I just have one suggestion.  Your code does not have default algorithm and key size if caller doesn't supply.
How about default to, say, AES 128 if not supplied.

Christina


On 02/04/2014 10:30 AM, Ade Lee wrote:
    Fix DRM archival, recovery and generation for non-DES3 keys.
    
    In the archival, recovery and generation code for symmetric keys,
    we use functions that require knowledge of the symmetric keys algorithm
    and key size.  These were hardcoded to DES3, and so only DES3 worked.
    
    We added those parameters to the archival request, save them in the
    KeyRecord and retrive them when recovering the key.
    
    Tests have been added to DRMTest for the relevant usages.

Thanks to jmagne for doing initial investigation and determining what needed to be done.

Please review,

Ade



_______________________________________________
Pki-devel mailing list
Pki-devel@redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel