Commit Graph

117 Commits

Author SHA256 Message Date
Mark Post
7994780419 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=66 2022-09-14 18:38:25 +00:00
Mark Post
8b1c8f3d36 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=65 2022-09-14 18:37:50 +00:00
Dominique Leuenberger
fe5938cdc1 Accepting request 926840 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/926840
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=23
2021-10-22 22:51:07 +00:00
Mark Post
1688a137e6 Accepting request 926839 from home:markkp:branches:devel:openSUSE:Factory
- Upgrade to version 3.9.0 (jsc#SLE-18454, jsc#SLE-18564)
  - [FEATURE] Add support for OpenSSL 3.0
  - [FEATURE] icainfo: new parm -c to display available EC curves
- Replaced the obsolete PreReq: %fillup_prereq
  with                  Requires(post): %fillup_prereq
  in the spec file.

OBS-URL: https://build.opensuse.org/request/show/926839
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=61
2021-10-21 22:12:18 +00:00
Dominique Leuenberger
6875eb5be8 Accepting request 903102 from devel:openSUSE:Factory
- Update to version 3.8.0 (jsc#SLE-18334)
  - [FEATURE] provide libica-cex module to satisfy special security requirements
  - [FEATURE] FIPS: enforce the HMAC check
- Remove upstreamed patches:
   - libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
   - libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
   - libica-sles15sp2-Zeroize-local-variables.patch
- Remove patches obsoleted by upstrea developent:
   * FIPS: Find libica from phdrs.
     - libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
   * FIPS: enforce the hmac check
     - libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
- Fix up tests and hmac generation
   + libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
- Remove obsolete attributes from filelists

OBS-URL: https://build.opensuse.org/request/show/903102
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=22
2021-07-01 05:05:32 +00:00
Mark Post
479816679c OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=60 2021-06-29 14:47:34 +00:00
Mark Post
6d7a36bc5c OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=59 2021-06-29 14:47:22 +00:00
Mark Post
70e82f26c0 Accepting request 902188 from home:michals
- Update to version 3.8.0 (jsc#SLE-18334)
  - [FEATURE] provide libica-cex module to satisfy special security requirements
  - [FEATURE] FIPS: enforce the HMAC check
- Remove upstreamed patches:
   - libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
   - libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
   - libica-sles15sp2-Zeroize-local-variables.patch
- Remove patches obsoleted by upstrea developent:
   * FIPS: Find libica from phdrs.
     - libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
   * FIPS: enforce the hmac check
     - libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
- Fix up tests and hmac generation
   + libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
- Remove obsolete attributes from filelists

OBS-URL: https://build.opensuse.org/request/show/902188
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=58
2021-06-29 12:41:58 +00:00
Dominique Leuenberger
69daba3091 Accepting request 836417 from devel:openSUSE:Factory
- Upgraded to version 3.7.0 (jsc#SLE-13708)

Changed Jira reference to the Epic and not the Team task.

