[Pki-devel] [PATCH] pki-0178, jss-0000..0002 - PKCS #12 key bag AES encryption

Fraser Tweedale ftweedal at redhat.com
Thu Apr 27 23:44:06 UTC 2017 

On Thu, Apr 27, 2017 at 04:02:58PM -0700, Christina Fu wrote:
> 
> On 04/26/2017 07:11 AM, Fraser Tweedale wrote:
> > On Tue, Apr 11, 2017 at 03:23:18PM -0700, Christina Fu wrote:
> > > Thank you. Please see review comments:
> > > 
> > > https://bugzilla.mozilla.org/show_bug.cgi?id=1355358#c6
> > > 
> > > I will review PKCS12Util later.
> > > 
> > > Christina
> > > 
> > Updated patch jss-0002 and also created
> > https://bugzilla.mozilla.org/show_bug.cgi?id=1359731 with some
> > other JSS patches.
> 
> For JSS, I have reviewed and ack'ed the updated patch for
> 
> https://bugzilla.mozilla.org/show_bug.cgi?id=1355358
> 
> I have also reviewed and ack'ed the additional patches in
> 
> https://bugzilla.mozilla.org/show_bug.cgi?id=1359731
> 
> Please work with Elio to check in before deadline today.
> 
> Ade has agreed to review your pkcs 12 (non-jss) patches.
> 
Thanks Ade,

If you're happy with the patches and I'm not around when you've
reviewed them, could you please push them?

Cheers,
Fraser

> > 
> > Created Gerrit review branch for Dogtag patches:
> > https://review.gerrithub.io/#/c/358634/.  This includes patch
> > pki-0178 and also a new patch to change KRA PKCS #12 recovery to use
> > AES, which depends on the new JSS patches linked above.
> > 
> > Thanks,
> > Fraser
> > 
> > > On 04/10/2017 11:30 PM, Fraser Tweedale wrote:
> > > > On Thu, Apr 06, 2017 at 03:45:55PM -0700, Christina Fu wrote:
> > > > > Hi Fraser,
> > > > > 
> > > > > Could you please do the following first?
> > > > > 
> > > > > 1.  file a Mozilla bugzilla bug for this against Product JSS Release 4.4.1,
> > > > > then assign to yourself:
> > > > > https://bugzilla.mozilla.org/
> > > > > 2. After making sure your patch compiles well with the 4.4.1 base, attach
> > > > > the patch to that ticket, and mark reviewers
> > > > > 
> > > > > thanks!
> > > > > 
> > > > > Christina
> > > > > 
> > > > Thanks Christina, I filed
> > > > https://bugzilla.mozilla.org/show_bug.cgi?id=1355358
> > > > 
> > > > I was unable to assign myself to the bug ('Assignee' field is not
> > > > active when I go to Edit Bug.
> > > > 
> > > > Also not sure how to "mark reviewers".  I added you and Elio to Cc
> > > > though.
> > > > 
> > > > Thanks,
> > > > Fraser
> > > > 
> > > > > On 04/04/2017 02:56 AM, Fraser Tweedale wrote:
> > > > > > Hi team,
> > > > > > 
> > > > > > Please review attached patches for JSS and Dogtag that:
> > > > > > 
> > > > > > - add some new EncryptedPrivateKeyInfo export and import functions
> > > > > >      to JSS
> > > > > > 
> > > > > > - update Dogtag's `pki pkcs12' command to use the new functions to
> > > > > >      achieve AES encryption of the key bags, with wrapping/unwrapping
> > > > > >      occurring on the token.
> > > > > > 
> > > > > > PKCS #12 files produced by current releases continue to import
> > > > > > properly (of course, this is an important test vector).
> > > > > > 
> > > > > > These patches do not address the PKCS #12 KRA recovery export; This
> > > > > > is my next task and separate patches will be produced.
> > > > > > 
> > > > > > Thanks,
> > > > > > Fraser
>

More information about the Pki-devel mailing list