[Softhsm-develop] SOFTHSM-112: PKCS#11 constants conflict for AES and BLOWFISH

Rickard Bellgrim rickard at opendnssec.org
Sun Feb 15 07:53:44 UTC 2015

On Wed, Feb 11, 2015 at 3:38 PM, Jakob Schlyter <jakob at kirei.se> wrote:

> On 11 feb 2015, at 15:36, Petr Spacek <pspacek at redhat.com> wrote:
> > The downside is that constants for AES_KEY_WRAP* were changed so it will
> cause
> > failures in applications which were not recompiled with new pkcs11.h and
> use
> > old CKM_ constant.
> >
> > AFAIK OpenDNSSEC does not use AES at all and in FreeIPA we will manage
> the
> > change. I have no idea if somebody else is using the AES_KEY_WRAP* thing
> or not.
> I suggest we go for 2.40 with SoftHSMv2 as a start; Rickard what say you?

We have already incorporated some changes from 2.30/2.40 into SoftHSMv2.
The full migration is part of https://issues.opendnssec.org/browse/SOFTHSM-6

For now, we could just update these values so that they match 2.40.

// Rickard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/softhsm-develop/attachments/20150215/233295ae/attachment.htm>

More information about the Softhsm-develop mailing list