此内容没有您所选择的语言版本。

8.155. opencryptoki


Updated opencryptoki packages that fix two bugs are now available for Red Hat Enterprise Linux 6.
The opencryptoki packages contain version 2.11 of the PKCS#11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. This package includes support for the IBM 4758 Cryptographic CoProcessor (with the PKCS#11 firmware loaded), the IBM eServer Cryptographic Accelerator (FC 4960 on IBM eServer System p), the IBM Crypto Express2 (FC 0863 or FC 0870 on IBM System z), and the IBM CP Assist for Cryptographic Function (FC 3863 on IBM System z). The opencryptoki package also brings a software token implementation that can be used without any cryptographic hardware. This package contains the Slot Daemon (pkcsslotd) and general utilities.

Bug Fixes

BZ#1027606
Previously, on the IBM System z architecture, the opencryptoki Common Cryptographic Architecture (CCA) token was sending incorrect information to the CKA_ECDSA_PARAMS attribute when generating an EC key pair. As a consequence, opencryptoki failed to verify the public key. This bug has been fixed and the CCA token now sends the correct information to CKA_ECDSA_PARAMS, and public keys are verified successfully.
BZ#1131745
Prior to this update, the IBM Crypto Accelerator (ICA) token did not handle the chunk size or tail calculation correctly in case of zero message sizes. As a consequence, an overflow occurred leading to a general protection fault (GPF). The underlying source code has been fixed, and GPFs no longer occur.
Users of opencryptoki are advised to upgrade to these updated packages, which fix these bugs.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.