Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: softhsm | Distribution: openSUSE Leap 16.0 |
Version: 2.6.1 | Vendor: openSUSE |
Release: lp160.1.1 | Build date: Tue May 21 09:24:23 2024 |
Group: Unspecified | Build host: reproducible |
Size: 1610976 | Source RPM: softhsm-2.6.1-lp160.1.1.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: https://www.opendnssec.org/ | |
Summary: Software version of a PKCS#11 Hardware Security Module |
OpenDNSSEC is providing a software implementation of a generic cryptographic device with a PKCS#11 interface, the SoftHSM. SoftHSM is designed to meet the requirements of OpenDNSSEC, but can also work together with other cryptographic products because of the PKCS#11 interface.
BSD-2-Clause
* Tue May 21 2024 Matej Cepl <mcepl@cepl.eu> - Use correct SOURCE for /usr/share/p11-kit/modules/softhsm.module (fix bsc#1224356). * Sat May 11 2024 Matej Cepl <mcepl@cepl.eu> - We actually don't need any hard Requires for OpenSSL at all (and yes, rpmlint is right, we shouldn't use it at all). * Tue May 07 2024 Matej Cepl <mcepl@cepl.eu> - Add creation of ods user. * Mon Apr 15 2024 Matej Cepl <mcepl@cepl.eu> - Rebuild with inspiration (and patches) from the Fedora package. - Remove obsolete patch softhsm-rsakeys.patch - Add Fedora patches (comments in SPEC indicate their true origin): - softhsm-openssl3-tests.patch - softhsm-prevent-global-deleted-objects-access.patch - softhsm-2.6.1-rh1831086-exit.patch - softhsm-2.6.1-uninitialized.patch * Thu Apr 21 2022 Marcus Meissner <meissner@suse.com> - switched URL to https * Thu Apr 30 2020 Martin Hauke <mardnh@gmx.de> - Update to version 2.6.1 * Issue #542: Support Ed448/X448 for OpenSSL * Issue #538: Improved warning and compilation issues for GCC10 * Tue Mar 17 2020 Martin Hauke <mardnh@gmx.de> - Update to version 2.6.0 Changes: * Issue #493: Upgrade to Botan 2. * Issue #530: Update appveyor build. * Issue #438: Detect crypto algorithms by default. * Issue #455: Provide a new configuration option to allow enabling and disabling various mechanisms (slots.mechanisms in the softhsm2.conf). * Issue #479: Increase SQLite busy timeout from 15 seconds to 3 minutes. * Issue #513: Add configuration option to reset state on fork closing all sessions rather than keeping all sessions open in duplicate process. * Issue #500: C_WaitForSlotEvent implementation. * Issue #445: Add wrap support with CKM_AES_CBC. Bugfixes: * Issue #418: Set fields to NULL to avoid double free. * Issue #423: ENGINE_load_rdrand is not supported with older openssl. * Issue #429: Updated prerequisite to build from repository. * Issue #434: Fix build issues with CMake. * Issue #435: Fix botan build without EDDSA. * Issue #442: Release resources from OSSLEVPSymmetricAlgorithm. * Issue #449/#502: Do not copy zero sized buffer avoid null pointer reference. * Issue #464: Race condition with multiple threads closing last session and opening a newer sessions. * Issue #452: Fixes to automake build fir undefined macros. * Issue #462: User PIN count wrongly calculated. * Issue #516: Fix memory leak in OSSLCryptoFactory. * Issue #494: Allow null pointers as arguments when count is zero. * Issue #518: Sporadic problem in closing sessions because of lookup of object without prior locking. * Issue #506: Check key type for C_EncryptInit and C_DecryptInit. * Issue #526: Adjust EDDSA code to return valid EC_PARAMS. * Issue #452: Autogen failure on undefined macro AC_MSG_ERROR. * Issue #527: Fixed some build errors for GCC 10. * Issue #470: Null pointer arguments validation for C_EncryptFinal, etc. * Mon May 20 2019 Christophe Giboudeaux <christophe@krop.fr> - Add the missing zlib requirement. * Mon Sep 24 2018 Michael Ströder <michael@stroeder.com> - Update to version 2.5.0 Updates: * Issue #323: Support for EDDSA with vendor defined mechanisms. * Issue #362: CMake Build System Support for SoftHSM. * Issue #368: Support migrating 32-bit SoftHSMv1 DB on 64-bit system (LP64). * Issue #385: Default is not to build EDDSA since it has not been released in OpenSSL. * Issue #387: Windows: Add VS2017 detection to