Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libykcs11-1-1.6.2-4.30 RPM for s390x

From OpenSuSE Leap 15.3 for s390x

Name: libykcs11-1 Distribution: SUSE Linux Enterprise 15
Version: 1.6.2 Vendor: SUSE LLC <https://www.suse.com/>
Release: 4.30 Build date: Sun May 5 05:52:05 2019
Group: System/Libraries Build host: s390zp33
Size: 85944 Source RPM: yubico-piv-tool-1.6.2-4.30.src.rpm
Packager: https://www.suse.com/
Url: https://developers.yubico.com/
Summary: Yubikey NEO PKCS#11 applet library
This is a PKCS#11 module that allows to communicate with the PIV application running on a YubiKey

Provides

Requires

License

BSD-2-Clause

Changelog

* Fri Sep 28 2018 jengelh@inai.de
  - Rename %soname to %sover to better reflect its use.
  - Fix RPM groups.
* Thu Sep 27 2018 kbabioch@suse.com
  - Version 1.6.2 (released 2018-09-14)
    - Compare reader names case insensitive
    - Fix certificate and certificate request signatures with OpenSSL 1.1
* Tue Aug 28 2018 kbabioch@suse.com
  - Version 1.6.1 (released 2018-08-17)
    - Compilation warning fixes for OpenSSL 1.1 builds
    - Fix length when encoding exactly 0xff bytes
    - Check length of objects correctly before storing in buffer
    - Check length of certificate correctly when storing
  - Version 1.6.0 (released 2018-08-08)
    - Security release to mitigate YSA-2018-03 (YSA-2018-03, CVE-2018-14779,
      CVE-2018-14780, bsc#1104809, bsc#1104811)
    - Allow building against LibreSSL
    - Bugfixes in OpenSSL 1.1 code
    - Fix compilation warnings
    - Fix ykcs11 key generation to work with OpenSSL 1.1
    - Ykcs11 compatibility fixes
  - Make use of %license macro instead of %doc for COPYING
  - Applied spec-cleaner
* Thu Nov 30 2017 t.gruner@katodev.de
  - Version 1.5.0 (released 2017-11-29)
    - API additions: Higher-level "util" API added to libykpiv.
    - Added ykpiv_attest(), ykpiv_get_pin_retries(), ykpiv_set_pin_retries()
    - Added functions for using existing PCSC card handle.
    - Support using custom memory allocator.
    - Documentation updates. make doxygen for HTML format.
    - Expanded automated tests for hardware devices, moved to make hwcheck.
    - OpenSSL 1.1 support
    - Moderate internal refactoring. Many small bugs fixed.
* Wed Nov 15 2017 t.gruner@katodev.de
  - Version 1.4.4 (released 2017-10-17)
    - Documentation updates.
    - Add pin caching to work around disconnect problems.
    - Disable RSA key generation on YubiKey 4 before 4.3.5. See https://yubi.co/ysa201701/ for details.
* Mon May 29 2017 t.gruner@katodev.de
  - Version 1.4.3 (released 2017-04-18)
    - Encode RSA x509 certificates correctly.
    - Documentation updates.
    - In ykcs11 return CKA_MODULUS correctly for private keys.
    - In ykcs11 fix for signature size approximation.
    - Fix PSS signatures in ykcs11.
    - Add a CLI flag --stdin-input to make batch execution easier.
* Wed Aug 17 2016 t.gruner@katodev.de
  - Version 1.4.2 (released 2016-08-12)
    - Clarify license headers and clean up YKCS11 licensing. Now uses pkcs11.h from the Scute project.
    - Don’t install ykcs11-version.h.
    - No cflags in ykcs11.pc.
    - Unimplemented YKCS11 functions now return CKR_FUNCTION_FAILED.
  - Version 1.4.1 (released 2016-08-11)
    - Documentation updates
    - Add possibility to export certificates in SSH format.
    - Make certificate serial number random by default.
* Tue May 17 2016 t.gruner@katodev.de
  - Version 1.4.0 (released 2016-05-03)
    - Add attest action When used on a slot with a generated key,
      outputs a signed x509 certificate for that slot showing that
      the key was generated in hardware. Available in firmware 4.3.0 and newer.
    - Add cached parameter for touch-policy With cached, the touch is valid
      for an additional 15s. Available in firmware 4.3.0 and newer.
    - Enforce a minimum PIN length of 6 characters.
    - Fix a bug with list-readers action where it fell through processing into write-object.
* Mon Apr 25 2016 t.gruner@katodev.de
  - Version 1.3.1 (released 2016-04-19)
    - Fix a bug where unblock pin would instead change puk, introduced in 1.3.0.
    - Clarifications with help texts.
  - Version 1.3.0 (released 2016-02-19)
    - Fixed extraction of RSA modulus and exponent for pkcs11.
    - Implemented C_SetPIN for pkcs11.
    - Add generic write and read object actions for the tool. Supports hex/binary/base64 formats
    - Add ykpiv_change_pin(), ykpiv_change_puk() and ykpiv_unblock_pin()