OBS-URL: https://build.opensuse.org/request/show/836417
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=21
2020-09-25 14:33:42 +00:00
Mark Post
bcc02ff1dc OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=56 2020-09-23 21:38:58 +00:00
Mark Post
ad38d78d79 - Upgraded to version 3.7.0 (jsc#SLE-13708)
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=55
2020-09-23 21:37:51 +00:00
Dominique Leuenberger
d3aee5742a Accepting request 835924 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/835924
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=20
2020-09-22 19:12:27 +00:00
Mark Post
332d6ae426 Accepting request 835923 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0 (jsc#SLE-14466)
  * Version 3.7.0
    - [FEATURE] FIPS: Add HMAC based library integrity check
    - [PATCH] icainfo: bugfix for RSA and EC related info for software column.
    - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests
    - [PATCH] FIPS: Fix DES and TDES key length
    - [PATCH] icastats: Fix stats counter format
  * Version 3.6.1
    - [PATCH] Fix x25519 and x448 handling of non-canonical values
- Removed the following obsolete patches
  * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
  * libica-sles15sp2-Build-with-pthread-flag.patch
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
- Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
  * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
  * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
- Fix FIPS hmac check (bsc#1175356).
  * Update FIPS support to upstream
    - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
      from upstream.
    - Add libica-sles15sp2-Build-with-pthread-flag.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
    - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
  * FIPS check should fail when hmac is missing
    - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
  * Fix hmac key format. It should be hexadecimal, not ASCII
    - Refresh libica-sles15sp2-FIPS-hmac-key.patch
- Fix Some internal variables used to store sensitive information
  (keys) were not zeroized before returning to the calling application.
  (bsc#1175357)
  * Added libica-sles15sp2-Zeroize-local-variables.patch
- Updated libica-rpmlintrc to eliminate the warning about the HMAC file
  being a hidden file. It is supposed to be hidden.
- Added the following patches for FIPS certification (bsc#1162533)
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-hmac-key.patch
- Added a BuildRequires for the fipscheck package.
- Made a couple of changes to the spec file based upon recommendations
  by spec-cleaner.
- Added the following patches for FIPS certification.
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
    (bsc#1166071) Although a DES key has only 56 effective bits,
     all 64 bits must be considered, because the parity bits are
     spread over all 8 bytes of the key.
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
    (bsc#1166210) FIPS tests require the output iv to be the iv
    resulting from decrypting the last block with a zero iv as input.
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
    (bsc#1166224) The output from icainfo never shows 'yes' for
    RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
    due to the missing ICA_FLAG_SW flag in the icaList.
- Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  (bsc#1156768)
- Upgraded to version 3.6.0 (jsc#SLE-7584)
  * [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448
- Upgraded to version 3.5.0 (Fate#327840)
  - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify
- Reworked how libica-tools loads and unloads kernel modules to
  avoid spurious error messages (bsc#1134004):
  * Converted the boot.z90crypt sysV init script to a systemd unit
  file.
  * Removed any references to insserv in the spec file.
  * Updated the z90crypt script itself to properly load and unload
  the kernel modules as they exist today.
  * Eliminated the obsolete libica-SuSE.tar.bz2 archive.
- Updated the README.SUSE file to reflect the change from sysV init
  style script to systemd.
- Made numerous changes to the spec file, based on the output from
  the spec-cleaner command.
- Run testsuite during build
- Upgraded to version 3.4.0 (Fate#325690)
  * v3.4.0
    [FEATURE] Add SHA-512/224 and SHA-512/256 support
- Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch
- Made numerous updates to spec file based on spec-cleanup run.
- Upgraded to version 3.3.3 (Fate#325690)
  * v3.3.3
    [PATCH] Various bug fixes
  * v3.3.2
    [PATCH] Skip ECC tests if required HW is not available
    [PATCH] Update spec file
  * v3.3.1
    [PATCH] Fix configure.ac to honour CFLAGS
  * v3.3.0
    [FEATURE] Add CEX supported elliptic-curve crypto interfaces
    [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
    [FEATURE] Add interface to enable/disable SW fallbacks
    [FEATURE] Add 'make check' target, test-suite rework
  * v3.2.1
    [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
    [PATCH] Various bug fixes.
- Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Made multiple changes to the spec file based on the output of
  spec-cleaner
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).
- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)
- Added "--enable-fips" to the %configure parms (Fate#324115)
- Upgraded to version 3.2 (Fate#321517)
  * v3.2.0
    [FEATURE] New AES-GCM interface.
    [UPDATE] Add symbol versioning.
  * v3.1.1
    [PATCH] Various bug fixes related to old and new AES-GCM implementations.
    [UPDATE] Add SHA3 test cases. Improved and extended test suite.
  * v3.1.0
    [FEATURE] Add KMA support for AES-GCM.
    [FEATURE] Add SHA-3 support.
    [PATCH] Reject RSA keys with invalid key-length.
    [PATCH] Allow zero output length for ica_random_number_generate.
    [PATCH] icastats: Correct owner of shared segment when root creates it.
  * Removed the following obsolete patches:
    libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    libica-3.0.2-03-fix-aes-ctr.patch
    libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
  - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- baselibs.conf doesn't need any additional provides/conflicts for
  libica3.
- Update baselibs.conf with proper name for library package name,
  stop providing/obsoleting libica-2_1_0/libica-2_3-0.
- Upgraded to version 3.0.2 (Fate#322025).
  - v3.0.2
    - Fix locking callbacks for openSSL APIs.
  - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
  - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
- Removed the following obsolete patches:
  - fix-initialization-of-s390-hardware-switches-1.patch
  - fix-initialization-of-s390-hardware-switches-2.patch
  - fix-msa-level-detection.patch
  - fix-segfault-during-multithread-keygen.patch
  - rng-performance.patch
- Made the following packaging changes:
  - Implemented the shared library packaging guidelines.
  - Consolidated double invocation of %setup into just one.
  - Dropped redundant %ifarch, the package is already ExclusiveArch.
  - Updated descriptions.
- Added an libica-rpmlintrc file.
- Added the following two patches:
  - fix-segfault-during-multithread-keygen.patch (bsc#991485)
  - fix-msa-level-detection.patch (bsc#1010927)
- Added rng-performance.patch (bsc#990850).
- Updated baselibs.conf to obsolete prior versions of the 32bit
  package. (bsc#983897):
   provides "libica-<targettype> = <version>"
   obsoletes "libica-<targettype> < <version>"
   provides "libica-2_1_0-<targettype> = <version>"
   obsoletes "libica-2_1_0-<targettype> < <version>"
   provides "libica-2_3_0-<targettype> = <version>"
   obsoletes "libica-2_3_0-<targettype> < <version>"
- Added fix-initialization-of-s390-hardware-switches-1.patch and
  fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
- Upgraded to version 2.6.2 (FATE#319610).
- Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
  naming standards.
- Found the original location of the icaioctl.h file and downloaded
  it to replace what we had previously.
- Removed the unnecessary libica2.la file
- Removed unnecessary Requires for glibc-devel
- Added Requires libica2 to the -devel package
- Converted call to configure to %configure macro
- Removed obsolete and unnecessary INSROOT and bindir parameters
  from the make install command
- Add Provides/Obsoletes for libica-2_3_0 so that the package from
  SLE12 GA is replaced (bsc#953096).
- move the .so file to the mainpackage, the openssl-ibmca engine
  will only load "libica.so" (bsc#952871)
- Update to libica v2.4.2 (FATE#318035)
- Removed outdated libica-aes_ccm-31-bit-compatibility.patch
- Moved init script into libica-SuSE.tar.bz2 archive
- sanitize release line in specfile
- Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root
- Removed libica-SuSE.tar.bz2
- z90crypt now starts and stops ap kernel module (bnc#888943)
- libica-aes_ccm-31-bit-compatibility.patch: AES_CCM:
  fixed 64/31 bit compatibility
- add obsoletes and provides for older libica versions 
- update to 2.3.0 (fate#315342) 
- obsolete/upstreamed patches:
  libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch
  libica-2_1_0-msa4-extension.patch
  libica-2_1_0-synchronize_shared_memory_ref_counting.patch
- Added COPYING to %files
- Fixed build dependency errors by requiring autoconf, automake
  and libtool
- Changed license to CPL-1.0
- Created devel package
- Support for MSA4 extension (bnc#794518, fate#314078)
- synchronize shared memory reference counting for library
  statistics (bnc#719659)
- fix temporary buffer allocation in ica_get_version() (bnc#719660)
- update -> 2.1.0 (fate#311914)
- Moved icainfo into /usr/bin (bnc#448643)
- obsolete old -XXbit packages (bnc#437293)
- fix build on all platforms 
- Added CPL license to include/z90crypt.h, removed GPL reference
  (This patch is upstream)
- Changed package name to libica-1_3_9 to conform to rpmlint
  requirements. (bnc#433432)
- Removed soname filter for rpmlint
- Several RPM fixes to help satisfy rpmlint
- Updated to libica 1.3.9
- added baselibs.conf file to build xxbit packages
  for multilib support
- remove inclusion of linux/config.h
- z90crypt: handle errors (bug #247799)
- Add gcc-c++ to BuildRequires.
- fix build for the rest of platforms 
- Update to libica 1.3.7 (#160036 - LTC22571)
- Increasing # of open handles with symmetric crypto support
  (#165323 - LTC23095)
- converted neededforbuild to BuildRequires
- include string.h and unistd.h in icalinux.c 
- Port package from SLES9 SP3
- Update to libica 1.3.6-rc3.
- Close all filehandles (#130060 - LTC19221).
- downgrade to libica 1.3.6-rc2 (contains AES software fallback,
  bug #117336)
- Update to libica 1.3.6 (#117336)
- fix implicit declaration 
- Changing the default value from 0 to -1 in rcz90crypt (#114371) 
- Finally fix 'reload' messages (#81824 - LTC15733).
- Fix sigill patch.
- Remove printf output from sigill patch (#81829 - LTC15731).
- Use correct default value for z90crypt (#81825 - LTC15732).
- Fix messages for 'reload' (#81824 - LTC15733).
- Fixed SIGILL on z900 (#46422).
- Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005).
- Fix module loading error (#42006).
- Add sysconfig variable to set the 'domain' parameter (#42005).
- update -> 1.3.5-3 (bug #42122)
- Update README.SuSE and correct name as well
- Use modprobe instead of insmod and fix module load error(#40526)
- Fix error checking for no hardware found case and hw error on load
- Update Readme again for the correct name (SUSE LINUX Server).
- Moved README.SuSE to README.SUSE.
- Update Readme to refer to the correct name (SUSE Linux Server).
- Update to 1.3.5-2 (#38511, #39693).
- Update Readme to refer to SUSE Linux Server instead of
  SuSE Linux Enterprise Server.
- Update to 1.3.5
- export CFLAGS & CPPFLAGS for configure
- Exclude S/390-specific files for other archs (#37183) 
- add "-I./include" to CFLAGS and use RPM_OPT_FLAGS
- fix build
- build as user
- update to 1.3.4
- update to 1.3.2
- update to 1.3.1:
  now supports DES, TDES and SHA, as well as RSA.
- throw libica.patch away, since autoversion and Makefile.am have
  similar changes now, and the renaming from _LINUX_S390_ to
  __s390__ is not really necessary
- use %defattr
- checked that icaioctl.h is still current
- dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone
  open source meanwhile and comes with the kernel sources
- added documentation how to set up crypto hardware support,
  esp. S/390 and zSeries. (#16011, #22056)
- upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5
  actually work. (#20737)
- Correct PreReq
- fixed src/Makefile.am and ugly ./autoversion to honor %_lib and
  to build on non-s390
- updated to current libica
- hacked in icaioctl.h for build, 'til we have the module in the
  kernel.
- add %run_ldconfig
- fix for current automake/autoconf
- removed old fillup-template and START_ variable 
- modified etc/init.d/z90crypt-script to report result at start.
- Added openssl to #neededforbuild, which is needed in addition to
  openssl-devel
- initial version

