summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--base/kra/src/com/netscape/kra/NetkeyKeygenService.java6
1 files changed, 6 insertions, 0 deletions
diff --git a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
index 96d7aae43..07333b7f4 100644
--- a/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
+++ b/base/kra/src/com/netscape/kra/NetkeyKeygenService.java
@@ -406,6 +406,12 @@ public class NetkeyKeygenService implements IService {
try {
params = mStorageUnit.getWrappingParams(allowEncDecrypt_archival);
+
+ // In encrypt mode, the recovery side is doing a decrypt() using the
+ // encryption IV. To be sure this is successful, we will make sure'
+ // the IVs are the same.
+ params.setPayloadEncryptionIV(params.getPayloadWrappingIV());
+
privateKeyData = mStorageUnit.wrap((org.mozilla.jss.crypto.PrivateKey) privKey, params);
} catch (Exception e) {
request.setExtData(IRequest.RESULT, Integer.valueOf(4));
generated by cgit (git 2.34.1) at 2024-05-06 21:29:08 +0000