Closed jschmidb closed 5 years ago
p-steuer
commented
5 years ago did you think about the case of using a new engine with an old libica? in this case, old libica sets the DHW flags per default, so engine would enable those algorithms even when no crypto adapter is present ..?
jschmidb
commented
5 years ago Yes, libica would then just fall back to the software path, which is not performance optimal, but would not cause a functional problem. But we of course have a dependency of the ibmca fix in this commit to the related libica fixes in https://github.com/opencryptoki/libica/pull/28.
p-steuer
commented
5 years ago approved. @ifranzki or @hfreude please do a second review.
Remove routine is_crypto_card_loaded. Set engine properties only according to flags in mechanism list. This fix depends on related fixes in libica, (pull request 28) where the setting of mechanism flags is corrected.
Signed-off-by: Joerg Schmidbauer jschmidb@de.ibm.com