[Softhsm-develop] SOFTHSM-112: PKCS#11 constants conflict for AES and BLOWFISH
rickard at opendnssec.org
Sun Feb 15 07:53:44 UTC 2015
On Wed, Feb 11, 2015 at 3:38 PM, Jakob Schlyter <jakob at kirei.se> wrote:
> On 11 feb 2015, at 15:36, Petr Spacek <pspacek at redhat.com> wrote:
> > The downside is that constants for AES_KEY_WRAP* were changed so it will
> > failures in applications which were not recompiled with new pkcs11.h and
> > old CKM_ constant.
> > AFAIK OpenDNSSEC does not use AES at all and in FreeIPA we will manage
> > change. I have no idea if somebody else is using the AES_KEY_WRAP* thing
> or not.
> I suggest we go for 2.40 with SoftHSMv2 as a start; Rickard what say you?
We have already incorporated some changes from 2.30/2.40 into SoftHSMv2.
The full migration is part of https://issues.opendnssec.org/browse/SOFTHSM-6
For now, we could just update these values so that they match 2.40.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Softhsm-develop