Currently the Python KRA client is implemented using the NSSCryptoProvider which uses CKM_DES3_CBC_PAD by default. The default should be changed to CKM_AES_CBC_PAD, and KRA should be tested to ensure it works well with AES.
Proposed milestone: 10.3
Per CS/DS meeting of 06/08/2015: 10.3
Metadata Update from @edewata: - Issue set to the milestone: 10.4
Metadata Update from @mharmsen: - Custom field feature adjusted to '' - Custom field proposedmilestone adjusted to '' - Custom field proposedpriority adjusted to '' - Custom field reviewer adjusted to '' - Custom field version adjusted to '' - Issue assigned to vakwetu - Issue close_status updated to: None
Metadata Update from @mharmsen: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1404480
Metadata Update from @mharmsen: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1404480, https://bugzilla.redhat.com/show_bug.cgi?id=1445535 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1404480)
Ade Lee 2017-04-28 20:21:42 EDT
Whole slew of checkins for this.
See the design doc for details:
https://docs.google.com/document/d/1KQYL-EwxJCCBFErIelJwWDdQJISzzns8MjUDHMT0ViA
This includes lots of re-factoring on both client and server sides.
Metadata Update from @mharmsen: - Issue close_status updated to: fixed - Issue set to the milestone: 10.4.3 (was: 10.4) - Issue status updated to: Closed (was: Open)
Dogtag PKI is moving from Pagure issues to GitHub issues. This means that existing or new issues will be reported and tracked through Dogtag PKI's GitHub Issue tracker.
This issue has been cloned to GitHub and is available here: https://github.com/dogtagpki/pki/issues/1969
If you want to receive further updates on the issue, please navigate to the GitHub issue and click on Subscribe button.
Subscribe
Thank you for understanding, and we apologize for any inconvenience.
Login to comment on this ticket.