| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openssl-ibmca | Distribution: openSUSE:Factory:zSystems |
| Version: 2.5.0 | Vendor: openSUSE |
| Release: 2.1 | Build date: Mon Jul 28 08:30:38 2025 |
| Group: Hardware/Other | Build host: reproducible |
| Size: 363503 | Source RPM: openssl-ibmca-2.5.0-2.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://github.com/opencryptoki/openssl-ibmca | |
| Summary: OpenSSL engine and provider for libica | |
OpenSSL engine and provider that uses the libica library under s390x to accelerate cryptographic operations
Apache-2.0
* Mon Jul 28 2025 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Amended the .spec file (bsc#1246931)
* removed obsolete engine-related content(files), IBMCA engine is deprecated
* removed sub-packages
- openssl-ibmca-engine
- openssl-ibmca-provider
- Removed multibuild and sources:
* Source1: engine_section.txt
* Source2: _multibuild
* Wed Apr 23 2025 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Upgrade openssl-ibmca to version 2.5.0
* Provider: Add support for OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ on import
* Provider: Add support for SignMessage and VerifyMessage API for ECDSA and RSA
* Provider: Allow the DHKEM-IKM option for EC keygen, but use fallback provider
* Provider: Allow ECDSA deterministic signatures, but use fallback
* Engine: Enable external AES-GCM IV when libica is in FIPS mode
* Bug fixes
- Removed obsolete patches
* openssl-ibmca-01-engine-Enable-external-AES-GCM-IV-when-libica-is-in-FIPS-mode.patch
* openssl-ibmca-02-test-provider-Do-not-link-against-libica-use-dlopen-instead.patch
* openssl-ibmca-03-test-provider-Explicitly-initialize-OpenSSL-after-setting-env-vars.patch
* openssl-ibmca-04-engine-Fix-compile-error.patch
* openssl-ibmca-05-provider-Fix-segfault-with-openssl-list-key-managers.patch
* openssl-ibmca-06-Provider-Fix-segfault-with-openssl-list-signature-algorithms-verbose.patch
* openssl-ibmca-07-engine-Fix-Do-not-report-errors-if-libica-does-not-support-EC.patch
* openssl-ibmca-08-Fix-compiler-error-for-undefined-ERR_pop_to_mark.patch
* Wed Feb 19 2025 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied additonal patches(bsc#1237344)
* openssl-ibmca-07-engine-Fix-Do-not-report-errors-if-libica-does-not-support-EC.patch
* openssl-ibmca-08-Fix-compiler-error-for-undefined-ERR_pop_to_mark.patch
* Wed Feb 05 2025 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied additional patch (bsc#1236770)
* openssl-ibmca-06-Provider-Fix-segfault-with-openssl-list-signature-algorithms-verbose.patch
for Provider: Fix segfault with 'openssl list -signature-algorithms -verbose'
* Tue Feb 04 2025 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied a patch (bsc#1236770)
* openssl-ibmca-05-provider-Fix-segfault-with-openssl-list-key-managers.patch
for openssl list -key-managers -verbose causes core dump
* Wed Oct 30 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Adapted the openssl-ibmca package for the openssl-1_1 removal(bsc#1232570)
- Removed obsolete patch
* openssl1-rename-libica-files.patch
* Tue Oct 29 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied patches(jsc#PED-10292)
* openssl-ibmca-01-engine-Enable-external-AES-GCM-IV-when-libica-is-in-FIPS-mode.patch
* openssl-ibmca-02-test-provider-Do-not-link-against-libica-use-dlopen-instead.patch
* openssl-ibmca-03-test-provider-Explicitly-initialize-OpenSSL-after-setting-env-vars.patch
* openssl-ibmca-04-engine-Fix-compile-error.patch
* Tue Jul 16 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Amended the .spec file
* Replaced hard-coded '/usr/share' with %{_datadir}
* Mon Jul 15 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Amended the .spec file (bsc#1227537)
* 'rpm.install.excludedocs = yes' in zypp.conf excludes the /usr/share/doc/..
* Added a check, if there is is /usr/share/doc file to be editted.
