Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openssl-ibmca-provider-2.4.1-slfo.1.3.2 RPM for s390x

From OpenSuSE Leap 16.0 for s390x

Name: openssl-ibmca-provider Distribution: SUSE Linux Framework One
Version: 2.4.1 Vendor: SUSE LLC <https://www.suse.com/>
Release: slfo.1.3.2 Build date: Mon Aug 26 11:32:06 2024
Group: Hardware/Other Build host: s390zl31
Size: 321281 Source RPM: openssl-ibmca-provider-2.4.1-slfo.1.3.2.src.rpm
Packager: https://www.suse.com/
Url: https://github.com/opencryptoki/openssl-ibmca
Summary: The IBMCA OpenSSL dynamic engine
This package contains a shared object OpenSSL dynamic engine which interfaces
to libica, a library enabling the IBM s390/x CPACF crypto instructions.

Provides

Requires

License

Apache-2.0

Changelog

* Tue Jul 16 2024 nikolay.gueorguiev@suse.com
  - Amended the .spec file
    * Replaced hard-coded '/usr/share' with %{_datadir}
* Mon Jul 15 2024 nikolay.gueorguiev@suse.com
  - Amended the .spec file (bsc#1227537)
    * 'rpm.install.excludedocs = yes' in zypp.conf excludes the /usr/share/doc/..
    * Added a check, if there is is /usr/share/doc file to be editted.
* Wed Apr 17 2024 nikolay.gueorguiev@suse.com
  - Amended the .spec file
  - Changed the package names
    +-------------+---------------------------------+--------------------------+
    |  Flavor     | Package name                    | Note                     |
    +-------------+---------------------------------+--------------------------+
    |  ''         | openssl-ibmca                   | Both engine and provider |
    |  openssl1_1 | openssl1_1-ibmca                | openssl1 flavor          |
    |  engine     | openssl-ibmca-engine            | Only engine              |
    |  provider   | openssl-ibmca-provider          | Only provider            |
    +-------------+---------------------------------+--------------------------+
* Wed Apr 17 2024 nikolay.gueorguiev@suse.com
  - Applied a patch for openssl1_1 (bsc#1221627)
    * openssl1-rename-libica-files.patch
* Tue Apr 09 2024 nikolay.gueorguiev@suse.com
  - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627)
    +------------+---------------------------------+--------------------------+
    |  Flavor    | Package name                    | Note                     |
    +------------+---------------------------------+--------------------------+
    |  ''        | openssl-ibmca                   | openssl1 flavor          |
    |  engine    | openssl3-ibmca-engine           | Only engine              |
    |  provider  | openssl3-ibmca-provider         | Only provider            |
    |  openssl3  | openssl3-ibmca                  | Both engine and provider |
    +------------+---------------------------------+--------------------------+
  - Changing/editing 'dynamic_path' after the installation on the target system
    * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in
      /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig
      for openssl3 flavor
* Thu Apr 04 2024 nikolay.gueorguiev@suse.com
  - Amended the .spec file (bsc#1221627)
    * Removed the flavors
    * Removed 'muiltibuild' environment
    * Removed the 'provider' logic
* Mon Mar 18 2024 nikolay.gueorguiev@suse.com
  - Updated the .spec file (bsc#1218933, bsc#1221627)
    * Amended the .spec file to use modulesdir variable
  - Implemented _multibuild environment (openssl1, engine, provider)
  - Added a flag and logic for provider in the .spec file
    * When provider is set to 1, it 'configures' the provider
    * When provider is set to 0, it 'configures' the engine
* Fri Oct 13 2023 nikolay.gueorguiev@suse.com
  - Removed an obsolete patch (implemented in the version 2.4.1)
    * openssl-ibmca-engine-noregister.patch
* Fri Oct 06 2023 nikolay.gueorguiev@suse.com
  - Upgrade to version 2.4.1 (jsc#PED-5422)
    * Provider: Change the default log directory to /tmp
    * Bug fixes
* Mon May 22 2023 nikolay.gueorguiev@suse.com
  - Updated the .spec file, amended to use libica4 instead of libica
    * Requires:  libica4 >= 4
* Tue May 02 2023 nikolay.gueorguiev@suse.com
  - Updated the .spec file
    * uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries
* Tue Apr 25 2023 nikolay.gueorguiev@suse.com
  - Updated the .spec file as follow:
    * BuildRequires:  libica-devel >= 4.0.0
    * BuildRequires:  libica-tools >= 4.0.0
* Mon Apr 24 2023 nikolay.gueorguiev@suse.com
  - Added dependency on libica4 (bsc#1209038)
    * BuildRequires and Requires statements in .spec file for libica4
* Wed Apr 19 2023 nikolay.gueorguiev@suse.com
  - Applies a patch (bsc#1210359)
    * openssl-ibmca-engine-noregister.patch
  - Updated the '#dynamic_path' line, as it was before, with the comment '#'.
* Thu Apr 06 2023 nikolay.gueorguiev@suse.com
  - Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059)
    * openssl-ibmca 2.4.0
    - Provider: Adjustments for OpenSSL versions 3.1 and 3.2
    - Provider: Support RSA blinding
    - Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
    - Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
    - Provider: Adjustments in OpenSSL config generator and example configs
    - Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
    - Engine: Enable RSA blinding
* Tue Mar 14 2023 nikolay.gueorguiev@suse.com
  - Updated .spec file removed '#' from the line containing
    'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
  - Added in %files
    * /usr/lib64/engines-3/ibmca-provider.la
    * /usr/lib64/engines-3/ibmca-provider.so
* Tue Oct 04 2022 mpost@suse.com
  - Upgraded to version 2.3.1 (jsc#PED-597)
    * openssl-ibmca 2.3.1
    - Adjustments for libica 4.1.0
    * openssl-ibmca 2.3.0
    - First version including the provider
    - Fix for engine build without OpenSSL 3.0 sources
    * openssl-ibmca 2.2.3
    - Fix PKEY segfault with OpenSSL 3.0
    * openssl-ibmca 2.2.2
    - Fix tests with OpenSSL 3.0
    - Build against libica 4.0
  - Removed a Requires for libica from the specfile.
  - Removed the obsolete baselibs.conf file
* Tue Mar 15 2022 mpost@suse.com
  - Completely revamped the postinstall scriptlet so that it doesn't
    need to know or care about how many lines are in either
    /etc/ssl/openssl.cnf, or the sample file at
    /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
    We're now using the ".include" directive for the openssl.cnf
    file, and only modifying that file the minimum necessary to
    implement the change. (bsc#1004463)
* Fri Sep 17 2021 mpost@suse.com
  - Upgraded to version 2.2.1 (jsc#SLE-18333)
    * openssl-ibmca 2.2.1
      Bug fixes
    * openssl-ibmca 2.2.0
      Implement fallbacks based on OpenSSL
      Disable software fallbacks from libica
      Allow to specify default library (libica vs. libica-cex) to use
      Provide "libica" engine ctrl to switch library at load time
      Update README.md
      Remove libica link dependency
      Generate sample configuration files from system configuration
      Restructure registration global data
    * openssl-ibmca 2.1.3
      Bug fix
    * openssl-ibmca 2.1.2
      Bug fixes
  - Modified spec file to
    * Define a global variable enginesdir the same was as IBM does
      instead of _ENGINE_DIR as we had been doing.
    * Implemented %make_build macro according to spec-cleaner
    * Changed the package description to match IBM's.
    * Removed the redundant "autoreconf --force --install"
* Wed Sep 16 2020 mpost@suse.com
  - Upgrade to version 2.1.1 (jsc#SLE-13709)
    * Bug fixes
* Tue Sep 10 2019 mpost@suse.com
  - Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
    Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448
* Wed Aug 28 2019 mpost@suse.com
  - Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
    * openssl-ibmca 2.0.3
      Add MSA9 CPACF support for ECDSA sign/verify
  - Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
  - Changed the ExclusiveArch directive to include s390x only.
  - The code in e_ibmca.c does a dlopen for libica.so.3, instead of
    linking against the shared library. As a result, if the package
    containing libica.so.3 isn't installed, problems occur. Added
    a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
  - Made a couple of changes to the spec file based on the output
    from spec-cleaner.
* Fri Jun 28 2019 mpost@suse.com
  - Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
    An Apache HTTP Server was set up with mod_ssl and the openssl
    ibmca engine using libica and a CEX6A card. Whenever a worker
    process is cleaned up a segmentation fault occurs.
    (bsc#1138517)
* Tue Nov 27 2018 mpost@suse.com
  - Upgraded to version 2.0.2 (Fate#325688)
    * openssl-ibmca 2.0.2
      Fix doing rsa-me, altough rsa-crt would be possible.
* Thu Nov 15 2018 mpost@suse.com
  - Upgraded to version 2.0.1 (Fate#325688)
    * openssl-ibmca 2.0.1
      Dont fail when a libica symbol cannot be resolved.
  - Made multiple changes to the spec file based on spec-cleaner output.
* Wed Nov 14 2018 mpost@suse.com
  - Upgraded to version 2.0.0 (Fate#325688)
    * openssl-ibmca 2.0.0
      Add ECC support.
      Add check and distcheck make-targets.
      Project cleanup, code was broken into multiple files and coding style cleanup.
      Improvements to compat macros for openssl.
      Don't disable libica sw fallbacks.
      Fix dlclose logic.
    * openssl-ibmca 1.4.1
      Fix structure size for aes-256-ecb/cbc/cfb/ofb
      Update man page
      Switch to ibmca.so filename to allow standalone use
      Switch off Libica fallback mode if available
      Make sure ibmca_init only runs once
      Provide simple macro for DEBUG_PRINTF possibility
      Cleanup and slight rework of function set_supported_meths
  - Did some cleanup to the spec file, based on spec-cleanup.
  - Removed the following obsolete patches:
    * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
    * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
    * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
* Fri Aug 31 2018 mpost@suse.com
  - Added the following patches for bsc#1097463
    * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
    * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
    * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
* Fri Sep 22 2017 mpost@suse.com
  - Upgraded to version 1.4.0
    * Re-license to Apache License v2.0
    * Fix aes_gcm initialization.
    * Update man page.
    * Add macros for OpenSSL 0.9.8 compat.
    * Remove AC_FUNC_MALLOC from configure.ac
    * Add compat macro for OpenSSL 1.0.1e-fips.
    * Setting 'foreign' strictness for automake.
    * Add AES-GCM support.
    * Rework EVP_aes macros.
    * Remove dependency of old local OpenSSL headers.
    * Fix engine initialization to set function pointers only once.
    * Remove blank COPYING and NEWS files.
    * Remove INSTALL and move its content to README.md
    * Update README.md file to make use of markdown.
    * Rename README file to README.md to use markdown
    * Add CONTRIBUTING guidelines.
    * Adding coding style documentation.
    * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
    * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
    * Fix SHA512 EVP digest struct to use
      EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
    * Fix wrong parenthesis
    * convert libica loading to dlopen() and friends
    * Add support to DSO on new API of OpenSSL-1.1.0
  - Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
  - Added BuildRequires for autoconf, automake, and libtool.
  - Updated BuildRequires for libica-devel to be >= 3.1.1
* Fri Sep 22 2017 mpost@suse.com
  - Now that the openSSL engines directory is versioned:
    * Modified the spec file to query the libcrypto package
      for which directory to install the engine into.
    * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
      with a sed command so that it will provide the correct
      versioned engines directory
  - Removed openssl-ibmca-configure.patch. It doesn't seem to
    be needed any longer.
* Tue Apr 11 2017 mpost@suse.com
  - Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
  - Added libica-tools to the BuildRequires due to repackaging of libica.
  - Renamed BuildRequires from libica2-devel to libica-devel for the
    same reason.
  - Tweaked a comment to get rid of an rpmlint warning message.
* Thu Oct 13 2016 meissner@suse.com
  - fixed ssl configuration merging (bsc#1004463)
