[Pki-devel] patches for review - Bug 744207 - Key archival fails when KRA is configured with lunasa

Please review the following patches for *Bug 744207* <https://bugzilla.redhat.com/show_bug.cgi?id=744207> -Key archival fails when KRA is configured with lunasa: JSS: https://bugzilla.redhat.com/attachment.cgi?id=581108&action=diff&... DRM/KRA: https://bugzilla.redhat.com/attachment.cgi?id=581109&action=diff&... The JSS patch alone allows key archival (both RSA and ECC) to work with lunasa token where the lunasa token has to be KE-capable. Work done specifically on the following model: Model: Luna SA v5 w/ PED auth and CKE Part No: 908-000093-001 The DRM/KRA patch are just some debugging to make recovery debugging easier with an addition of non-static salt. The recovery is not working currently, failing with wrapping operation during PBE creation: *Bug 817423* <https://bugzilla.redhat.com/show_bug.cgi?id=817423> -Key recovery fails when KRA is configured with lunasa which will be fixed at a later time. To test these patches for key archival on the said model of lunasa, one must turn on the prototype mode for recovery. thanks, Christina