OBS-URL: https://build.opensuse.org/request/show/835923
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=53
2020-09-21 20:11:08 +00:00
Mark Post
1930ff00ed Accepting request 835915 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0 (jsc#14466)
  * Version 3.7.0
    - [FEATURE] FIPS: Add HMAC based library integrity check
    - [PATCH] icainfo: bugfix for RSA and EC related info for software column.
    - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests
    - [PATCH] FIPS: Fix DES and TDES key length
    - [PATCH] icastats: Fix stats counter format
  * Version 3.6.1
    - [PATCH] Fix x25519 and x448 handling of non-canonical values
- Removed the following obsolete patches
  * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
  * libica-sles15sp2-Build-with-pthread-flag.patch
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
- Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
  * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
  * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
- Fix FIPS hmac check (bsc#1175356).
  * Update FIPS support to upstream
    - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
      from upstream.
    - Add libica-sles15sp2-Build-with-pthread-flag.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
    - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
  * FIPS check should fail when hmac is missing
    - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
  * Fix hmac key format. It should be hexadecimal, not ASCII
    - Refresh libica-sles15sp2-FIPS-hmac-key.patch
- Fix Some internal variables used to store sensitive information
  (keys) were not zeroized before returning to the calling application.
  (bsc#1175357)
  * Added libica-sles15sp2-Zeroize-local-variables.patch
- Updated libica-rpmlintrc to eliminate the warning about the HMAC file
  being a hidden file. It is supposed to be hidden.
- Added the following patches for FIPS certification (bsc#1162533)
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-hmac-key.patch
- Added a BuildRequires for the fipscheck package.
- Made a couple of changes to the spec file based upon recommendations
  by spec-cleaner.
- Added the following patches for FIPS certification.
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
    (bsc#1166071) Although a DES key has only 56 effective bits,
     all 64 bits must be considered, because the parity bits are
     spread over all 8 bytes of the key.
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
    (bsc#1166210) FIPS tests require the output iv to be the iv
    resulting from decrypting the last block with a zero iv as input.
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
    (bsc#1166224) The output from icainfo never shows 'yes' for
    RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
    due to the missing ICA_FLAG_SW flag in the icaList.
- Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  (bsc#1156768)
- Upgraded to version 3.6.0 (jsc#SLE-7584)
  * [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448
- Upgraded to version 3.5.0 (Fate#327840)
  - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify
- Reworked how libica-tools loads and unloads kernel modules to
  avoid spurious error messages (bsc#1134004):
  * Converted the boot.z90crypt sysV init script to a systemd unit
  file.
  * Removed any references to insserv in the spec file.
  * Updated the z90crypt script itself to properly load and unload
  the kernel modules as they exist today.
  * Eliminated the obsolete libica-SuSE.tar.bz2 archive.
- Updated the README.SUSE file to reflect the change from sysV init
  style script to systemd.
- Made numerous changes to the spec file, based on the output from
  the spec-cleaner command.
- Run testsuite during build
- Upgraded to version 3.4.0 (Fate#325690)
  * v3.4.0
    [FEATURE] Add SHA-512/224 and SHA-512/256 support
- Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch
- Made numerous updates to spec file based on spec-cleanup run.
- Upgraded to version 3.3.3 (Fate#325690)
  * v3.3.3
    [PATCH] Various bug fixes
  * v3.3.2
    [PATCH] Skip ECC tests if required HW is not available
    [PATCH] Update spec file
  * v3.3.1
    [PATCH] Fix configure.ac to honour CFLAGS
  * v3.3.0
    [FEATURE] Add CEX supported elliptic-curve crypto interfaces
    [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
    [FEATURE] Add interface to enable/disable SW fallbacks
    [FEATURE] Add 'make check' target, test-suite rework
  * v3.2.1
    [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
    [PATCH] Various bug fixes.
- Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Made multiple changes to the spec file based on the output of
  spec-cleaner
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).
- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)
- Added "--enable-fips" to the %configure parms (Fate#324115)
- Upgraded to version 3.2 (Fate#321517)
  * v3.2.0
    [FEATURE] New AES-GCM interface.
    [UPDATE] Add symbol versioning.
  * v3.1.1
    [PATCH] Various bug fixes related to old and new AES-GCM implementations.
    [UPDATE] Add SHA3 test cases. Improved and extended test suite.
  * v3.1.0
    [FEATURE] Add KMA support for AES-GCM.
    [FEATURE] Add SHA-3 support.
    [PATCH] Reject RSA keys with invalid key-length.
    [PATCH] Allow zero output length for ica_random_number_generate.
    [PATCH] icastats: Correct owner of shared segment when root creates it.
  * Removed the following obsolete patches:
    libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    libica-3.0.2-03-fix-aes-ctr.patch
    libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
  - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- baselibs.conf doesn't need any additional provides/conflicts for
  libica3.
- Update baselibs.conf with proper name for library package name,
  stop providing/obsoleting libica-2_1_0/libica-2_3-0.
- Upgraded to version 3.0.2 (Fate#322025).
  - v3.0.2
    - Fix locking callbacks for openSSL APIs.
  - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
  - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
- Removed the following obsolete patches:
  - fix-initialization-of-s390-hardware-switches-1.patch
  - fix-initialization-of-s390-hardware-switches-2.patch
  - fix-msa-level-detection.patch
  - fix-segfault-during-multithread-keygen.patch
  - rng-performance.patch
- Made the following packaging changes:
  - Implemented the shared library packaging guidelines.
  - Consolidated double invocation of %setup into just one.
  - Dropped redundant %ifarch, the package is already ExclusiveArch.
  - Updated descriptions.
- Added an libica-rpmlintrc file.
- Added the following two patches:
  - fix-segfault-during-multithread-keygen.patch (bsc#991485)
  - fix-msa-level-detection.patch (bsc#1010927)
- Added rng-performance.patch (bsc#990850).
- Updated baselibs.conf to obsolete prior versions of the 32bit
  package. (bsc#983897):
   provides "libica-<targettype> = <version>"
   obsoletes "libica-<targettype> < <version>"
   provides "libica-2_1_0-<targettype> = <version>"
   obsoletes "libica-2_1_0-<targettype> < <version>"
   provides "libica-2_3_0-<targettype> = <version>"
   obsoletes "libica-2_3_0-<targettype> < <version>"
- Added fix-initialization-of-s390-hardware-switches-1.patch and
  fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
- Upgraded to version 2.6.2 (FATE#319610).
- Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
  naming standards.
- Found the original location of the icaioctl.h file and downloaded
  it to replace what we had previously.
- Removed the unnecessary libica2.la file
- Removed unnecessary Requires for glibc-devel
- Added Requires libica2 to the -devel package
- Converted call to configure to %configure macro
- Removed obsolete and unnecessary INSROOT and bindir parameters
  from the make install command
- Add Provides/Obsoletes for libica-2_3_0 so that the package from
  SLE12 GA is replaced (bsc#953096).
- move the .so file to the mainpackage, the openssl-ibmca engine
  will only load "libica.so" (bsc#952871)
- Update to libica v2.4.2 (FATE#318035)
- Removed outdated libica-aes_ccm-31-bit-compatibility.patch
- Moved init script into libica-SuSE.tar.bz2 archive
- sanitize release line in specfile
- Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root
- Removed libica-SuSE.tar.bz2
- z90crypt now starts and stops ap kernel module (bnc#888943)
- libica-aes_ccm-31-bit-compatibility.patch: AES_CCM:
  fixed 64/31 bit compatibility
- add obsoletes and provides for older libica versions 
- update to 2.3.0 (fate#315342) 
- obsolete/upstreamed patches:
  libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch
  libica-2_1_0-msa4-extension.patch
  libica-2_1_0-synchronize_shared_memory_ref_counting.patch
- Added COPYING to %files
- Fixed build dependency errors by requiring autoconf, automake
  and libtool
- Changed license to CPL-1.0
- Created devel package
- Support for MSA4 extension (bnc#794518, fate#314078)
- synchronize shared memory reference counting for library
  statistics (bnc#719659)
- fix temporary buffer allocation in ica_get_version() (bnc#719660)
- update -> 2.1.0 (fate#311914)
- Moved icainfo into /usr/bin (bnc#448643)
- obsolete old -XXbit packages (bnc#437293)
- fix build on all platforms 
- Added CPL license to include/z90crypt.h, removed GPL reference
  (This patch is upstream)
- Changed package name to libica-1_3_9 to conform to rpmlint
  requirements. (bnc#433432)
- Removed soname filter for rpmlint
- Several RPM fixes to help satisfy rpmlint
- Updated to libica 1.3.9
- added baselibs.conf file to build xxbit packages
  for multilib support
- remove inclusion of linux/config.h
- z90crypt: handle errors (bug #247799)
- Add gcc-c++ to BuildRequires.
- fix build for the rest of platforms 
- Update to libica 1.3.7 (#160036 - LTC22571)
- Increasing # of open handles with symmetric crypto support
  (#165323 - LTC23095)
- converted neededforbuild to BuildRequires
- include string.h and unistd.h in icalinux.c 
- Port package from SLES9 SP3
- Update to libica 1.3.6-rc3.
- Close all filehandles (#130060 - LTC19221).
- downgrade to libica 1.3.6-rc2 (contains AES software fallback,
  bug #117336)
- Update to libica 1.3.6 (#117336)
- fix implicit declaration 
- Changing the default value from 0 to -1 in rcz90crypt (#114371) 
- Finally fix 'reload' messages (#81824 - LTC15733).
- Fix sigill patch.
- Remove printf output from sigill patch (#81829 - LTC15731).
- Use correct default value for z90crypt (#81825 - LTC15732).
- Fix messages for 'reload' (#81824 - LTC15733).
- Fixed SIGILL on z900 (#46422).
- Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005).
- Fix module loading error (#42006).
- Add sysconfig variable to set the 'domain' parameter (#42005).
- update -> 1.3.5-3 (bug #42122)
- Update README.SuSE and correct name as well
- Use modprobe instead of insmod and fix module load error(#40526)
- Fix error checking for no hardware found case and hw error on load
- Update Readme again for the correct name (SUSE LINUX Server).
- Moved README.SuSE to README.SUSE.
- Update Readme to refer to the correct name (SUSE Linux Server).
- Update to 1.3.5-2 (#38511, #39693).
- Update Readme to refer to SUSE Linux Server instead of
  SuSE Linux Enterprise Server.
- Update to 1.3.5
- export CFLAGS & CPPFLAGS for configure
- Exclude S/390-specific files for other archs (#37183) 
- add "-I./include" to CFLAGS and use RPM_OPT_FLAGS
- fix build
- build as user
- update to 1.3.4
- update to 1.3.2
- update to 1.3.1:
  now supports DES, TDES and SHA, as well as RSA.
- throw libica.patch away, since autoversion and Makefile.am have
  similar changes now, and the renaming from _LINUX_S390_ to
  __s390__ is not really necessary
- use %defattr
- checked that icaioctl.h is still current
- dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone
  open source meanwhile and comes with the kernel sources
- added documentation how to set up crypto hardware support,
  esp. S/390 and zSeries. (#16011, #22056)
- upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5
  actually work. (#20737)
- Correct PreReq
- fixed src/Makefile.am and ugly ./autoversion to honor %_lib and
  to build on non-s390
- updated to current libica
- hacked in icaioctl.h for build, 'til we have the module in the
  kernel.
- add %run_ldconfig
- fix for current automake/autoconf
- removed old fillup-template and START_ variable 
- modified etc/init.d/z90crypt-script to report result at start.
- Added openssl to #neededforbuild, which is needed in addition to
  openssl-devel
- initial version

