Buscar

Este contenido no está disponible en el idioma seleccionado.

1.137. openCryptoki

download PDF

1.137.1. RHBA-2009:1685: bug fix update

Note

This update has already been released (prior to the GA of this release) as errata RHBA-2009:1685
Updated openCryptoki packages that resolve several issues are now available.
The openCryptoki package contains version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards. This package includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z).
These updated openCryptoki packages provide fixes for the following bugs:
* after initializing a hardware cryptographic token, attempting to unwrap an AES key failed and caused openCryptoki to return a "CKR_TEMPLATE_INCOMPLETE" error code. With this update, AES key unwrapping now succeeds as expected. (BZ#540471)
* the openCryptoki API enables programs to offload the computation of the message authentication code (MAC) to the Central Processor Assist for Cryptographic Function (CPACF) of cryptographic hardware. When using PKCS#11 for the acceleration of cryptographic instructions, openCryptoki returned an error code of "411", indicating that the MAC was unable to be verified. With this update, the MAC is now computed successfully after being offloaded to the CPACF. (BZ#540474)
* openCryptoki was not properly recognizing that secure-key crypto support was installed, and so the "CCA" token was not being enabled for use. (BZ#545379)
All users of openCryptoki are advised to upgrade to these updated packages, which resolve these issues.
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

© 2024 Red Hat, Inc.