[Freeipa-devel] [PATCH 0031] Update PKCS#11 mechanism constants for AES key wrapping to PKCS#11 v2.40
Petr Vobornik
pvoborni at redhat.com
Thu Jun 11 11:19:39 UTC 2015
On 06/10/2015 03:53 PM, Martin Basti wrote:
> On 08/06/15 16:18, Petr Spacek wrote:
>> Hello,
>>
>> Update PKCS#11 mechanism constants for AES key wrapping to PKCS#11 v2.40.
>>
>> SoftHSM 2.0.0rc1 was updates to these new constants to avoid collision
>> with
>> Blowfish mechanisms.
>>
>>
>> Older code *cannot* work SoftHSM 2.0.0rc1 and newer.
>>
>> Symptoms include errors like this:
>>
>> On DNSSEC key master:
>> ipa-ods-exporter: _ipap11helper.Error: Error at key wrapping: get buffer
>> length: 0x70
>>
>> On DNSSEC replicas:
>> ipa-dnskeysyncd: subprocess.CalledProcessError: Command
>> ''/usr/libexec/ipa/ipa-dnskeysync-replica'' returned non-zero exit
>> status 1
>>
> ACK
>
Pushed to master: 40680fd2a95ba0b00c81f5e22241b3a16d6eee54
--
Petr Vobornik
More information about the Freeipa-devel
mailing list