Author: vk199839
Repository: /hg/onnv/onnv-gate
Latest revision: 3ecb9a3b003b4090cbbe4682efb249c55f3e0863
Total changesets: 1
Log message:
6602801 PK11_SESSION cache has to employ reference counting scheme for
asymmetric key operations
6605538 pkcs11 functions C_FindObjects[{Init,Final}]() not called atomically
6607307 pkcs#11 engine can't read RSA private keys
6652362 pk11_RSA_finish() is cutting corners
6662112 pk11_destroy_{rsa,dsa,dh}_key_objects() use locking in suboptimal way
6666625 pk11_destroy_{rsa,dsa,dh}_key_objects() should be more resilient to
destroy failures
6667273 OpenSSL engine should not use free() but OPENSSL_free()
6670363 PKCS#11 engine fails to reuse existing symmetric keys
6678135 memory corruption in pk11_DH_generate_key() in pkcs#11 engine
6678503 DSA signature conversion in pk11_dsa_do_verify() ignores size of big
numbers leading to failures
6706562 pk11_DH_compute_key() returns 0 in case of failure instead of -1
6706622 pk11_load_{pub,priv}key create corrupted RSA key references
6707129 return values from BN_new() in pk11_DH_generate_key() are not checked
6707274 DSA/RSA/DH PKCS#11 engine operations need to be resistant to structure
reuse
6707782 OpenSSL PKCS#11 engine pretends to be aware of OPENSSL_NO_{RSA,DSA,DH}
defines but fails miserably
6709966 make check_new_*() to return values to indicate cache hit/miss
Files:
update: usr/src/common/openssl/crypto/engine/hw_pk11.c
update: usr/src/common/openssl/crypto/engine/hw_pk11_err.h
update: usr/src/common/openssl/crypto/engine/hw_pk11_pub.c