Configure.py. * Issue #412: Replace PKCS11 headers with a version from p11-kit. Bugfixes: * Issue #366: Support cross-compilation. * Issue #377: Duplicate symbol error with custom p11test. * Issue #386: Use RDRAND in OpenSSL if that engine is available. * Issue #388: Update DBTests.cpp to fix x86 test failure. * Issue #393: Not setting CKA_PUBLIC_KEY_INFO correctly. * Issue #401: Wrong key and keyserver mentioned in installation documentation. * Issue #408: Remove mutex callbacks after C_Finalize(). * Tue Feb 27 2018 mardnh@gmx.de - Update to version 2.4.0 * Support PKCS#8 for GOST. * Support for CKA_ALLOWED_MECHANISMS. * Support CKA_ALWAYS_AUTHENTICATE for private key objects. * Support for CKM_DES3_CMAC and CKM_AES_CMAC. * Support for CKM_AES_GCM. * Document that initialized tokens will be reassigned to another slot (based on the token serial number). * Support for CKM_RSA_PKCS_PSS. * Import AES keys with softhsm2-util. * softhsm2-util will check the configuration and report any issues before loading the PKCS#11 library. * Sun Dec 17 2017 mardnh@gmx.de - Update to version 2.3.0 * Upgraded to PKCS#11 v2.40. * Minor changes to some return values. * Added CKA_DESTROYABLE to all objects. Used by C_DestroyObject(). * Added CKA_PUBLIC_KEY_INFO to certificates, private, and public key objects. Will be accepted from application, but SoftHSM will currently not calculate it. * Support for CKM_AES_CTR. * Add unit tests for SessionManager. * C_DigestKey returns CKR_KEY_INDIGESTIBLE when key attribute CKA_EXTRACTABLE = false. Whitelist SHA algorithms to allow C_DigestKey in this case. * Show slot id after initialization. * Run AppVeyor (Windows CI) for each PR and merge. * Set CKA_DECRYPT/CKA_ENCRYPT flags on key import to true. * Add support for libeaycompat lib for FIPS on Windows. * Support importing ECDSA P-521 in softhsm-util. * Support for Botan 2.0. * Editorial changes from Mountain Lion to Sierra. * More detailed error messages when initializing SoftHSM. * Support for LibreSSL. * Change to enable builds and reports on new Jenkinks environment. * Detect cppunit in autoconf. * CKO_CERTIFICATE and CKO_PUBLIC_KEY now defaults to CKA_PRIVATE=false. * Update README with information about logging. * Adjust log levels for failing to enumerate object store. * Better handling of CRYPTO_set_locking_callback() for OpenSSL. * Fix deriving shared secret with ECC. * HMAC with sizes less than L bytes is strongly discouraged. Set a lower bound equal to L bytes in ulMinKeySize and check it when initializing the operation. * Fix test of p11 shared library. * Minor fix of 'EVP_CipherFinal_ex'. * Fix build with cppunit. * Export PKCS#11 symbols from the library. * Zero pad key to fit the block in CKM_AES_KEY_WRAP. * Detecting CppUnit when using Macports. - Update to version 2.2.0 * Delete a token using softhsm2-util. * Change access mode bits for /var/lib/softhsm/tokens/ to 1777. All users can now create tokens, but only access their own. * Reinitializing a token will now keep the token, but all token objects are deleted, the user PIN is removed and the token label is updated. * Support for OpenSSL 1.1.0. * Calling C_GetSlotList with NULL_PTR will make sure that there is always a slot with an uninitialized token available. * The token serial number will be used when setting the slot number. The serial number is set after the token has been initialized. * Update the command utils to use the token label or serial to find the token and its slot number. * Possibility to test other PKCS#11 implementations with the CppUnit test. * Mark public key as non private by default. * Install p11-kit module, to disable use --disable-p11-kit. * Add windows continuous integration build. * Missing new source file and test configuration in the Windows build project. * ECDSA P-521 support for OpenSSL and better test coverage. * Fix segmentation faults in loadLibrary function. * Crash on module unload with OpenSSL. * C++11 not detected. * API changes in Botan 1.11.27. * Fix include guard to check WITH_FIPS. * p11test fails on 32-bit systems. * Build warning about "converting