| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openssl3-ibmca | Distribution: SUSE Linux Enterprise 15 |
| Version: 2.4.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 150500.6.3.1 | Build date: Sat Dec 2 13:12:00 2023 |
| Group: Hardware/Other | Build host: s390zl33 |
| Size: 417579 | Source RPM: openssl3-ibmca-2.4.0-150500.6.3.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://github.com/opencryptoki/openssl-ibmca | |
| Summary: The IBMCA OpenSSL dynamic engine | |
This package contains a shared object OpenSSL dynamic engine which interfaces to libica, a library enabling the IBM s390/x CPACF crypto instructions.
Apache-2.0
* Fri Sep 01 2023 otto.hollmann@suse.com
- Adjust configure and Makefile to require libica-openssl3 when
building wiht openssl3 flavor. [bsc#1207472]
* Add openssl3-rename-libica-files.patch
* Thu Jun 22 2023 pmonreal@suse.com
- Adjust dlopen() for the new ibmca-openssl3.so for the multibuild
flavor. This allows to install in parallel a version compiled
against openssl 1.1.1 and another with openssl 3.0. [bsc#1207472]
* Thu May 04 2023 otto.hollmann@suse.com
- Add multibuild flavor to provide library compiled against openssl-3
[bsc#1207472]
* Tue May 02 2023 nikolay.gueorguiev@suse.com
- Updated the .spec file
* uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries
* Thu Apr 27 2023 nikolay.gueorguiev@suse.com
- Updated the .spec file as follow:
* BuildRequires: libica-devel >= 4.0.0
* BuildRequires: libica-tools >= 4.0.0
* Tue Apr 25 2023 nikolay.gueorguiev@suse.com
- Added dependency on libica4 (bsc#1209038)
* BuildRequires and Requires statements in .spec file for libica4
* Thu Apr 20 2023 nikolay.gueorguiev@suse.com
- Applies a patch (bsc#1210359)
* openssl-ibmca-engine-noregister.patch
- Updated the '#dynamic_path' line, as it was before, with the comment '#'.
* Wed Apr 05 2023 nikolay.gueorguiev@suse.com
- Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059)
* openssl-ibmca 2.4.0
- Provider: Adjustments for OpenSSL versions 3.1 and 3.2
- Provider: Support RSA blinding
- Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
- Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
- Provider: Adjustments in OpenSSL config generator and example configs
- Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
- Engine: Enable RSA blinding
* Fri Mar 10 2023 nikolay.gueorguiev@suse.com
- Updated .spec file removed '#' from the line containing
'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files
* /usr/lib64/engines-3/ibmca-provider.la
* /usr/lib64/engines-3/ibmca-provider.so
* Tue Oct 04 2022 mpost@suse.com
- Upgraded to version 2.3.1 (jsc#PED-597)
* openssl-ibmca 2.3.1
- Adjustments for libica 4.1.0
* openssl-ibmca 2.3.0
- First version including the provider
- Fix for engine build without OpenSSL 3.0 sources
* openssl-ibmca 2.2.3
- Fix PKEY segfault with OpenSSL 3.0
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file
* Tue Mar 15 2022 mpost@suse.com
- Completely revamped the postinstall scriptlet so that it doesn't
need to know or care about how many lines are in either
/etc/ssl/openssl.cnf, or the sample file at
/usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
We're now using the ".include" directive for the openssl.cnf
file, and only modifying that file the minimum necessary to
implement the change. (bsc#1004463)
* Fri Sep 17 2021 mpost@suse.com
- Upgraded to version 2.2.1 (jsc#SLE-18333)
* openssl-ibmca 2.2.1
Bug fixes
* openssl-ibmca 2.2.0
Implement fallbacks based on OpenSSL
Disable software fallbacks from libica
Allow to specify default library (libica vs. libica-cex) to use
Provide "libica" engine ctrl to switch library at load time
Update README.md
Remove libica link dependency
Generate sample configuration files from system configuration
Restructure registration global data
* openssl-ibmca 2.1.3
Bug fix
* openssl-ibmca 2.1.2
Bug fixes
- Modified spec file to
* Define a global variable enginesdir the same was as IBM does
instead of _ENGINE_DIR as we had been doing.
* Implemented %make_build macro according to spec-cleaner
* Changed the package description to match IBM's.
* Removed the redundant "autoreconf --force --install"
* Wed Sep 16 2020 mpost@suse.com
- Upgrade to version 2.1.1 (jsc#SLE-13709)
* Bug fixes
* Tue Sep 10 2019 mpost@suse.com
- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448
* Wed Aug 28 2019 mpost@suse.com
- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
* openssl-ibmca 2.0.3
Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
linking against the shared library. As a result, if the package
containing libica.so.3 isn't installed, problems occur. Added
a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
from spec-cleaner.
* Fri Jun 28 2019 mpost@suse.com
- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
An Apache HTTP Server was set up with mod_ssl and the openssl
ibmca engine using libica and a CEX6A card. Whenever a worker
process is cleaned up a segmentation fault occurs.
