openstack
/
barbican
Code Issues Proposed changes
barbican/releasenotes/notes
History
Alexander Gräb b7da1f771c Made HMAC Key Wrap mechanism configurable 
Introduced the parameter 'hmac_keywrap_mechanism' in group
'[p11_crypto_plugin]' in Barbican config. The default value, which were
hard coded before, is 'CKM_SHA256_HMAC'. This defines the machanism used
to compute the HMAC from an wrapped PKEK. However with Utimaco HSMs this
leads to an CKR_MECHANISM_INVALID error. Therefore for Utimaco HSMs
'hmac_keywrap_mechanism' has to be changed to 'CKM_AES_MAC'.

Change-Id: I53537a96bc4b2acb30be5fa85e10bac89917851f
Story: 2004833
Task: 29027
 		2019-03-07 14:24:33 -05:00
..
.placeholder Add reno for release notes management 2015-12-01 10:33:18 -05:00
add-barbican-manage-check-subcommands-38835078f5cc0ce2.yaml Add 'barbican-manage hsm check_[mkek|hmac]. 2018-11-09 13:48:00 +00:00
add-configurable-mechanism-options-2e5c57099b4c91b1.yaml Refactor PKCS#11 to allow configurable mechanisms 2018-08-10 22:24:34 -05:00
allow-aes-xts-512-bitlength-in-simple-crypto-95936a2d830035cc.yaml Adding support for 512-Bit-Secret-Creation when using xts-mode 2018-08-01 08:00:55 +02:00
barbican-manage-d469b4d15454f981.yaml Add barbican-manage release notes 2016-03-18 12:51:48 -05:00
barbican-status-upgrade-check-framework-9df56289b1d91ba4.yaml Add barbican-status upgrade check command framework 2019-01-15 06:16:53 +00:00
change_default_control_exchange-c47abc3e3f08aa31.yaml Configure control_exchange to match keystone 2018-04-13 15:53:28 +08:00
fix-story-2004734-977dbeda6b547f85.yaml Fix Safenet HSM regression in PKCS#11 2019-01-15 06:16:15 +00:00
fix-story-2004833-2b420688a82c3328.yaml Made HMAC Key Wrap mechanism configurable 2019-03-07 14:24:33 -05:00
fixed-invalid-route-response-code-15a681d07222a4f7.yaml Fixed incorrect release note 2018-09-10 12:48:35 -05:00
http_proxy_to_wsgi-middleware-98dc4fe03eb362d3.yaml Use http_proxy_to_wsgi middleware 2016-10-19 14:09:24 +08:00
metadata-api-e95d4559e7bf9ca9.yaml Add release notes for metadata api 2016-03-21 17:02:01 -05:00
multiple-backends-75f5b85c63b930b7.yaml [Trivialfix]Fix typos 2017-08-27 19:58:51 -07:00
oslopolicy-genscripts-1a7b364b8ffd7c3f.yaml Maintain policy in code 2017-05-17 10:02:03 +00:00
pkcs11-backend-performance-f3caacbe9e1ab535.yaml Add PKCS#11 upgrade release note 2016-03-21 10:53:25 -05:00
port-ruledefaults-to-documentedruledefaults-954fe88af9fe72ed.yaml Port RuleDefaults to DocumentedRuleDefaults 2018-10-29 12:57:49 +00:00
remap-policy-to-match-controller-1673ec7c88235227.yaml Ensure orders policy-in-code matches controller 2018-07-12 13:36:04 -04:00
remove_pkix-b045e7dde7e47356.yaml Removed application/pkix media type 2017-03-01 10:18:12 +00:00
removing-cas-certificate-orders-96fc47a7acaea273.yaml Authorites spelling error 2018-01-23 18:40:34 +08:00
renamed-generate-iv-option-29770cfcff8e3b83.yaml Fix CKM_AES_GCM encryption 2018-08-28 12:28:55 -05:00
use_oslo_config_generator-f2a9be9e71d90b1f.yaml Use oslo-config-generator to generate barbican.conf.sample 2017-04-05 08:02:35 +02:00