a string constant". * Fix C++11 check to look for unique_ptr. - Update to version 2.1.0 * Improved guide and build scripts for Windows. * The password prompt in softhsm2-util can now be interrupted (ctrl-c). * Add slots.removable config option. * Prioritize the return values in C_GetAttributeValue. * Handle the CKA_CHECK_VALUE correctly for certificates and symmetric key objects. * Not possible to create certificate objects containing CKA_CERTIFICATE_CATEGORY, CKA_NAME_HASH_ALGORITHM, or CKA_JAVA_MIDP_SECURITY_DOMAIN. * Do not attempt decryption of empty byte strings. * Minor changes after a PVS-Studio code analysis, and C_EncryptUpdate crash if no ciphered data is produced. * One-byte buffer overflow in call to EVP_DecryptUpdate. * Problem while closing library that is initialized but improperly finalized. * Adjust return values for the template parsing. * C_DeriveKey() error with leading zero bytes. * CKA_NEVER_EXTRACTABLE set to CK_FALSE on objects created with C_CreateObject. * Stop discarding the global OpenSSL libcrypto state. - Drop not longer needed patches (fixed upstream): * softhsm-v2.0.0b1-aes-key-wrap.patch * softhsm-v2.0.0b1-ckm-rsa-pkcs-oaep-key-wrap.patch * softhsm-newcppunit.patch - Rebase patches: * softhsm-rsakeys.patch - Fix URL * Sun May 07 2017 meissner@suse.com - softhsm-newcppunit.patch: new cppunit uses pkg-config now, not cppunit-config * Thu Oct 08 2015 meissner@suse.com - softhsm-rsakeys.patch: do not test odd bit RSA keys, this breaks with the FIPS enabled openssl from leap/sle12, as thats rounds up the keylength to the next even number. bsc#949492 * Fri May 08 2015 hguo@suse.com - Source extracted from Fedora 21 release SRPM with minor modifications. * Tue Sep 30 2014 pwouters@redhat.com - Add support for CKM_RSA_PKCS_OAEP key un/wrapping [Petr Spacek] - Use OpenSSL EVP interface for AES key wrapping [Petr Spacek] - Fix softhsm2-pk11install buid and post call - Do not use --with-objectstore-backend-db (causes issues on i686) - Change install directory to /usr/lib*/pkcs11/ - Install pkcs11 module file - Use official upstream tar ball - Create ods user to own softhsm/token files - Enable migration tools (for softhsm-v1 installs) - Add softlink for softhsm-v1 .so (needed for opendnssec's conf.xml) - Require p11-kit, nss-tools, for SoftHSM PKCS #11 Module file - Copy pk11install.c from coolkey package - Enable hardened build - Add upstream official source url * Fri Apr 18 2014 pwouters@redhat.com - Updated to 1.3.6 (rhbz#1070196) - Provide a p11-kit module file (rhbz#1085327) * Sun Nov 03 2013 pwouters@redhat.com - Updated to 1.3.5 (rhbz#987721) * Mon Jun 04 2012 pwouters@redhat.com - Updated to 1.3.3 * Tue Apr 03 2012 pwouters@redhat.com - Updated to 1.3.2. - Changed user from opendnssec to ods, as used in the opendnssec package * Thu Oct 27 2011 paul@xelerance.com - Initial Fedora package - Do not install the .a file - Use a separate "opendnssec" user to own /var/sofhsm * Tue Oct 25 2011 paul@xelerance.com - Fix description texts w.r.t. include files * Wed Oct 05 2011 paul@xelerance.com - Upgraded to 1.3.0 * Thu Mar 03 2011 paul@xelerance.com - Initial package for Fedora
/etc/softhsm2.conf /usr/bin/softhsm2-dump-file /usr/bin/softhsm2-keyconv /usr/bin/softhsm2-migrate /usr/bin/softhsm2-pk11install /usr/bin/softhsm2-util /usr/lib/sysusers.d/ods-user.conf /usr/lib64/pkcs11/libsofthsm2.so /usr/lib64/softhsm /usr/lib64/softhsm/libsofthsm.so /usr/share/doc/packages/softhsm /usr/share/doc/packages/softhsm/FIPS-NOTES.md /usr/share/doc/packages/softhsm/NEWS /usr/share/doc/packages/softhsm/README.md /usr/share/doc/packages/softhsm/fedora.changelog /usr/share/licenses/softhsm /usr/share/licenses/softhsm/LICENSE /usr/share/man/man1/softhsm2-dump-file.1.gz /usr/share/man/man1/softhsm2-keyconv.1.gz /usr/share/man/man1/softhsm2-migrate.1.gz /usr/share/man/man1/softhsm2-util.1.gz /usr/share/man/man5/softhsm2.conf.5.gz /usr/share/p11-kit/modules/softhsm.module /usr/share/p11-kit/modules/softhsm2.module /var/lib/softhsm /var/lib/softhsm/tokens
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Nov 12 00:24:29 2024