Pki-devel March 2017

devel@lists.dogtagpki.org

8 participants
55 discussions

[pki-devel][PATCH] 0090-First-cut-of-scp03-support.-Supports-the-g-d-smartca.patch

by John Magne

First cut of scp03 support. Supports the g&d smartcafe out of the box. Developer keyset token operations and key change over supported. Caveats. -The diversification step going from master key to card key uses DES3 as required for the token. -After that point, everything is scp03 to the spec with minor excpetions so far. Supports 128 bit AES for now. Will resolve this. Minor config tweaks: TPS Symmetric Key Changeover Use this applet for scp03: RSA/KeyRecovery/GP211/SCP02/SCP03 applet : 1.5.558cdcff.ijc TKS: Symmetric Key Changeover tks.mk_mappings.#02#03=internal:new_master tks.defKeySet.mk_mappings.#02#03=internal:new_master Use the uncommented one because scp03 returns a different key set data string. ToDo: -Support the rest of the AES sizes other than 128. -Support optional RMAC apdu. -Test and adjust the config capability for other tokens. -Support AES master key. Right now the standard key ends up creating AES card and session keys.

8 years, 3 months

1
0
0 / 0

[PATCH] pki-tpsd@.service: Use BindsTo= instead of BindTo=

by Timo Aaltonen

From: Timo Aaltonen <tjaalton(a)debian.org> BindTo is deprecated since a few years: https://github.com/systemd/systemd/commit/7f2cddae09fd2579ae24434df577bb5... --- base/tps-client/lib/systemd/system/pki-tpsd@.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/base/tps-client/lib/systemd/system/pki-tpsd@.service b/base/tps-client/lib/systemd/system/pki-tpsd@.service index 6a0d6a3..e93d44c 100644 --- a/base/tps-client/lib/systemd/system/pki-tpsd@.service +++ b/base/tps-client/lib/systemd/system/pki-tpsd@.service @@ -1,7 +1,7 @@ [Unit] Description=PKI Token Processing Server %i After=pki-tpsd.target -BindTo=pki-tpsd.target +BindsTo=pki-tpsd.target [Service] Type=forking -- 2.7.4

8 years, 3 months

1
0
0 / 0

Karma Requests for pki-core-10.3.5-13

by Matthew Harmsen

*The following updated candidate builds of pki-core 10.3.5 were generated:* * *Fedora 24:* o *pki-core-10.3.5-13.fc24 <https://koji.fedoraproject.org/koji/buildinfo?buildID=865339> * * *Fedora 25:* o *pki-core-10.3.5-13.fc25 <https://koji.fedoraproject.org/koji/buildinfo?buildID=865340> * * ***Fedora 26:* o *pki-core-10.3.5-13.fc26 <https://koji.fedoraproject.org/koji/buildinfo?buildID=865345> * * *Fedora 27 (rawhide):* o *pki-core-10.3.5-13.fc27 <https://koji.fedoraproject.org/koji/buildinfo?buildID=865346>* *These builds address the following PKI TRAC tickets:* * *dogtagpki Pagure Issue #1710 - Add profile component that copies CN to SAN <https://pagure.io/dogtagpki/issue/1710>* *Please provide Karma for the following builds:* * *Fedora 24:* o *https://bodhi.fedoraproject.org/updates/FEDORA-2017-9ded483357 pki-core-10.3.5-13.fc24* * *Fedora 25:* o *https://bodhi.fedoraproject.org/updates/FEDORA-2017-4f3325addf pki-core-10.3.5-13.fc25 <https://bodhi.fedoraproject.org/updates/FEDORA-2017-4f3325addf>* * *Fedora 26:* o *https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0afc56a2c pki-core-10.3.5-13.fc26 <https://bodhi.fedoraproject.org/updates/FEDORA-2017-e0afc56a2c> *

8 years, 4 months

1
0
0 / 0

[PATCH] 966 Refactored PKIInstance.load().

by Endi Sukma Dewata

The code that loads the password.conf in PKIInstance.load() has been converted into a general purpose load_properties() method. A corresponding store_properties() method has been added as well. Pushed to master under trivial rule. -- Endi S. Dewata

8 years, 4 months

1
0
0 / 0

Sunset of Fedorahosted.org Resources

by Matthew Harmsen

Everyone, February 28, 2017 marked the sunset of fedorahosted.org. As a consequence, many of the various ticketing, repositories, and Wikis were required to be moved. For the Dogtag PKI project and several of the closely associated projects have been relocated, and can be found at the following link: * RELOCATION OF PROJECT ISSUES, REPOSITORIES, AND WIKI INFORMATION <http://pki.fedoraproject.org/wiki/RELOCATION_OF_PROJECT_ISSUES,_REPOSITOR...> -- Matt

8 years, 4 months

1
0
0 / 0

← Newer
1
2
3
4
5
6
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

Pki-devel March 2017