs->C_Sign)(session, (CK_BYTE*)data, n_data, sig, &n_sig);
+
+	/* Requires authentication */
+	if (rv == CKR_USER_NOT_LOGGED_IN) {
+		rv = p11t_key_login_context_specific (session, key);
+		P11T_CHECK_RV("Always authenticate", rv, CKR_OK);
+
+		/* Try it again */
+		rv = (p11t_module_funcs->C_Sign)(session, (CK_BYTE*)data, n_data, sig, &n_sig);
+	}
+
 	P11T_CHECK_RV("RSA X509 Call", rv, CKR_OK);
 	P11T_CHECK_ULONG("C_Sign: rsa x509 result length", n_sig, size);
 
@@ -351,6 +381,16 @@ test_rsa_encrypt(CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key,
 
 	n_check = sizeof(check);
 	rv = (p11t_module_funcs->C_Decrypt)(session, encrypted, n_encrypted, check, &n_check);
+
+	/* Requires authentication */
+	if (rv == CKR_USER_NOT_LOGGED_IN) {
+		rv = p11t_key_login_context_specific (session, privkey);
+		P11T_CHECK_RV("Always authenticate", rv, CKR_OK);
+
+		/* Try it again */
+		rv = (p11t_module_funcs->C_Decrypt)(session, encrypted, n_encrypted, check, &n_check);
+	}
+
 	P11T_CHECK_RV("Module encrypted data", rv, CKR_OK);
 
 	if(n_check != n_data)