[Softhsm-develop] SOFTHSM-112: PKCS#11 constants conflict for AES and BLOWFISH

Jakob Schlyter jakob at kirei.se
Wed Feb 11 14:38:20 UTC 2015

On 11 feb 2015, at 15:36, Petr Spacek <pspacek at redhat.com> wrote:
> On 11.2.2015 15:11, Jakob Schlyter wrote:
>> On 11 feb 2015, at 15:00, Petr Spacek <pspacek at redhat.com> wrote:
>>> My main question is now: Will you accept patches with update to PKCS#11 v2.40?
>> Sure. Why not? Are there any downsides?
> The downside is that constants for AES_KEY_WRAP* were changed so it will cause
> failures in applications which were not recompiled with new pkcs11.h and use
> old CKM_ constant.
> AFAIK OpenDNSSEC does not use AES at all and in FreeIPA we will manage the
> change. I have no idea if somebody else is using the AES_KEY_WRAP* thing or not.

I suggest we go for 2.40 with SoftHSMv2 as a start; Rickard what say you?


More information about the Softhsm-develop mailing list