OBS-URL: https://build.opensuse.org/request/show/835915
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=52
2020-09-21 19:51:51 +00:00
Mark Post
3c631b9647 Accepting request 835912 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0
  * Version 3.7.0
    - [FEATURE] FIPS: Add HMAC based library integrity check
    - [PATCH] icainfo: bugfix for RSA and EC related info for software column.
    - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests
    - [PATCH] FIPS: Fix DES and TDES key length
    - [PATCH] icastats: Fix stats counter format
  * Version 3.6.1
    - [PATCH] Fix x25519 and x448 handling of non-canonical values
- Removed the following obsolete patches
  * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
  * libica-sles15sp2-Build-with-pthread-flag.patch
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
  * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch

OBS-URL: https://build.opensuse.org/request/show/835912
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=51
2020-09-21 19:46:59 +00:00
Dominique Leuenberger
0b058dab46 Accepting request 834962 from devel:openSUSE:Factory
- Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
  * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
  * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
- Fix FIPS hmac check (bsc#1175356).
  * Update FIPS support to upstream
    - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
      from upstream.
    - Add libica-sles15sp2-Build-with-pthread-flag.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
    - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
  * FIPS check should fail when hmac is missing
    - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
  * Fix hmac key format. It should be hexadecimal, not ASCII
    - Refresh libica-sles15sp2-FIPS-hmac-key.patch
- Fix Some internal variables used to store sensitive information
  (keys) were not zeroized before returning to the calling application.
  (bsc#1175357)
  * Added libica-sles15sp2-Zeroize-local-variables.patch
- Updated libica-rpmlintrc to eliminate the warning about the HMAC file
  being a hidden file. It is supposed to be hidden.

OBS-URL: https://build.opensuse.org/request/show/834962
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=19
2020-09-17 12:48:26 +00:00
Mark Post
e3e712b8f6 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=49 2020-09-16 16:24:59 +00:00
Mark Post
665bdc3334 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=48 2020-09-16 16:24:40 +00:00
Mark Post
4991878534 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=47 2020-09-16 16:23:30 +00:00
Mark Post
3eceb20835 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=46 2020-09-16 16:19:08 +00:00
Mark Post
1f072ef96a OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=45 2020-09-16 16:17:52 +00:00
Mark Post
fe79785559 Accepting request 834746 from home:markkp:branches:devel:openSUSE:Factory
Bug fixes for bsc#1175277, bsc#1175356, and bsc#1175357

OBS-URL: https://build.opensuse.org/request/show/834746
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=44
2020-09-15 21:37:09 +00:00
Dominique Leuenberger
ae8e33e20c Accepting request 801384 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/801384
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=18
2020-05-08 21:07:32 +00:00
Mark Post
943bbccb27 Accepting request 801383 from home:markkp:branches:devel:openSUSE:Factory
- Added the following patches for FIPS certification (bsc#1162533)
  * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
  * libica-sles15sp2-FIPS-hmac-key.patch
- Added a BuildRequires for the fipscheck package.
- Made a couple of changes to the spec file based upon recommendations
  by spec-cleaner.
- Added the following patches for FIPS certification.
  * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
    (bsc#1166071) Although a DES key has only 56 effective bits,
     all 64 bits must be considered, because the parity bits are
     spread over all 8 bytes of the key.
  * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
    (bsc#1166210) FIPS tests require the output iv to be the iv
    resulting from decrypting the last block with a zero iv as input.
  * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
    (bsc#1166224) The output from icainfo never shows 'yes' for
    RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
    due to the missing ICA_FLAG_SW flag in the icaList.

