[Freeipa-devel] [PATCH 0031] Update PKCS#11 mechanism constants for AES key wrapping to PKCS#11 v2.40
Petr Spacek
pspacek at redhat.com
Mon Jun 8 14:18:08 UTC 2015
Hello,
Update PKCS#11 mechanism constants for AES key wrapping to PKCS#11 v2.40.
SoftHSM 2.0.0rc1 was updates to these new constants to avoid collision with
Blowfish mechanisms.
Older code *cannot* work SoftHSM 2.0.0rc1 and newer.
Symptoms include errors like this:
On DNSSEC key master:
ipa-ods-exporter: _ipap11helper.Error: Error at key wrapping: get buffer
length: 0x70
On DNSSEC replicas:
ipa-dnskeysyncd: subprocess.CalledProcessError: Command
''/usr/libexec/ipa/ipa-dnskeysync-replica'' returned non-zero exit status 1
--
Petr^2 Spacek
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pspacek-0031-Update-PKCS-11-mechanism-constants-for-AES-key-wrapp.patch
Type: text/x-patch
Size: 1598 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150608/2abbd25e/attachment.bin>
More information about the Freeipa-devel
mailing list