[PATCH] 680 Refactored PKCS12Export.
by Endi Sukma Dewata
The code to export NSS database into PKCS #12 file in PKCS12Export
tool has been refactored into PKCS12Util class to simplify further
enhancements.
The PKCS12Export tool has also been modified to use Java Logging
API. A default logging configuration file has been added. The
command-line wrapper has been modified to get the path to the
logging configuration file from pki.conf.
https://fedorahosted.org/pki/ticket/1742
--
Endi S. Dewata
8 years, 2 months
[pki-devel][PATCH] 0062-Allow-cert-and-key-indexes-9.patch
by John Magne
Subject: [PATCH] Allow cert and key indexes > 9.
Ticket: Ticket #1734 : TPS issue with overflowing PKCS#11 cert index numbers
This patch contains the following:
1. Fixes in TPS to allow the server to set and read muscle object ID's that are greater than 9.
The id is stored as a single ASCII byte in the object id. Previous libcoolkey patches exist to now support numbers
larger than 9, by the following:
0-9 is represented by the ascii chars for 0 through 9,.
10 - 35 represented by the ascii chars for 'A' through 'Z'.
36 - 61 represented by the ascii chars for 'a' through 'z'.
Once coolkey is updated it will be able to read these id's.
TPS with this patch will be able to both read number 0 - 62 and to set them when creating pkcs#11 objects to be stored on the token.
When the proper libcoolkey is installed, the coolkey driver will be able to read certs and keys with id's > 9. Thus, for instance a cert with an id of C6, with keys of k12, and k13, will be supported and viewable in the Firefox cert viewer. Also the certs will be usable for operations.
2. A fix to the routine that finds a free id number to assign to a soon to be recovered cert will now have the ability to find unused slots instead of just inrementing one over the highest currently used index.
3. Made a couple of minor cleanup fixes to externalReg functionality discovered during testing of this feature.
Tested up to 7 certs on the token. Also did some re-tests of cfu's cert retention feature and those checked.
8 years, 2 months
[PATCH] 677 Fixed token add operation.
by Endi Sukma Dewata
The TokenService has been fixed to allow adding a new token with
empty attributes via the UI or CLI. The TPS UI has been modified
to hide the status, create timestamp, and modify timestamp fields
when adding a new token. The CLI has been modified to provide the
parameters to specify the attribute values.
https://fedorahosted.org/pki/ticket/1646
--
Endi S. Dewata
8 years, 2 months