------------------------------------------------------------------- Fri Jan 19 10:43:16 UTC 2024 - Otto Hollmann - Add support for OpenSSL 3.x: Add libp11-configure-treat-all-openssl-3.x-releases-the-same.patch ------------------------------------------------------------------- Wed Sep 27 09:58:37 UTC 2023 - Otto Hollmann - Replace openssl-ibmpkcs11 with openssl-engine-libp11 (jsc#PED-3327) Add Obsoletes: openssl-ibmpkcs11 <= 1.0.1 and Provides: openssl-ibmpkcs11 = 1.0.1 ------------------------------------------------------------------- Tue Jun 6 12:24:11 UTC 2023 - Dominique Leuenberger - Add support for openSSL 3.1: + Add libp11-openssl-3.1.patch: handle openSSL 3.1 the same as 3.0 + Add libtool BuildRequires and call autoreconf: abobe patch touches the build system. + Add baselibs.conf ------------------------------------------------------------------- Mon Feb 6 10:41:29 UTC 2023 - Dominique Leuenberger - Fix build against openSSL 3. ------------------------------------------------------------------- Mon Oct 17 01:22:26 UTC 2022 - Jason Sikes - Update to 0.4.12: * Fixed using an explicitly provided PIN regardless of the secure login flag (Alon Bar-Lev) * Fixed RSA_PKCS1_PADDING handling (Michał Trojnara) * Fixed a crash on LLP64, including 64-bit Windows (Małgorzata Olszówka) * Fixed searching objects when both ID and label are specified (minfrin) * Fixed the OAEP "source" parameter (S-P Chan) * Fixed object searching by label (Michał Trojnara) * Fixed thread safety in slot enumeration (Michał Trojnara) * Fixed storing certificates on tokens (Mateusz Kwiatkowski) * Fixed several memory leaks (Michał Trojnara, Jakub Jelen, Timo Teräs) * Fixed OpenSSL 3.0 compatibility (Jakub Jelen) * Fixed LibreSSL compatibility (orbea, patchMonkey156) * Major concurrency improvements and refactoring (Timo Teräs) * Added re-numeration of slots as an engine control command (Markus Koetter) * Added the PKCS11_update_slots() API function (Timo Teräs) * Added support for the SHA3 hash function (alegon01) * Added a self-test for engine RSA operations (Uri Blumenthal) ------------------------------------------------------------------- Thu Nov 26 12:00:19 UTC 2020 - Dirk Mueller - update to 0.4.11: * Fixed "EVP_PKEY_derive:buffer too small" EC errors (Luka Logar) * Fixed various memory leaks (Mateusz Kwiatkowski) * Fixed Windows VERSIONINFO (Pavol Misik) * Fixed builds with OpenSSL older than 1.0.2 (Michał Trojnara) * Fixed a double free in EVP_PKEY_meth_free() (Mikhail Durnev) * Added CKA_VALUE_LEN to EC key derivation template (Michał Trojnara) * Fixed handling keys without label attribute (efternavn) * Updated the tests (Anderson Toshiyuki Sasaki) * Made ECDH-derived keys extractable (Bent Bisballe Nyeng) * Added support for pin-source within PKCS#11 URI (Stanislav Levin) * Improved LibreSSL compatibility (patchMonkey156) * Fixed handling RSA private keys in BIND (Stanislav Levin) * Added macOS testing support (Stanislav Levin) * Fixed engine object search algorithm (Anderson Toshiyuki Sasaki) ------------------------------------------------------------------- Tue Oct 22 04:23:31 UTC 2019 - Jason Sikes - Update to version 0.4.10: * Added EC signing through EVP API * Added an empty EC private key required by OpenSSL 1.1.1 * Stored additional certificate attributes * Engine allowed to use private keys without a PIN * Lazy binding used as a workaround for buggy modules * MinGW build fixes and documentation * LibreSSL 2.8.3 build fixes * Error handling fixes ------------------------------------------------------------------- Tue Mar 12 16:15:22 UTC 2019 - Marketa Calabkova - Add p11-kit-devel to BuildRequires (boo#1122413) ------------------------------------------------------------------- Tue Jan 29 22:44:39 UTC 2019 - Stanislav Brabec - Update to version 0.4.9: * Fix EVP_PKEY ENGINE reference count with the EC EVP_PKEY_METHOD. * Fix a leak of RSA object in pkcs11_store_key() * Add atfork checks for RSA and EC_KEY method * RSA key generation on the token * PSS signature support * RSA-OAEP and RSA-PKCS encryption support * Engine no longer set as default for all methods * Add PKCS11_remove_key and PKCS11_remove_certificate * Add PKCS11_find_next_token interface * Add support for OpenSSL 1.1.1 beta * Remove support for OpenSSL 0.9.8 * Case insensitive PKCS#11 URI scheme * Testing framework improvements * Coverity scanning and defect fixes * Backward compatibility for new error handling introduced in libp11 0.4.7 * Memory leak fixes * Add an integer overflow protection * Several bugfixes ------------------------------------------------------------------- Wed Jan 17 11:31:42 UTC 2018 - dimstar@opensuse.org - Conditionalize libname to libp11-2 for suse_version < 1500 (using openssl 1.0) / libp11-3 for suse_version >= 1500 (using openssl 1.1). - Create baselibs.conf dynamically, since the library name can be different. Drop