    - Print CCC with status action.
    - Address bugs with pkcs11 on windows.
    - Add --valid-days and --serial to tool for selfsign-certificate action.
    - Ask for password for pkcs12 if none is given.
* Fri Dec 11 2015 t.gruner@katodev.de
  - Version 1.2.2 (released 2015-12-08)
    - Fix old buffer overflow in change-pin functionality.
  - Version 1.2.1 (released 2015-12-08)
    - Fix issue with big certificates and status.
  - Version 1.2.0 (released 2015-12-07)
    - On OSX use @loader_path instead of @executable_path for ykcs11.
    - Add ykpiv_import_private_key to libykpiv.
    - Raise buffer sizes to support bigger objects.
    - Change behavior of action status, only list populated slots.
    - Add retired keys to ykcs11.
    - In ykcs11 support login with non null terminated pin.
    - Add a new action set-ccc to yubico-piv-tool to set the CCC.
* Wed Nov 18 2015 t.gruner@katodev.de
  - Version 1.1.2 (released 2015-11-13)
    - Properly handle DER encoding in ECDSA signatures.
* Thu Nov 12 2015 t.gruner@katodev.de
  - Version 1.1.1 (released 2015-11-11)
    - Make sure SCardContext is properly acquired and released.
* Fri Nov 06 2015 t.gruner@katodev.de
  - Version 1.1.0 (released 2015-11-06)
    - Add support for new YubiKey 4.
    - Add ykcs11.
* Tue Oct 13 2015 t.gruner@katodev.de
  - Add dependencive in .spec file
* Thu Oct 01 2015 t.gruner@katodev.de
  - Version 1.0.3 (released 2015-10-01)
    - Correct wording on unblock-pin action.
    - Show pin retries correctly.
    - Use a bigger buffer for receiving data.
* Tue Sep 15 2015 t.gruner@katodev.de
  - Version 1.0.2 (released 2015-09-04)
    - Query for different passwords/pins on stdin if they’re not supplied.
    - If a reader fails continue trying matching readers.
    - Authentication failed is supposed to be 0x63cX not 0x630X.
* Sat Jul 11 2015 t.gruner@katodev.de
  - Version 1.0.1 (released 2015-07-10)
    - Project relicensed to 2-clause BSD license
    - Minor fixes found with clang scan-build
* Wed Jul 08 2015 t.gruner@katodev.de
  - Version 1.0.0 (released 2015-06-23)
    - Add a test-decipher action.
    - Check that e is 0x10001 on importing rsa keys
    - Use PCSC transactions when sending and receiving data
* Mon Apr 27 2015 cdenicolo@suse.com
  - license update: GPL-3.0+
    COPYING files says package is under GPL-3.0+.
* Thu Mar 26 2015 t.gruner@katodev.de
  - Version 0.1.6 (released 2015-03-23)
      Add a read-certificate action to the tool.
      Add a status action to the tool.
      Fix a library bug so NULL can be passed to ykpiv_verify()
      Add a test-signature action to the tool.
* Mon Feb 09 2015 t.gruner@katodev.de
  - Version 0.1.5 (released 2015-02-04)
      Revert the check for parity and just set parity before the weak check.
* Tue Feb 03 2015 t.gruner@katodev.de
  - Version 0.1.4 (released 2015-02-02)
      Prompt for input if input is stdin.
      Mark all bits of the signature as used is certs and requests.
      Correct error for unblock-pin.
      Fix hex decode to decode capital letters and return error.
      Check parity of new management keys.
* Fri Jan 23 2015 t.gruner@katodev.de
  - Version 0.1.3 (released 2014-12-18)
      Add format DER for importing certificates.
      Make sure diagnostic feedback ends up on stderr.
      Add positive feedback for a couple of actions.
  - Version 0.1.2 (released 2014-11-14)
      Fix an issue where shorter component of RSA keys where not packed correctly.
  - Version 0.1.1 (released 2014-11-10)
      Correct broken CHUID that made windows work inconsistently.
      Add support for compressed certificates.
      Fix broken unblock-pin action.
      Don’t try to accept to short keys for mgm key.
      Only do applet authentication if needed.
      Add --hash for selecting what hash to use for signatures.
      Add hidden --sign command. Should probably not be used.
      Fix for signature algorithm in selfsigned cert.
  - Version 0.1.0 (released 2014-08-25)
      Break out functionality into a library.
      More testing.
  - Version 0.0.3 (released 2014-05-26)
    Add delete-certificate action.
    Fix minor bugs.
  - Version 0.0.2 (released 2014-02-19)
      Fix an offset bug with CHUID.
      Do full mutual auth with the applet.
  - Version 0.0.1 (released 2014-02-11)
      Initial release.

Files

/usr/lib64/libykcs11.so.1
/usr/lib64/libykcs11.so.1.4.4


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 9 14:06:45 2024