opencryptoki Log


Commit Date  
[f4df4a] by Joy Latten Joy Latten

CCA token was putting incorrect OID info into CKA_ECDSA_PARAMS.
This attribute must be passed in by user when generating EC keypair
and should not be over-written.
Since CKA_EC_POINT is for public key, does not require being in private key.
Created a routine to get signature length when length only.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-11-13 21:59:59 Tree
[ce8de9] by Joy Latten Joy Latten

Objects were not being encrypted and saved to disk for secure key token.
Needed to call encrypt_data_with_clear_key() and let it determine if
clear key or secure key and do appropriate actions.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-11-13 21:23:52 Tree
[b3c5e1] by Joy Latten Joy Latten

The sha256 in CCA (CSNBOWH) can take input larger than 32MB.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-10-02 22:15:34 Tree
[84db30] by Joy Latten Joy Latten

CCA token was not importing rsa keypair correctly in v3.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-10-02 21:34:40 Tree
[5e7e9c] by Signed-off-by: Dan Horák Signed-off-by: Dan Horák , pushed by Joy Latten Joy Latten

Update options in the pkcsconf man page to match the
pkcsconf binary.

Signed-off-by: Signed-off-by: Dan Horák <dan@danny.cz>

2013-09-04 21:35:38 Tree
[b50eb3] by Joy Latten Joy Latten

Update the opencryptoki(7) man page and remove reference to
pkcs11_startup and pk_config_data.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-09-04 21:12:38 Tree
[9c8ab7] by Dan Horák Dan Horák , pushed by Joy Latten Joy Latten

Update unit file for 3.0.

Signed-off-by: Dan Horák <dan@danny.cz>

2013-09-04 20:58:02 Tree
[8ea965] (v3.0) by Joy Latten Joy Latten

Add missing copyright.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-07-15 16:38:43 Tree
[285ae7] by Joy Latten Joy Latten

More documentation.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-07-12 22:44:20 Tree
[12c1c7] by Joy Latten Joy Latten

Add to ChangeLog

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-07-12 15:02:54 Tree
[3a492f] by Joy Latten Joy Latten

Bump up version to 3.0.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-21 15:53:02 Tree
[85a0f6] by Joy Latten Joy Latten

ICA token was not properly reporting when a mechanism was invalid.
The return value was incorrect when a mechanism could not be found.
Corrected a few return values in the ica token specific get mechanism code.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-21 15:46:44 Tree
[830a63] by Joy Latten Joy Latten

Bugfix: several hmacs were in incorrect case statement.
Also fixed a typo in the testcase vector for sha512 hmac.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-20 20:27:09 Tree
[717543] by Joy Latten Joy Latten

Update docs to reflect v3 changes.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-17 21:12:31 Tree
[684dd4] by Joy Latten Joy Latten

Add cfb and ofb test vectors for des3.
Also made a correction in one of the aes test vectors.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-11 20:33:12 Tree
[92d897] by Joy Latten Joy Latten

Added publiched test vectors for aes-cfb8 and aes-fb128.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-11 01:24:46 Tree
[2b2bcd] by Ingo Tuchscherer Ingo Tuchscherer , pushed by Joy Latten Joy Latten

Fixed Encrypt/Decrypt-Update methods for DES, DES3 and AES in CFB mode
(s-bit size for single crypto operation cycle corrected)

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>

2013-06-11 01:23:02 Tree
[157127] by Ingo Tuchscherer Ingo Tuchscherer , pushed by Joy Latten Joy Latten

ica-token: added support for:
CBC-MAC for DES3 and AES
OFB and CFB mode for DES3 and AES
SHA384HMAC, SHA512HMAC
new method to retrieve mechanism list for ica token

Signed-off-by: Ingo Tuchscherer <ingo.tuchscherer@linux.vnet.ibm.com>
Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-11 01:11:47 Tree
[be895a] by Joy Latten Joy Latten

Make using a socket for transferring slot info between pkcsslotd and
the opencryptoki library the default behaviour rather than using
shared memory.
We still use shared memory for some process bookkeeping per slot.

Signed-off-by: Joy Latten <jmlatten@linux.vnet.ibm.com>

2013-06-11 01:00:26 Tree
[b9ed7d] by Ross McIlroy Ross McIlroy , pushed by Joy Latten Joy Latten

Patch[4/4]:
Part 2 of slot-info via socket.

This patch enables all the non-changing slot information to be
transmitted over the sockets, rather via shared memory. By doing this,
the members of the pkcs11 group can no longer override the locations of
the backend library .so files, and so can no longer execute arbitary
code with the preivileges of other pkcs11 group members.

Signed-off-by: Ross McIlroy <rmcilroy@google.com>

2013-06-11 00:56:29 Tree
[3686bd] by Ross McIlroy Ross McIlroy , pushed by Joy Latten Joy Latten

Patch[3/4]:
Part 1 of slot-info via socket.
Adds an option to use a unix domain socket for the transmission of slot
information from the slot daemon to the library, rather than shared
memory. In this patch, only ck_info is transmitted this way.

Signed-off-by: Ross McIlroy <rmcilroy@google.com>

2013-06-11 00:56:17 Tree
[87d147] by Ross McIlroy Ross McIlroy , pushed by Joy Latten Joy Latten

Patch[2/4]:
Move the code in InitSharedMemory that populates the CKInfo and SlotInfo
structures into helper functions in pkcssllotd_util.c.

This is to avoid duplicating code in the upcoming socket slot info patch.

Signed-off-by: Ross McIlroy <rmcilroy@google.com>

2013-06-11 00:54:49 Tree
[4c4a10] by Ross McIlroy Ross McIlroy , pushed by Joy Latten Joy Latten

Patch[1/4]:
Add a CK_Info_From_Internal helper function to apiutil to avoid
duplicating code.
The CK_Info_From_Internal function copies the internal representation of
CK_Info to the external one.

Signed-off-by: Ross McIlroy <rmcilroy@google.com>

2013-06-11 00:20:41 Tree
[14a3b0] by Joy Latten Joy Latten , pushed by Joy Latten Joy Latten

Add pkcsicsf man page

Signed-off-by: Joy Latten <latten@linux.vnet.ibm.com>

2013-05-21 17:04:33 Tree
[e3a863] by Joy Latten Joy Latten , pushed by Joy Latten Joy Latten

Correct usage syntax for pkcsicsf.

Signed-off-by: Joy Latten <latten@linux.vnet.ibm.com>

2013-05-21 17:03:28 Tree
Older >