  - openssl-ibmca-fix-enginepath.patch: fix the engine path
* Wed Apr 06 2016 mpluskal@suse.com
  - Use macro for configure (fate#319941)
  - Use url for source
  - Enable parallel building
  - Cleanup spec file with spec-cleaner
* Thu Mar 31 2016 mpost@suse.com
  - Upgraded to version 1.3.0 (fate#319941)
    - Updated openssl-ibmca-configure.patch to apply cleanly
    - Removed obsolete patches
    - openssl-ibmca-README.patch
    - openssl-ibmca-sha256-digest-length.patch
    - openssl-pkey.patch
    - openssl-des-ede.patch
  - Did some spec file cleanup.
* Mon Mar 21 2016 jjolly@suse.com
  - Fixed %post script to update library path (the only dynamic part
    of the ibmca configuration) every time the package is installed.
    (bsc#966139)
* Tue Oct 27 2015 jjolly@suse.com
  - Updated AUTHORS, INSTALL, and README (bsc#942839)
  - %post and %postun added to properly update openssl.cnf (bsc#942839)
* Tue Oct 27 2015 jjolly@suse.com
  - Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
* Sun Mar 08 2015 p.drouand@gmail.com
  - Remove dependency on fillup anf insserv; the package provides
    neither sysconfig file nor sysvinit script
  - Remove depreciated AUTHORS section
  - Use %configure macro
  - Add openssl-ibmca-configure.patch
* Wed Dec 03 2014 meissner@suse.com
  - the openssl engines moved to /%_lib/engines bnc#905480
* Thu Aug 14 2014 jjolly@suse.com
  - Forced requirement of libica-2_3_0 (bnc#890824)
* Thu Jun 26 2014 meissner@suse.com
  - openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922)
  - openssl-pkey.patch: defer HMAC signing to pkey framework, fixes
    fips self-test during EC key creation (bnc#879922)
  - spec file cleaned up a bit
* Tue Mar 18 2014 jjolly@suse.com
  - openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message
    digest length definition in sha256 template (bnc#868275)
* Wed Mar 05 2014 ro@suse.de
  - update to 1.2.0
  - removed patches:
    ibmca-configure.patch
    ibmca-segfault.fix.patch
    ibmca-sw-fix.patch
    openssl-ibmca-1.0.0.rc2-memset-fix.patch
  - make it exclusivearch for s390/s390x as the required libica
    is only available for s390/s390x
* Wed Feb 19 2014 jjolly@suse.com
  - Made required libica-2_1_0 s390 specific
  - Added x86_64 to ExclusiveArch as %ix86 doesn't do it
  - Removed libica requirement - allowing build process to find it
* Wed Feb 19 2014 jjolly@suse.com
  - Added COPYING to %files
* Tue Feb 18 2014 jjolly@suse.com
  - Requiring libica 2.1.0 or greater
* Tue Dec 10 2013 dvaleev@suse.com
  - enable ppc64le
* Fri Mar 23 2012 dvaleev@suse.com
  - fix build (add autoconf automake libtool to BuildRequires)
* Thu Mar 24 2011 coolo@novell.com
  - disable libtool --finish call
* Fri Dec 17 2010 coolo@novell.com
  - own engines directory
* Mon Feb 01 2010 jengelh@medozas.de
  - package baselibs.conf
* Wed Jan 07 2009 olh@suse.de
  - obsolete old -XXbit packages (bnc#437293)
* Thu Apr 10 2008 ro@suse.de
  - added baselibs.conf file to build xxbit packages
    for multilib support
* Tue Feb 13 2007 uli@suse.de
  - added fixes by IBM (bug #243801):
    ibmca-segfault.fix: rewrite ibmca_mod_expto remove improper use of BIGNUM
    object
    ibmca-sw-fix: rewrite ibmca_mod_exp_crtto remove improper use of BIGNUM
    object
    openssl-ibmca-1.0.0.rc2-memset-fix.patch: fix memory initialization problem
* Mon Jun 19 2006 uli@suse.de
  - updated README (bug #185508)
* Tue Mar 28 2006 hare@suse.de
  - Fixed configure.in to build correctly
  - Fixed spec file
  - Initial version from Mike Halcrow

Files

/usr/lib64/ossl-modules/ibmca-provider.so
/usr/share/doc/packages/openssl-ibmca-provider
/usr/share/doc/packages/openssl-ibmca-provider/ChangeLog
/usr/share/doc/packages/openssl-ibmca-provider/README.md
/usr/share/doc/packages/openssl-ibmca-provider/ibmca-provider-opensslconfig
/usr/share/licenses/openssl-ibmca-provider
/usr/share/licenses/openssl-ibmca-provider/LICENSE
/usr/share/man/man5/ibmca-provider.5.gz
/usr/share/openssl-ibmca-provider
/usr/share/openssl-ibmca-provider/openssl-ibmca.enginedef.cnf
/usr/share/openssl-ibmca-provider/openssl-ibmca.sectiondef.txt


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Nov 9 00:36:49 2024