bind9

Files

Ondřej Surý 7ee8a7e69f address win32 build issues

- Replace external -DOPENSSL/-DPKCS11CRYPTO with properly AC_DEFINEd
  HAVE_OPENSSL/HAVE_PKCS11
- Don't enforce the crypto provider from platform.h, just from dst_api.c
  and configure scripts

2018-05-22 16:32:21 -07:00

benchmarks

address win32 build issues

2018-05-22 16:32:21 -07:00

.gitignore

…

Makefile.in

address win32 build issues

2018-05-22 16:32:21 -07:00

pkcs11-hmacmd5.c

Remove $Id markers, Principal Author and Reviewed tags from the full source tree

2018-05-11 13:17:46 +02:00

pkcs11-md5sum.c

Remove $Id markers, Principal Author and Reviewed tags from the full source tree

2018-05-11 13:17:46 +02:00

README

4450. [port] Provide more nuanced HSM support which better matches

2016-08-19 08:02:51 +10:00

README

"pkcs11-hmacmd5" is here to check for the presence of a known bug in
the Thales nCipher PKCS#11 provider library.  To test for the bug, use
pkcs11-hmacmd5 to hash a test vector from RFC 2104, and determine
whether the resulting digest is is correct.  For instance:

    echo -n "Hi There" | \
        ./pkcs11-hmacmd5 -p <PIN> -k '0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b'

...must return "9294727a3638bb1c13f48ef8158bfc9d".

If any other value is returned, then the provider library is buggy,
and theflag PK11_MD5_HMAC_REPLACE must be defined in
lib/isc/include/pk11/site.h
However, if the correct value is returned, then it is safe to turn
off PK11_MD5_HMAC_REPLACE. (It is on by default.)