| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: pkcs11-provider | Distribution: openSUSE Tumbleweed |
| Version: 1.0 | Vendor: openSUSE |
| Release: 5.1 | Build date: Thu Feb 13 17:32:08 2025 |
| Group: Productivity/Security | Build host: reproducible |
| Size: 325639 | Source RPM: pkcs11-provider-1.0-5.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://github.com/latchset | |
| Summary: A PKCS#11 provider for OpenSSL 3.0+ | |
This is an Openssl 3.x provider to access Hardware or Software Tokens using the PKCS#11 Cryptographic Token Interface. This code targets version 3.0 of the cryptoki interface but should be backwards compatible to previous versions as well.
Apache-2.0
* Thu Feb 13 2025 Lucas Mulling <lucas.mulling@suse.com>
- Update to 1.0:
* Improved compatibility with PKCS#11 spec and historical module behavior in
interpreting CKA_EC_POINT, thie handled incompatibilities in ECDSA/ECDH
keys.
* Added full RSA-PSS support
* Fixed several issues with using keypairs after generation and loading of
related public keys, espcially with the way OpenSSL handles ECDH peer key
creation.
* Fixed issues with EdDSA signatures
* Expanded CI/testsuite with tlsfuzzer and more teting for Ed448 and other
key types/operations
* We test three different software tokens with 4 different test
configurations
* For a full list of changes see: https://github.com/latchset/pkcs11-provider/releases/tag/v1.0
- Remove patch explicit-EC-test-option.patch
* Tue Dec 17 2024 Lucas Mulling <lucas.mulling@suse.com>
- Update to 0.6:
* TLS 1.3 is now supported via token handling (KDFs etc..)
* A new feature to prevent PIN lockouts when the token correctly signals
authentication attempts depletion via token info.
* Several issues with handling keys related to run a full end-to-end TLS
connection on the token have been fixed
* Most cases when early loading was needed have been resolved, HTTP and Bind
for example work without specifying early loading for the provider
* Several memory leaks have been resolved
* Several new tests including a whole new token (kryoptic) are tested now, as
well as tlsfuzzer against a TLS server deferring all operations to the
tokens.
* For a full list of changes see: https://github.com/latchset/pkcs11-provider/releases/tag/v0.6
- Includes changes from 0.5 and 0.4
* We moved the build system to Meson
* A feature to embed pkcs11- URIs into "fake" PEM files has been added which
makes it possible to transparently use the provider with many tools that
accept keys only as PEM files.
* For a full list of changes see:
https://github.com/latchset/pkcs11-provider/releases/tag/v0.5
https://github.com/latchset/pkcs11-provider/releases/tag/v0.4
- Add pkcs11-provider.keyring
- Enable unit testing for softokn and softhsm
- Add patch
* explicit-EC-test-option.patch
* Fri Feb 09 2024 Luca Boccassi <bluca@debian.org>
- New upstream version version 0.3. For a full list of changes, see
https://github.com/latchset/pkcs11-provider/releases/tag/v0.3
* Wed Oct 11 2023 Luca Boccassi <bluca@debian.org>
- Initial packaging of pkcs11-provider version 0.2
/usr/lib64/ossl-modules/pkcs11.so /usr/share/doc/packages/pkcs11-provider /usr/share/doc/packages/pkcs11-provider/README.md /usr/share/licenses/pkcs11-provider /usr/share/licenses/pkcs11-provider/COPYING /usr/share/man/man7/provider-pkcs11.7.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Feb 20 00:53:01 2025