(bsc#1138517)
* Tue Nov 27 2018 mpost@suse.com
- Upgraded to version 2.0.2 (Fate#325688)
* openssl-ibmca 2.0.2
Fix doing rsa-me, altough rsa-crt would be possible.
* Thu Nov 15 2018 mpost@suse.com
- Upgraded to version 2.0.1 (Fate#325688)
* openssl-ibmca 2.0.1
Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.
* Wed Nov 14 2018 mpost@suse.com
- Upgraded to version 2.0.0 (Fate#325688)
* openssl-ibmca 2.0.0
Add ECC support.
Add check and distcheck make-targets.
Project cleanup, code was broken into multiple files and coding style cleanup.
Improvements to compat macros for openssl.
Don't disable libica sw fallbacks.
Fix dlclose logic.
* openssl-ibmca 1.4.1
Fix structure size for aes-256-ecb/cbc/cfb/ofb
Update man page
Switch to ibmca.so filename to allow standalone use
Switch off Libica fallback mode if available
Make sure ibmca_init only runs once
Provide simple macro for DEBUG_PRINTF possibility
Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
* openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
* openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
* openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
* Fri Aug 31 2018 mpost@suse.com
- Added the following patches for bsc#1097463
* openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
* openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
* openssl-ibmca-sles15-Update-lib-name-in-documentation.patch
* Fri Sep 22 2017 mpost@suse.com
- Upgraded to version 1.4.0
* Re-license to Apache License v2.0
* Fix aes_gcm initialization.
* Update man page.
* Add macros for OpenSSL 0.9.8 compat.
* Remove AC_FUNC_MALLOC from configure.ac
* Add compat macro for OpenSSL 1.0.1e-fips.
* Setting 'foreign' strictness for automake.
* Add AES-GCM support.
* Rework EVP_aes macros.
* Remove dependency of old local OpenSSL headers.
* Fix engine initialization to set function pointers only once.
* Remove blank COPYING and NEWS files.
* Remove INSTALL and move its content to README.md
* Update README.md file to make use of markdown.
* Rename README file to README.md to use markdown
* Add CONTRIBUTING guidelines.
* Adding coding style documentation.
* Enable EVP_MD_FLAG_FIPS flag for SHA-*.
* Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
* Fix SHA512 EVP digest struct to use
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
* Fix wrong parenthesis
* convert libica loading to dlopen() and friends
* Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1
* Fri Sep 22 2017 mpost@suse.com
- Now that the openSSL engines directory is versioned:
* Modified the spec file to query the libcrypto package
for which directory to install the engine into.
* Removed openssl-ibmca-fix-enginepath.patch. Replaced it
with a sed command so that it will provide the correct
versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
be needed any longer.
* Tue Apr 11 2017 mpost@suse.com
- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
same reason.
- Tweaked a comment to get rid of an rpmlint warning message.
* Thu Oct 13 2016 meissner@suse.com
- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path
* Wed Apr 06 2016 mpluskal@suse.com
- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner
* Thu Mar 31 2016 mpost@suse.com
- Upgraded to version 1.3.0 (fate#319941)
- Updated openssl-ibmca-configure.patch to apply cleanly
- Removed obsolete patches
- openssl-ibmca-README.patch
- openssl-ibmca-sha256-digest-length.patch
- openssl-pkey.patch
- openssl-des-ede.patch
- Did some spec file cleanup.
* Mon Mar 21 2016 jjolly@suse.com
- Fixed %post script to update library path (the only dynamic part
of the ibmca configuration) every time the package is installed.
(bsc#966139)
* Tue Oct 27 2015 jjolly@suse.com
- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)
* Tue Oct 27 2015 jjolly@suse.com
- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)
* Sun Mar 08 2015 p.drouand@gmail.com
- Remove dependency on fillup anf insserv; the package provides
neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch
* Wed Dec 03 2014 meissner@suse.com
- the openssl engines moved to /%_lib/engines bnc#905480
/usr/lib64/engines-3/ibmca-provider.la /usr/lib64/engines-3/ibmca-provider.so /usr/lib64/engines-3/ibmca.so /usr/share/doc/packages/openssl3-ibmca /usr/share/doc/packages/openssl3-ibmca/ChangeLog /usr/share/doc/packages/openssl3-ibmca/README.md /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig /usr/share/doc/packages/openssl3-ibmca/openssl.cnf.sample /usr/share/licenses/openssl3-ibmca /usr/share/licenses/openssl3-ibmca/LICENSE /usr/share/man/man5/openssl3-ibmca-provider.5.gz /usr/share/man/man5/openssl3-ibmca.5.gz /usr/share/openssl3-ibmca /usr/share/openssl3-ibmca/openssl-ibmca.enginedef.cnf /usr/share/openssl3-ibmca/openssl-ibmca.sectiondef.txt
Generated by rpm2html 1.8.1
Fabrice Bellet, Sun Mar 9 15:18:49 2025