diff options
| author | Ade Lee <alee@redhat.com> | 2017-02-28 12:18:29 -0500 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2017-03-14 17:09:09 -0400 |
| commit | d13181faea23cdb5a07136d3fdabeedb70effda9 (patch) | |
| tree | b944588c3adfd297bcda4b4a26360d982557e3da /base/common/python/setup.py | |
| parent | e1789708a9a6f66c3e3f1478e7bbc03da5b3b0df (diff) | |
| download | pki-d13181faea23cdb5a07136d3fdabeedb70effda9.tar.gz pki-d13181faea23cdb5a07136d3fdabeedb70effda9.tar.xz pki-d13181faea23cdb5a07136d3fdabeedb70effda9.zip | |
Change internal wrapping to AES
There are several changes in this patch:
1. Simplify EncryptionUnit by moving the methods called by either the StorageUnit or the
TransportUnit into those classes. This helps to determine which methods are called by
which class (because in general they require different arguments). It may be possible
to later simplify and reduce code repetition by pulling core functionality back into
the EncryptionUnit.
2. Add methods to WrappingParameters and KeyRecord to store the Wrapping Parameter values
as part of the KeyRecord when the key is stored. On retrieval, this data is read and
used to extract the data. If the data is not present, then use the old DES3 parameters.
3. Change the internal (storageUnit) wrapping to use AES-CBC for encryption and AES-KeyWrap
for storage by default. If a parameter kra.storageUnit.useOldWrapping=true, then
the old wrapping will be used instead.
Change-Id: I098b0b3bd3b0ad917483e4e07925adfedacc3562
Diffstat (limited to 'base/common/python/setup.py')
0 files changed, 0 insertions, 0 deletions