OBS-URL: https://build.opensuse.org/request/show/801383
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=42
2020-05-07 19:48:37 +00:00
Dominique Leuenberger
165e502774 Accepting request 748778 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/748778
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=17
2019-11-15 21:38:04 +00:00
Mark Post
107d4586e6 Accepting request 748777 from home:markkp:branches:devel:openSUSE:Factory
- Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
  (bsc#1156768)

OBS-URL: https://build.opensuse.org/request/show/748777
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=40
2019-11-14 23:12:19 +00:00
Dominique Leuenberger
e8d2844760 Accepting request 738688 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/738688
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=16
2019-10-16 07:18:44 +00:00
Mark Post
1b4d354b6a Accepting request 738687 from home:markkp:branches:devel:openSUSE:Factory
Upgrade to version 3.6.0

OBS-URL: https://build.opensuse.org/request/show/738687
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=38
2019-10-15 19:55:23 +00:00
Dominique Leuenberger
8e03c47fe1 Accepting request 728093 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/728093
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=15
2019-09-05 10:42:04 +00:00
Mark Post
c4a8d70a12 Accepting request 728092 from home:markkp:branches:devel:openSUSE:Factory
Upgrade to version 3.5.0

OBS-URL: https://build.opensuse.org/request/show/728092
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=36
2019-09-03 21:27:37 +00:00
Dominique Leuenberger
c3354d89de Accepting request 724878 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/724878
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=14
2019-08-22 08:53:18 +00:00
Mark Post
bb0a38c887 Accepting request 718181 from home:pluskalm:branches:devel:openSUSE:Factory
- Run testsuite during build

OBS-URL: https://build.opensuse.org/request/show/718181
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=34
2019-08-20 17:43:35 +00:00
Dominique Leuenberger
3dc4beaf7a Accepting request 650563 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/650563
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=13
2018-11-22 12:24:48 +00:00
Mark Post
21f915e192 Accepting request 650562 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.4.0 (Fate#325690)
  * v3.4.0
    [FEATURE] Add SHA-512/224 and SHA-512/256 support
- Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch
- Made numerous updates to spec file based on spec-cleanup run.

OBS-URL: https://build.opensuse.org/request/show/650562
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=32
2018-11-20 22:46:40 +00:00
Dominique Leuenberger
d0a0f9069f Accepting request 649819 from devel:openSUSE:Factory
- Upgraded to version 3.3.3 (Fate#325690)
  * v3.3.3
    [PATCH] Various bug fixes
  * v3.3.2
    [PATCH] Skip ECC tests if required HW is not available
    [PATCH] Update spec file
  * v3.3.1
    [PATCH] Fix configure.ac to honour CFLAGS
  * v3.3.0
    [FEATURE] Add CEX supported elliptic-curve crypto interfaces
    [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
    [FEATURE] Add interface to enable/disable SW fallbacks
    [FEATURE] Add 'make check' target, test-suite rework
  * v3.2.1
    [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
    [PATCH] Various bug fixes.
- Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Made multiple changes to the spec file based on the output of
  spec-cleaner
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).
- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)
- Added "--enable-fips" to the %configure parms (Fate#324115)
- Upgraded to version 3.2 (Fate#321517)
  * v3.2.0
    [FEATURE] New AES-GCM interface.
    [UPDATE] Add symbol versioning.
  * v3.1.1
    [PATCH] Various bug fixes related to old and new AES-GCM implementations.
    [UPDATE] Add SHA3 test cases. Improved and extended test suite.
  * v3.1.0
    [FEATURE] Add KMA support for AES-GCM.
    [FEATURE] Add SHA-3 support.
    [PATCH] Reject RSA keys with invalid key-length.
    [PATCH] Allow zero output length for ica_random_number_generate.
    [PATCH] icastats: Correct owner of shared segment when root creates it.
  * Removed the following obsolete patches:
    libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    libica-3.0.2-03-fix-aes-ctr.patch
    libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
  - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- baselibs.conf doesn't need any additional provides/conflicts for
  libica3.
- Update baselibs.conf with proper name for library package name,
  stop providing/obsoleting libica-2_1_0/libica-2_3-0.
- Upgraded to version 3.0.2 (Fate#322025).
  - v3.0.2
    - Fix locking callbacks for openSSL APIs.
  - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
  - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
- Removed the following obsolete patches:
  - fix-initialization-of-s390-hardware-switches-1.patch
  - fix-initialization-of-s390-hardware-switches-2.patch
  - fix-msa-level-detection.patch
  - fix-segfault-during-multithread-keygen.patch
  - rng-performance.patch
- Made the following packaging changes:
  - Implemented the shared library packaging guidelines.
  - Consolidated double invocation of %setup into just one.
  - Dropped redundant %ifarch, the package is already ExclusiveArch.
  - Updated descriptions.
- Added an libica-rpmlintrc file.
- Added the following two patches:
  - fix-segfault-during-multithread-keygen.patch (bsc#991485)
  - fix-msa-level-detection.patch (bsc#1010927)
- Added rng-performance.patch (bsc#990850).
- Updated baselibs.conf to obsolete prior versions of the 32bit
  package. (bsc#983897):
   provides "libica-<targettype> = <version>"
   obsoletes "libica-<targettype> < <version>"
   provides "libica-2_1_0-<targettype> = <version>"
   obsoletes "libica-2_1_0-<targettype> < <version>"
   provides "libica-2_3_0-<targettype> = <version>"
   obsoletes "libica-2_3_0-<targettype> < <version>"
- Added fix-initialization-of-s390-hardware-switches-1.patch and
  fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
- Upgraded to version 2.6.2 (FATE#319610).
- Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
  naming standards.
- Found the original location of the icaioctl.h file and downloaded
  it to replace what we had previously.
- Removed the unnecessary libica2.la file
- Removed unnecessary Requires for glibc-devel
- Added Requires libica2 to the -devel package
- Converted call to configure to %configure macro
- Removed obsolete and unnecessary INSROOT and bindir parameters
  from the make install command
- Add Provides/Obsoletes for libica-2_3_0 so that the package from
  SLE12 GA is replaced (bsc#953096).
- move the .so file to the mainpackage, the openssl-ibmca engine
  will only load "libica.so" (bsc#952871)
- Update to libica v2.4.2 (FATE#318035)
- Removed outdated libica-aes_ccm-31-bit-compatibility.patch
- Moved init script into libica-SuSE.tar.bz2 archive
- sanitize release line in specfile
- Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root
- Removed libica-SuSE.tar.bz2
- z90crypt now starts and stops ap kernel module (bnc#888943)
- libica-aes_ccm-31-bit-compatibility.patch: AES_CCM:
  fixed 64/31 bit compatibility
- add obsoletes and provides for older libica versions 
- update to 2.3.0 (fate#315342) 
- obsolete/upstreamed patches:
  libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch
  libica-2_1_0-msa4-extension.patch
  libica-2_1_0-synchronize_shared_memory_ref_counting.patch
- Added COPYING to %files
- Fixed build dependency errors by requiring autoconf, automake
  and libtool
- Changed license to CPL-1.0
- Created devel package
- Support for MSA4 extension (bnc#794518, fate#314078)
- synchronize shared memory reference counting for library
  statistics (bnc#719659)
- fix temporary buffer allocation in ica_get_version() (bnc#719660)
- update -> 2.1.0 (fate#311914)
- Moved icainfo into /usr/bin (bnc#448643)
- obsolete old -XXbit packages (bnc#437293)
- fix build on all platforms 
- Added CPL license to include/z90crypt.h, removed GPL reference
  (This patch is upstream)
- Changed package name to libica-1_3_9 to conform to rpmlint
  requirements. (bnc#433432)
- Removed soname filter for rpmlint
- Several RPM fixes to help satisfy rpmlint
- Updated to libica 1.3.9
- added baselibs.conf file to build xxbit packages
  for multilib support
- remove inclusion of linux/config.h
- z90crypt: handle errors (bug #247799)
- Add gcc-c++ to BuildRequires.
- fix build for the rest of platforms 
- Update to libica 1.3.7 (#160036 - LTC22571)
- Increasing # of open handles with symmetric crypto support
  (#165323 - LTC23095)
- converted neededforbuild to BuildRequires
- include string.h and unistd.h in icalinux.c 
- Port package from SLES9 SP3
- Update to libica 1.3.6-rc3.
- Close all filehandles (#130060 - LTC19221).
- downgrade to libica 1.3.6-rc2 (contains AES software fallback,
  bug #117336)
- Update to libica 1.3.6 (#117336)
- fix implicit declaration 
- Changing the default value from 0 to -1 in rcz90crypt (#114371) 
- Finally fix 'reload' messages (#81824 - LTC15733).
- Fix sigill patch.
- Remove printf output from sigill patch (#81829 - LTC15731).
- Use correct default value for z90crypt (#81825 - LTC15732).
- Fix messages for 'reload' (#81824 - LTC15733).
- Fixed SIGILL on z900 (#46422).
- Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005).
- Fix module loading error (#42006).
- Add sysconfig variable to set the 'domain' parameter (#42005).
- update -> 1.3.5-3 (bug #42122)
- Update README.SuSE and correct name as well
- Use modprobe instead of insmod and fix module load error(#40526)
- Fix error checking for no hardware found case and hw error on load
- Update Readme again for the correct name (SUSE LINUX Server).
- Moved README.SuSE to README.SUSE.
- Update Readme to refer to the correct name (SUSE Linux Server).
- Update to 1.3.5-2 (#38511, #39693).
- Update Readme to refer to SUSE Linux Server instead of
  SuSE Linux Enterprise Server.
- Update to 1.3.5
- export CFLAGS & CPPFLAGS for configure
- Exclude S/390-specific files for other archs (#37183) 
- add "-I./include" to CFLAGS and use RPM_OPT_FLAGS
- fix build
- build as user
- update to 1.3.4
- update to 1.3.2
- update to 1.3.1:
  now supports DES, TDES and SHA, as well as RSA.
- throw libica.patch away, since autoversion and Makefile.am have
  similar changes now, and the renaming from _LINUX_S390_ to
  __s390__ is not really necessary
- use %defattr
- checked that icaioctl.h is still current
- dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone
  open source meanwhile and comes with the kernel sources
- added documentation how to set up crypto hardware support,
  esp. S/390 and zSeries. (#16011, #22056)
- upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5
  actually work. (#20737)
- Correct PreReq
- fixed src/Makefile.am and ugly ./autoversion to honor %_lib and
  to build on non-s390
- updated to current libica
- hacked in icaioctl.h for build, 'til we have the module in the
  kernel.
- add %run_ldconfig
- fix for current automake/autoconf
- removed old fillup-template and START_ variable 
- modified etc/init.d/z90crypt-script to report result at start.
- Added openssl to #neededforbuild, which is needed in addition to
  openssl-devel
- initial version