* Wed Apr 17 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Amended the .spec file
- Changed the package names
+-------------+---------------------------------+--------------------------+
| Flavor | Package name | Note |
+-------------+---------------------------------+--------------------------+
| '' | openssl-ibmca | Both engine and provider |
| openssl1_1 | openssl1_1-ibmca | openssl1 flavor |
| engine | openssl-ibmca-engine | Only engine |
| provider | openssl-ibmca-provider | Only provider |
+-------------+---------------------------------+--------------------------+
* Wed Apr 17 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applied a patch for openssl1_1 (bsc#1221627)
* openssl1-rename-libica-files.patch
* Tue Apr 09 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Re-implemented flavors (openssl3, engine, provider) (bsc#1221627)
+------------+---------------------------------+--------------------------+
| Flavor | Package name | Note |
+------------+---------------------------------+--------------------------+
| '' | openssl-ibmca | openssl1 flavor |
| engine | openssl3-ibmca-engine | Only engine |
| provider | openssl3-ibmca-provider | Only provider |
| openssl3 | openssl3-ibmca | Both engine and provider |
+------------+---------------------------------+--------------------------+
- Changing/editing 'dynamic_path' after the installation on the target system
* From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in
/usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig
for openssl3 flavor
* Thu Apr 04 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Amended the .spec file (bsc#1221627)
* Removed the flavors
* Removed 'muiltibuild' environment
* Removed the 'provider' logic
* Mon Mar 18 2024 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Updated the .spec file (bsc#1218933, bsc#1221627)
* Amended the .spec file to use modulesdir variable
- Implemented _multibuild environment (openssl1, engine, provider)
- Added a flag and logic for provider in the .spec file
* When provider is set to 1, it 'configures' the provider
* When provider is set to 0, it 'configures' the engine
* Fri Oct 13 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Removed an obsolete patch (implemented in the version 2.4.1)
* openssl-ibmca-engine-noregister.patch
* Fri Oct 06 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Upgrade to version 2.4.1 (jsc#PED-5422)
* Provider: Change the default log directory to /tmp
* Bug fixes
* Mon May 22 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Updated the .spec file, amended to use libica4 instead of libica
* Requires: libica4 >= 4
* Tue May 02 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Updated the .spec file
* uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries
* Tue Apr 25 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Updated the .spec file as follow:
* BuildRequires: libica-devel >= 4.0.0
* BuildRequires: libica-tools >= 4.0.0
* Mon Apr 24 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Added dependency on libica4 (bsc#1209038)
* BuildRequires and Requires statements in .spec file for libica4
* Wed Apr 19 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Applies a patch (bsc#1210359)
* openssl-ibmca-engine-noregister.patch
- Updated the '#dynamic_path' line, as it was before, with the comment '#'.
* Thu Apr 06 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059)
* openssl-ibmca 2.4.0
- Provider: Adjustments for OpenSSL versions 3.1 and 3.2
- Provider: Support RSA blinding
- Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
- Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
- Provider: Adjustments in OpenSSL config generator and example configs
- Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
- Engine: Enable RSA blinding
* Tue Mar 14 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
- Updated .spec file removed '#' from the line containing
'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files
* /usr/lib64/engines-3/ibmca-provider.la
* /usr/lib64/engines-3/ibmca-provider.so
* Tue Oct 04 2022 Mark Post <mpost@suse.com>
- Upgraded to version 2.3.1 (jsc#PED-597)
* openssl-ibmca 2.3.1
- Adjustments for libica 4.1.0
* openssl-ibmca 2.3.0
- First version including the provider
- Fix for engine build without OpenSSL 3.0 sources
* openssl-ibmca 2.2.3
- Fix PKEY segfault with OpenSSL 3.0
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file
* Tue Mar 15 2022 Mark Post <mpost@suse.com>
- Completely revamped the postinstall scriptlet so that it doesn't
need to know or care about how many lines are in either
/etc/ssl/openssl.cnf, or the sample file at
/usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
We're now using the ".include" directive for the openssl.cnf
file, and only modifying that file the minimum necessary to
implement the change. (bsc#1004463)
/usr/lib64/ossl-modules/ibmca-provider.la /usr/lib64/ossl-modules/ibmca-provider.so /usr/share/doc/packages/openssl-ibmca /usr/share/doc/packages/openssl-ibmca/ChangeLog /usr/share/doc/packages/openssl-ibmca/README.md /usr/share/doc/packages/openssl-ibmca/ibmca-provider-opensslconfig /usr/share/licenses/openssl-ibmca /usr/share/licenses/openssl-ibmca/LICENSE /usr/share/man/man5/ibmca-provider.5.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Nov 7 23:30:16 2025