the static baselibs.conf. ------------------------------------------------------------------- Wed Jul 19 12:41:16 UTC 2017 - jengelh@inai.de - Remove --with-pic which is only for static libs. ------------------------------------------------------------------- Mon Jul 17 09:18:06 UTC 2017 - tchvatal@suse.com - Version update to 0.4.7: * Added OpenSSL-style engine error reporting (Michał Trojnara) * Added the FORCE_LOGIN engine ctrl command (Michał Trojnara) * Implemented the QUIET engine ctrl command (Michał Trojnara) * Modified CKU_CONTEXT_SPECIFIC PIN requests to be based on the CKA_ALWAYS_AUTHENTICATE attribute rather than the CKR_USER_NOT_LOGGED_IN error (Michał Trojnara) * Fixed printing hex values (Michał Trojnara) * Fixed build error with OPENSSL_NO_EC (Kai Kang) ------------------------------------------------------------------- Fri Jun 23 14:52:22 UTC 2017 - mpluskal@suse.com - Update to verion 0.4.6 * For full list of changes since version 0.3.0 see NEWS - Create openssl-engine-libp11 subpackage - Add gpg signature ------------------------------------------------------------------- Wed Dec 2 00:18:59 UTC 2015 - p.drouand@gmail.com - Update to version 0.3.0 * Added small test suite based on softhsm (run on make check) * Memory leak fixes * On module initialization tell the module that the OS locking primitives are OK to use * Transparently handle applications that fork. That is call C_Initialize() and reopen any handles if a fork is detected. * Eliminated any hard coded limits for certificate size * Added support for ECDSA * Allow RSA_NO_PADDING padding mode in PKCS11_private_encrypt * Eliminated several hard-coded limits in parameter sizes. - Update project and download Urls ------------------------------------------------------------------- Tue Sep 25 17:00:26 CEST 2012 - sbrabec@suse.cz - Update to version 0.2.8: * Bumped soname for PKCS11_token struct size changes. * Display the number of available slots. * Expose more token flags in PKCS11_token structure. * Check that private data is not NULL in pkcs11_release_slot. ------------------------------------------------------------------- Sun Nov 20 06:13:41 UTC 2011 - coolo@suse.com - add libtool as buildrequire to avoid implicit dependency ------------------------------------------------------------------- Tue Jan 11 18:46:59 CET 2011 - sbrabec@suse.cz - Updated to version 0.2.7: * Ignore CKR_CRYPTOKI_ALREADY_INITIALIZED while initializing. ------------------------------------------------------------------- Mon Feb 1 11:47:39 UTC 2010 - jengelh@medozas.de - Package baselibs.conf ------------------------------------------------------------------- Wed Aug 5 14:05:01 CEST 2009 - sbrabec@suse.cz - Updated to version 0.2.6: * Add new symbol to export file. * Add function to export the slot id. * Increase library version because of the new function. ------------------------------------------------------------------- Wed Apr 8 18:44:53 CEST 2009 - sbrabec@suse.cz - Don't call autoreconf on older products. ------------------------------------------------------------------- Tue Sep 2 18:04:03 CEST 2008 - sbrabec@suse.cz - Call autoreconf to build correctly with new libtool. ------------------------------------------------------------------- Tue Sep 2 11:39:55 CEST 2008 - crrodriguez@suse.de - fix build, doxygen required. - kill ".la" files and static libraries - fix -devel package requires ------------------------------------------------------------------- Tue Aug 19 14:53:13 CEST 2008 - sbrabec@suse.cz - Updated to version 0.2.4: * Build system rewritten * added PKCS11_CTX_init_args * fix segfault in init_args code * implemented PKCS11_private_encrypt - Fixed incorrect API. - Fixed x86_64 issues. ------------------------------------------------------------------- Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support ------------------------------------------------------------------- Mon Jul 30 00:53:34 CEST 2007 - ro@suse.de - provide old name ------------------------------------------------------------------- Wed Jul 25 16:40:27 CEST 2007 - sbrabec@suse.cz - Updated to version 0.2.3: * update wiki export script. * replaced rsa header files from rsalabs (official) with scute (open source). * allow CKR_USER_ALREADY_LOGGED_IN on C_Login. * mark internal functions as static. * add code to store public keys and generate keys. - Name package according to shared library packaging policy. ------------------------------------------------------------------- Fri Mar 30 01:45:07 CEST 2007 - ro@suse.de - added zlib-devel to buildreq ------------------------------------------------------------------- Tue Oct 3 17:50:13 CEST 2006 - sbrabec@suse.cz - Updated to version 0.2.2: * bug fixes * code cleanup ------------------------------------------------------------------- Fri May 12 17:17:16 CEST 2006 - sbrabec@suse.cz - New SuSE package, version 0.2.1.