diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-06-17 14:36:03 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-19 11:16:21 +0200 |
commit | b1f23b595e71017e6ba85474b77445145779013a (patch) | |
tree | 0ce9713b819c9bcf5b063e13a0db0e6ff6932e99 | |
parent | 3592c8bfb7afdb9224d69dc4267ccd08904fee5b (diff) | |
download | gnutls-b1f23b595e71017e6ba85474b77445145779013a.tar.gz |
doc update
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
-rw-r--r-- | NEWS | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -17,6 +17,20 @@ See the end for copying conditions. side caused by packets containing the ResponseID field. Reported by Hubert Kario. +** libgnutls: Handle specially HSMs which request explicit authentication. + There are HSMs which return CKR_USER_NOT_LOGGED_IN on the first private key + operation. Detect that state and try to login. + +** libgnutls: the GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs. + That is, even in tokens which do not have a CKF_LOGIN_REQUIRED flag + a login will be forced. This improves operation on certain Safenet HSMs. + +** libgnutls: do not set leading zeros when copying integers on HSMs. + PKCS#11 defines integers as unsigned having most significant byte + first, e.g., 32768 = 0x80 0x00. This is interpreted literraly by + some HSMs which do not accept an integer with a leading zero. This + improves operation with certain Atos HSMs. + ** API and ABI modifications: No changes since last version. |