pki.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Ade Lee <alee@redhat.com>	2017-04-13 14:54:38 -0400
committer	Ade Lee <alee@redhat.com>	2017-04-13 17:20:56 -0400
commit	2d7ab34b812eb1cf28c7c53fb43bf595f94a806f (patch)
tree	be012f772397c89f35f9caab0b31c1dfc7480add /base/java-tools/src/com
parent	716dca464943a22eb6588187fba9fad85e1c1345 (diff)
download	pki-2d7ab34b812eb1cf28c7c53fb43bf595f94a806f.tar.gz pki-2d7ab34b812eb1cf28c7c53fb43bf595f94a806f.tar.xz pki-2d7ab34b812eb1cf28c7c53fb43bf595f94a806f.zip

Add field to indicate if key was encrypted or wrapped

Whether a secret was encrypted or wrapped in the storage unit depends on a parameter in CS.cfg. If that parameter is changed, the Storage unit may use the wrong mechanism to try to decrypt the stored key. Thats ok for encrypt/wrap using DES or AES-CBC, but not for AES KeyWrap. In this patch, we add a field in the Key record to specify whether the secret was encrypted with stored (or keywrapped if false). A subsequent patch will change the logic when decrypting to use this field. Change-Id: If535156179bd1259cfaaf5e56fd4d36ffdb0eb0e

Diffstat (limited to 'base/java-tools/src/com')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: