Re: [Pki-devel] [PATCH] pki-0178, jss-0000..0002 - PKCS #12 key bag AES encryption
On Thu, Apr 06, 2017 at 03:45:55PM -0700, Christina Fu wrote:
Hi Fraser,
Could you please do the following first?
1. file a Mozilla bugzilla bug for this against Product JSS Release 4.4.1,
then assign to yourself:
https://bugzilla.mozilla.org/
2. After making sure your patch compiles well with the 4.4.1 base, attach
the patch to that ticket, and mark reviewers
thanks!
Christina
Thanks Christina, I filed
https://bugzilla.mozilla.org/show_bug.cgi?id=1355358
I was unable to assign myself to the bug ('Assignee' field is not
active when I go to Edit Bug.
Also not sure how to "mark reviewers". I added you and Elio to Cc
though.
Thanks,
Fraser
On 04/04/2017 02:56 AM, Fraser Tweedale wrote:
> Hi team,
>
> Please review attached patches for JSS and Dogtag that:
>
> - add some new EncryptedPrivateKeyInfo export and import functions
> to JSS
>
> - update Dogtag's `pki pkcs12' command to use the new functions to
> achieve AES encryption of the key bags, with wrapping/unwrapping
> occurring on the token.
>
> PKCS #12 files produced by current releases continue to import
> properly (of course, this is an important test vector).
>
> These patches do not address the PKCS #12 KRA recovery export; This
> is my next task and separate patches will be produced.
>
> Thanks,
> Fraser