OBS-URL: https://build.opensuse.org/request/show/649819
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=12
2018-11-18 22:32:07 +00:00
Mark Post
116c38a998 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=30 2018-11-16 22:52:17 +00:00
Mark Post
9130c2a747 - Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Made multiple changes to the spec file based on the output of
  spec-cleaner

OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=29
2018-11-16 22:49:59 +00:00
Mark Post
23e8e71f70 Accepting request 649054 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.3.3 (Fate#325690)
  * v3.3.3
    [PATCH] Various bug fixes
  * v3.3.2
    [PATCH] Skip ECC tests if required HW is not available
    [PATCH] Update spec file
  * v3.3.1
    [PATCH] Fix configure.ac to honour CFLAGS
  * v3.3.0
    [FEATURE] Add CEX supported elliptic-curve crypto interfaces
    [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
    [FEATURE] Add interface to enable/disable SW fallbacks
    [FEATURE] Add 'make check' target, test-suite rework
  * v3.2.1
    [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
    [PATCH] Various bug fixes.
- Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Replaced multiple instances of $RPM_BUILD_ROOT with %buildroot
  in the spec file.
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).
- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)
- Added "--enable-fips" to the %configure parms (Fate#324115)
- Upgraded to version 3.2 (Fate#321517)
  * v3.2.0
    [FEATURE] New AES-GCM interface.
    [UPDATE] Add symbol versioning.
  * v3.1.1
    [PATCH] Various bug fixes related to old and new AES-GCM implementations.
    [UPDATE] Add SHA3 test cases. Improved and extended test suite.
  * v3.1.0
    [FEATURE] Add KMA support for AES-GCM.
    [FEATURE] Add SHA-3 support.
    [PATCH] Reject RSA keys with invalid key-length.
    [PATCH] Allow zero output length for ica_random_number_generate.
    [PATCH] icastats: Correct owner of shared segment when root creates it.
  * Removed the following obsolete patches:
    libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    libica-3.0.2-03-fix-aes-ctr.patch
    libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
  - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- baselibs.conf doesn't need any additional provides/conflicts for
  libica3.
- Update baselibs.conf with proper name for library package name,
  stop providing/obsoleting libica-2_1_0/libica-2_3-0.
- Upgraded to version 3.0.2 (Fate#322025).
  - v3.0.2
    - Fix locking callbacks for openSSL APIs.
  - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
  - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
- Removed the following obsolete patches:
  - fix-initialization-of-s390-hardware-switches-1.patch
  - fix-initialization-of-s390-hardware-switches-2.patch
  - fix-msa-level-detection.patch
  - fix-segfault-during-multithread-keygen.patch
  - rng-performance.patch
- Made the following packaging changes:
  - Implemented the shared library packaging guidelines.
  - Consolidated double invocation of %setup into just one.
  - Dropped redundant %ifarch, the package is already ExclusiveArch.
  - Updated descriptions.
- Added an libica-rpmlintrc file.
- Added the following two patches:
  - fix-segfault-during-multithread-keygen.patch (bsc#991485)
  - fix-msa-level-detection.patch (bsc#1010927)
- Added rng-performance.patch (bsc#990850).
- Updated baselibs.conf to obsolete prior versions of the 32bit
  package. (bsc#983897):
   provides "libica-<targettype> = <version>"
   obsoletes "libica-<targettype> < <version>"
   provides "libica-2_1_0-<targettype> = <version>"
   obsoletes "libica-2_1_0-<targettype> < <version>"
   provides "libica-2_3_0-<targettype> = <version>"
   obsoletes "libica-2_3_0-<targettype> < <version>"
- Added fix-initialization-of-s390-hardware-switches-1.patch and
  fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
- Upgraded to version 2.6.2 (FATE#319610).
- Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
  naming standards.
- Found the original location of the icaioctl.h file and downloaded
  it to replace what we had previously.
- Removed the unnecessary libica2.la file
- Removed unnecessary Requires for glibc-devel
- Added Requires libica2 to the -devel package
- Converted call to configure to %configure macro
- Removed obsolete and unnecessary INSROOT and bindir parameters
  from the make install command
- Add Provides/Obsoletes for libica-2_3_0 so that the package from
  SLE12 GA is replaced (bsc#953096).
- move the .so file to the mainpackage, the openssl-ibmca engine
  will only load "libica.so" (bsc#952871)
- Update to libica v2.4.2 (FATE#318035)
- Removed outdated libica-aes_ccm-31-bit-compatibility.patch
- Moved init script into libica-SuSE.tar.bz2 archive
- sanitize release line in specfile
- Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root
- Removed libica-SuSE.tar.bz2
- z90crypt now starts and stops ap kernel module (bnc#888943)
- libica-aes_ccm-31-bit-compatibility.patch: AES_CCM:
  fixed 64/31 bit compatibility
- add obsoletes and provides for older libica versions 
- update to 2.3.0 (fate#315342) 
- obsolete/upstreamed patches:
  libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch
  libica-2_1_0-msa4-extension.patch
  libica-2_1_0-synchronize_shared_memory_ref_counting.patch
- Added COPYING to %files
- Fixed build dependency errors by requiring autoconf, automake
  and libtool
- Changed license to CPL-1.0
- Created devel package
- Support for MSA4 extension (bnc#794518, fate#314078)
- synchronize shared memory reference counting for library
  statistics (bnc#719659)
- fix temporary buffer allocation in ica_get_version() (bnc#719660)
- update -> 2.1.0 (fate#311914)
- Moved icainfo into /usr/bin (bnc#448643)
- obsolete old -XXbit packages (bnc#437293)
- fix build on all platforms 
- Added CPL license to include/z90crypt.h, removed GPL reference
  (This patch is upstream)
- Changed package name to libica-1_3_9 to conform to rpmlint
  requirements. (bnc#433432)
- Removed soname filter for rpmlint
- Several RPM fixes to help satisfy rpmlint
- Updated to libica 1.3.9
- added baselibs.conf file to build xxbit packages
  for multilib support
- remove inclusion of linux/config.h
- z90crypt: handle errors (bug #247799)
- Add gcc-c++ to BuildRequires.
- fix build for the rest of platforms 
- Update to libica 1.3.7 (#160036 - LTC22571)
- Increasing # of open handles with symmetric crypto support
  (#165323 - LTC23095)
- converted neededforbuild to BuildRequires
- include string.h and unistd.h in icalinux.c 
- Port package from SLES9 SP3
- Update to libica 1.3.6-rc3.
- Close all filehandles (#130060 - LTC19221).
- downgrade to libica 1.3.6-rc2 (contains AES software fallback,
  bug #117336)
- Update to libica 1.3.6 (#117336)
- fix implicit declaration 
- Changing the default value from 0 to -1 in rcz90crypt (#114371) 
- Finally fix 'reload' messages (#81824 - LTC15733).
- Fix sigill patch.
- Remove printf output from sigill patch (#81829 - LTC15731).
- Use correct default value for z90crypt (#81825 - LTC15732).
- Fix messages for 'reload' (#81824 - LTC15733).
- Fixed SIGILL on z900 (#46422).
- Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005).
- Fix module loading error (#42006).
- Add sysconfig variable to set the 'domain' parameter (#42005).
- update -> 1.3.5-3 (bug #42122)
- Update README.SuSE and correct name as well
- Use modprobe instead of insmod and fix module load error(#40526)
- Fix error checking for no hardware found case and hw error on load
- Update Readme again for the correct name (SUSE LINUX Server).
- Moved README.SuSE to README.SUSE.
- Update Readme to refer to the correct name (SUSE Linux Server).
- Update to 1.3.5-2 (#38511, #39693).
- Update Readme to refer to SUSE Linux Server instead of
  SuSE Linux Enterprise Server.
- Update to 1.3.5
- export CFLAGS & CPPFLAGS for configure
- Exclude S/390-specific files for other archs (#37183) 
- add "-I./include" to CFLAGS and use RPM_OPT_FLAGS
- fix build
- build as user
- update to 1.3.4
- update to 1.3.2
- update to 1.3.1:
  now supports DES, TDES and SHA, as well as RSA.
- throw libica.patch away, since autoversion and Makefile.am have
  similar changes now, and the renaming from _LINUX_S390_ to
  __s390__ is not really necessary
- use %defattr
- checked that icaioctl.h is still current
- dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone
  open source meanwhile and comes with the kernel sources
- added documentation how to set up crypto hardware support,
  esp. S/390 and zSeries. (#16011, #22056)
- upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5
  actually work. (#20737)
- Correct PreReq
- fixed src/Makefile.am and ugly ./autoversion to honor %_lib and
  to build on non-s390
- updated to current libica
- hacked in icaioctl.h for build, 'til we have the module in the
  kernel.
- add %run_ldconfig
- fix for current automake/autoconf
- removed old fillup-template and START_ variable 
- modified etc/init.d/z90crypt-script to report result at start.
- Added openssl to #neededforbuild, which is needed in addition to
  openssl-devel
- initial version

OBS-URL: https://build.opensuse.org/request/show/649054
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=28
2018-11-14 19:20:57 +00:00
Mark Post
455515e800 Accepting request 649045 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.3.3 (Fate#325690)
  * v3.3.3
    [PATCH] Various bug fixes
  * v3.3.2
    [PATCH] Skip ECC tests if required HW is not available
    [PATCH] Update spec file
  * v3.3.1
    [PATCH] Fix configure.ac to honour CFLAGS
  * v3.3.0
    [FEATURE] Add CEX supported elliptic-curve crypto interfaces
    [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
    [FEATURE] Add interface to enable/disable SW fallbacks
    [FEATURE] Add 'make check' target, test-suite rework
  * v3.2.1
    [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
    [PATCH] Various bug fixes.
- Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  (bsc#1103493).
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).
- Replace references to /var/adm/fillup-templates with new 
  %_fillupdir macro (boo#1069468)
- Added "--enable-fips" to the %configure parms (Fate#324115)
- Upgraded to version 3.2 (Fate#321517)
  * v3.2.0
    [FEATURE] New AES-GCM interface.
    [UPDATE] Add symbol versioning.
  * v3.1.1
    [PATCH] Various bug fixes related to old and new AES-GCM implementations.
    [UPDATE] Add SHA3 test cases. Improved and extended test suite.
  * v3.1.0
    [FEATURE] Add KMA support for AES-GCM.
    [FEATURE] Add SHA-3 support.
    [PATCH] Reject RSA keys with invalid key-length.
    [PATCH] Allow zero output length for ica_random_number_generate.
    [PATCH] icastats: Correct owner of shared segment when root creates it.
  * Removed the following obsolete patches:
    libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    libica-3.0.2-03-fix-aes-ctr.patch
    libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
  - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
- baselibs.conf doesn't need any additional provides/conflicts for
  libica3.
- Update baselibs.conf with proper name for library package name,
  stop providing/obsoleting libica-2_1_0/libica-2_3-0.
- Upgraded to version 3.0.2 (Fate#322025).
  - v3.0.2
    - Fix locking callbacks for openSSL APIs.
  - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
  - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
- Removed the following obsolete patches:
  - fix-initialization-of-s390-hardware-switches-1.patch
  - fix-initialization-of-s390-hardware-switches-2.patch
  - fix-msa-level-detection.patch
  - fix-segfault-during-multithread-keygen.patch
  - rng-performance.patch
- Made the following packaging changes:
  - Implemented the shared library packaging guidelines.
  - Consolidated double invocation of %setup into just one.
  - Dropped redundant %ifarch, the package is already ExclusiveArch.
  - Updated descriptions.
- Added an libica-rpmlintrc file.
- Added the following two patches:
  - fix-segfault-during-multithread-keygen.patch (bsc#991485)
  - fix-msa-level-detection.patch (bsc#1010927)
- Added rng-performance.patch (bsc#990850).
- Updated baselibs.conf to obsolete prior versions of the 32bit
  package. (bsc#983897):
   provides "libica-<targettype> = <version>"
   obsoletes "libica-<targettype> < <version>"
   provides "libica-2_1_0-<targettype> = <version>"
   obsoletes "libica-2_1_0-<targettype> < <version>"
   provides "libica-2_3_0-<targettype> = <version>"
   obsoletes "libica-2_3_0-<targettype> < <version>"
- Added fix-initialization-of-s390-hardware-switches-1.patch and
  fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
- Upgraded to version 2.6.2 (FATE#319610).
- Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
  naming standards.
- Found the original location of the icaioctl.h file and downloaded
  it to replace what we had previously.
- Removed the unnecessary libica2.la file
- Removed unnecessary Requires for glibc-devel
- Added Requires libica2 to the -devel package
- Converted call to configure to %configure macro
- Removed obsolete and unnecessary INSROOT and bindir parameters
  from the make install command
- Add Provides/Obsoletes for libica-2_3_0 so that the package from
  SLE12 GA is replaced (bsc#953096).
- move the .so file to the mainpackage, the openssl-ibmca engine
  will only load "libica.so" (bsc#952871)
- Update to libica v2.4.2 (FATE#318035)
- Removed outdated libica-aes_ccm-31-bit-compatibility.patch
- Moved init script into libica-SuSE.tar.bz2 archive
- sanitize release line in specfile
- Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root
- Removed libica-SuSE.tar.bz2
- z90crypt now starts and stops ap kernel module (bnc#888943)
- libica-aes_ccm-31-bit-compatibility.patch: AES_CCM:
  fixed 64/31 bit compatibility
- add obsoletes and provides for older libica versions 
- update to 2.3.0 (fate#315342) 
- obsolete/upstreamed patches:
  libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch
  libica-2_1_0-msa4-extension.patch
  libica-2_1_0-synchronize_shared_memory_ref_counting.patch
- Added COPYING to %files
- Fixed build dependency errors by requiring autoconf, automake
  and libtool
- Changed license to CPL-1.0
- Created devel package
- Support for MSA4 extension (bnc#794518, fate#314078)
- synchronize shared memory reference counting for library
  statistics (bnc#719659)
- fix temporary buffer allocation in ica_get_version() (bnc#719660)
- update -> 2.1.0 (fate#311914)
- Moved icainfo into /usr/bin (bnc#448643)
- obsolete old -XXbit packages (bnc#437293)
- fix build on all platforms 
- Added CPL license to include/z90crypt.h, removed GPL reference
  (This patch is upstream)
- Changed package name to libica-1_3_9 to conform to rpmlint
  requirements. (bnc#433432)
- Removed soname filter for rpmlint
- Several RPM fixes to help satisfy rpmlint
- Updated to libica 1.3.9
- added baselibs.conf file to build xxbit packages
  for multilib support
- remove inclusion of linux/config.h
- z90crypt: handle errors (bug #247799)
- Add gcc-c++ to BuildRequires.
- fix build for the rest of platforms 
- Update to libica 1.3.7 (#160036 - LTC22571)
- Increasing # of open handles with symmetric crypto support
  (#165323 - LTC23095)
- converted neededforbuild to BuildRequires
- include string.h and unistd.h in icalinux.c 
- Port package from SLES9 SP3
- Update to libica 1.3.6-rc3.
- Close all filehandles (#130060 - LTC19221).
- downgrade to libica 1.3.6-rc2 (contains AES software fallback,
  bug #117336)
- Update to libica 1.3.6 (#117336)
- fix implicit declaration 
- Changing the default value from 0 to -1 in rcz90crypt (#114371) 
- Finally fix 'reload' messages (#81824 - LTC15733).
- Fix sigill patch.
- Remove printf output from sigill patch (#81829 - LTC15731).
- Use correct default value for z90crypt (#81825 - LTC15732).
- Fix messages for 'reload' (#81824 - LTC15733).
- Fixed SIGILL on z900 (#46422).
- Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005).
- Fix module loading error (#42006).
- Add sysconfig variable to set the 'domain' parameter (#42005).
- update -> 1.3.5-3 (bug #42122)
- Update README.SuSE and correct name as well
- Use modprobe instead of insmod and fix module load error(#40526)
- Fix error checking for no hardware found case and hw error on load
- Update Readme again for the correct name (SUSE LINUX Server).
- Moved README.SuSE to README.SUSE.
- Update Readme to refer to the correct name (SUSE Linux Server).
- Update to 1.3.5-2 (#38511, #39693).
- Update Readme to refer to SUSE Linux Server instead of
  SuSE Linux Enterprise Server.
- Update to 1.3.5
- export CFLAGS & CPPFLAGS for configure
- Exclude S/390-specific files for other archs (#37183) 
- add "-I./include" to CFLAGS and use RPM_OPT_FLAGS
- fix build
- build as user
- update to 1.3.4
- update to 1.3.2
- update to 1.3.1:
  now supports DES, TDES and SHA, as well as RSA.
- throw libica.patch away, since autoversion and Makefile.am have
  similar changes now, and the renaming from _LINUX_S390_ to
  __s390__ is not really necessary
- use %defattr
- checked that icaioctl.h is still current
- dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone
  open source meanwhile and comes with the kernel sources
- added documentation how to set up crypto hardware support,
  esp. S/390 and zSeries. (#16011, #22056)
- upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5
  actually work. (#20737)
- Correct PreReq
- fixed src/Makefile.am and ugly ./autoversion to honor %_lib and
  to build on non-s390
- updated to current libica
- hacked in icaioctl.h for build, 'til we have the module in the
  kernel.
- add %run_ldconfig
- fix for current automake/autoconf
- removed old fillup-template and START_ variable 
- modified etc/init.d/z90crypt-script to report result at start.
- Added openssl to #neededforbuild, which is needed in addition to
  openssl-devel
- initial version

