[Pki-devel] patches for review - Bug 744207 - Key archival fails when KRA is configured with lunasa
Christina Fu
cfu at redhat.com
Tue May 1 15:42:47 UTC 2012
Please review the following patches for *Bug 744207*
<https://bugzilla.redhat.com/show_bug.cgi?id=744207> -Key archival fails
when KRA is configured with lunasa:
JSS:
https://bugzilla.redhat.com/attachment.cgi?id=581108&action=diff&context=patch&collapsed=&headers=1&format=raw
DRM/KRA:
https://bugzilla.redhat.com/attachment.cgi?id=581109&action=diff&context=patch&collapsed=&headers=1&format=raw
The JSS patch alone allows key archival (both RSA and ECC) to work with
lunasa token
where the lunasa token has to be KE-capable. Work done specifically on
the following model:
Model: Luna SA v5 w/ PED auth and CKE
Part No: 908-000093-001
The DRM/KRA patch are just some debugging to make recovery debugging
easier with an addition of non-static salt.
The recovery is not working currently, failing with wrapping operation
during PBE creation:
*Bug 817423* <https://bugzilla.redhat.com/show_bug.cgi?id=817423> -Key
recovery fails when KRA is configured with lunasa
which will be fixed at a later time.
To test these patches for key archival on the said model of lunasa, one
must turn on the prototype mode for recovery.
thanks,
Christina
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20120501/f786cb5f/attachment.htm>
More information about the Pki-devel
mailing list