OBS-URL: https://build.opensuse.org/request/show/649045
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=27
2018-11-14 18:51:09 +00:00
Dominique Leuenberger
5544024ac5 Accepting request 643795 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/643795
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=11
2018-10-23 18:40:38 +00:00
Mark Post
d17a6d5639 Accepting request 643794 from home:markkp:branches:devel:openSUSE:Factory
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to
  fix a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1112655)

OBS-URL: https://build.opensuse.org/request/show/643794
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=25
2018-10-22 19:39:42 +00:00
Yuchen Lin
998dd49da0 Accepting request 635069 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/635069
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=10
2018-09-13 10:11:16 +00:00
Mark Post
6802c716ca Accepting request 635068 from home:markkp:branches:devel:openSUSE:Factory
- Added "Obsoletes: libica2" to the libica-tools package to fix
  a problem with upgrading from SLES12 SP2 to either SLES12
  SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)

OBS-URL: https://build.opensuse.org/request/show/635068
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=23
2018-09-11 17:24:47 +00:00
Dominique Leuenberger
26f16f1909 Accepting request 597616 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/597616
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=9
2018-04-19 13:31:28 +00:00
Mark Post
30d9261e6c Accepting request 597615 from home:markkp:branches:devel:openSUSE:Factory
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
- Updated boot.z90crypt script to fix a problem with the modprobe
  command not being found. (bsc#1040229).
- Added "Recommends: libica-tools" (bsc#1046435).

OBS-URL: https://build.opensuse.org/request/show/597615
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=21
2018-04-18 03:45:27 +00:00
Dominique Leuenberger
3edaa450b3 Accepting request 546527 from devel:openSUSE:Factory
OBS-URL: https://build.opensuse.org/request/show/546527
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=8
2017-11-30 11:46:01 +00:00
Mark Post
5a3a4b6298 Accepting request 544827 from home:RBrownSUSE:branches:devel:openSUSE:Factory
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)

OBS-URL: https://build.opensuse.org/request/show/544827
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=19
2017-11-29 19:12:44 +00:00
Dominique Leuenberger
78acfd68c6 Accepting request 531455 from devel:openSUSE:Factory
- Added "--enable-fips" to the %configure parms (Fate#324115)

OBS-URL: https://build.opensuse.org/request/show/531455
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=7
2017-10-06 09:03:32 +00:00
Mark Post
37989d1316 Accepting request 531453 from home:markkp:branches:devel:openSUSE:Factory
- Added "--enable-fips" to the %configure parms (Fate#324115)

OBS-URL: https://build.opensuse.org/request/show/531453
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=17
2017-10-04 19:39:27 +00:00
Dominique Leuenberger
f84fb246a9 Accepting request 530010 from devel:openSUSE:Factory
1

OBS-URL: https://build.opensuse.org/request/show/530010
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libica?expand=0&rev=6
2017-10-02 14:53:47 +00:00