1688a137e6
31 Commits
Author | SHA256 | Message | Date | |
---|---|---|---|---|
Mark Post
|
1688a137e6 |
Accepting request 926839 from home:markkp:branches:devel:openSUSE:Factory
- Upgrade to version 3.9.0 (jsc#SLE-18454, jsc#SLE-18564) - [FEATURE] Add support for OpenSSL 3.0 - [FEATURE] icainfo: new parm -c to display available EC curves - Replaced the obsolete PreReq: %fillup_prereq with Requires(post): %fillup_prereq in the spec file. OBS-URL: https://build.opensuse.org/request/show/926839 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=61 |
||
Mark Post
|
70e82f26c0 |
Accepting request 902188 from home:michals
- Update to version 3.8.0 (jsc#SLE-18334) - [FEATURE] provide libica-cex module to satisfy special security requirements - [FEATURE] FIPS: enforce the HMAC check - Remove upstreamed patches: - libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch - libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch - libica-sles15sp2-Zeroize-local-variables.patch - Remove patches obsoleted by upstrea developent: * FIPS: Find libica from phdrs. - libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch * FIPS: enforce the hmac check - libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch - Fix up tests and hmac generation + libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch - Remove obsolete attributes from filelists OBS-URL: https://build.opensuse.org/request/show/902188 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=58 |
||
Mark Post
|
ad38d78d79 |
- Upgraded to version 3.7.0 (jsc#SLE-13708)
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=55 |
||
Mark Post
|
332d6ae426 |
Accepting request 835923 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0 (jsc#SLE-14466) * Version 3.7.0 - [FEATURE] FIPS: Add HMAC based library integrity check - [PATCH] icainfo: bugfix for RSA and EC related info for software column. - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests - [PATCH] FIPS: Fix DES and TDES key length - [PATCH] icastats: Fix stats counter format * Version 3.6.1 - [PATCH] Fix x25519 and x448 handling of non-canonical values - Removed the following obsolete patches * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch * libica-sles15sp2-Build-with-pthread-flag.patch * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch - Fix lack of SHA3 KATs in "make check" processing (bsc#1175277) * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch - Fix FIPS hmac check (bsc#1175356). * Update FIPS support to upstream - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch from upstream. - Add libica-sles15sp2-Build-with-pthread-flag.patch - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch * FIPS check should fail when hmac is missing - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch - Create an hmac for the selftest - Check that selftest fails without a hmac - Hash libica.so.3 rather than libica.so.3.6.0 * Fix hmac key format. It should be hexadecimal, not ASCII - Refresh libica-sles15sp2-FIPS-hmac-key.patch - Fix Some internal variables used to store sensitive information (keys) were not zeroized before returning to the calling application. (bsc#1175357) * Added libica-sles15sp2-Zeroize-local-variables.patch - Updated libica-rpmlintrc to eliminate the warning about the HMAC file being a hidden file. It is supposed to be hidden. - Added the following patches for FIPS certification (bsc#1162533) * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-hmac-key.patch - Added a BuildRequires for the fipscheck package. - Made a couple of changes to the spec file based upon recommendations by spec-cleaner. - Added the following patches for FIPS certification. * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch (bsc#1166071) Although a DES key has only 56 effective bits, all 64 bits must be considered, because the parity bits are spread over all 8 bytes of the key. * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch (bsc#1166210) FIPS tests require the output iv to be the iv resulting from decrypting the last block with a zero iv as input. * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch (bsc#1166224) The output from icainfo never shows 'yes' for RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN, due to the missing ICA_FLAG_SW flag in the icaList. - Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch (bsc#1156768) - Upgraded to version 3.6.0 (jsc#SLE-7584) * [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448 - Upgraded to version 3.5.0 (Fate#327840) - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify - Reworked how libica-tools loads and unloads kernel modules to avoid spurious error messages (bsc#1134004): * Converted the boot.z90crypt sysV init script to a systemd unit file. * Removed any references to insserv in the spec file. * Updated the z90crypt script itself to properly load and unload the kernel modules as they exist today. * Eliminated the obsolete libica-SuSE.tar.bz2 archive. - Updated the README.SUSE file to reflect the change from sysV init style script to systemd. - Made numerous changes to the spec file, based on the output from the spec-cleaner command. - Run testsuite during build - Upgraded to version 3.4.0 (Fate#325690) * v3.4.0 [FEATURE] Add SHA-512/224 and SHA-512/256 support - Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch - Made numerous updates to spec file based on spec-cleanup run. - Upgraded to version 3.3.3 (Fate#325690) * v3.3.3 [PATCH] Various bug fixes * v3.3.2 [PATCH] Skip ECC tests if required HW is not available [PATCH] Update spec file * v3.3.1 [PATCH] Fix configure.ac to honour CFLAGS * v3.3.0 [FEATURE] Add CEX supported elliptic-curve crypto interfaces [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces [FEATURE] Add interface to enable/disable SW fallbacks [FEATURE] Add 'make check' target, test-suite rework * v3.2.1 [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG. [PATCH] Various bug fixes. - Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch - Removed COPYING from %files, since it is no longer in the tarball. - Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch (bsc#1103493). - Made multiple changes to the spec file based on the output of spec-cleaner - Added "Obsoletes: libica-2_3_0" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1112655) - Added "Obsoletes: libica2" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638) - Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756) - Updated boot.z90crypt script to fix a problem with the modprobe command not being found. (bsc#1040229). - Added "Recommends: libica-tools" (bsc#1046435). - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Added "--enable-fips" to the %configure parms (Fate#324115) - Upgraded to version 3.2 (Fate#321517) * v3.2.0 [FEATURE] New AES-GCM interface. [UPDATE] Add symbol versioning. * v3.1.1 [PATCH] Various bug fixes related to old and new AES-GCM implementations. [UPDATE] Add SHA3 test cases. Improved and extended test suite. * v3.1.0 [FEATURE] Add KMA support for AES-GCM. [FEATURE] Add SHA-3 support. [PATCH] Reject RSA keys with invalid key-length. [PATCH] Allow zero output length for ica_random_number_generate. [PATCH] icastats: Correct owner of shared segment when root creates it. * Removed the following obsolete patches: libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch libica-3.0.2-03-fix-aes-ctr.patch libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567) - Added the following patches (bsc#1058567) - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch - libica-3.0.2-03-fix-aes-ctr.patch - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - baselibs.conf doesn't need any additional provides/conflicts for libica3. - Update baselibs.conf with proper name for library package name, stop providing/obsoleting libica-2_1_0/libica-2_3-0. - Upgraded to version 3.0.2 (Fate#322025). - v3.0.2 - Fix locking callbacks for openSSL APIs. - v3.0.1 - Fixed msa level detection on zEC/BC12 GA1 and predecessors. - v3.0.0 - Added FIPS mode. - Sanitized exported symbols. - Removed deprecated APIs. Marked some APIs as deprecated. - Adapted to OpenSSL v1.1.0. - RSA key generation is thread-safe now. - Removed the following obsolete patches: - fix-initialization-of-s390-hardware-switches-1.patch - fix-initialization-of-s390-hardware-switches-2.patch - fix-msa-level-detection.patch - fix-segfault-during-multithread-keygen.patch - rng-performance.patch - Made the following packaging changes: - Implemented the shared library packaging guidelines. - Consolidated double invocation of %setup into just one. - Dropped redundant %ifarch, the package is already ExclusiveArch. - Updated descriptions. - Added an libica-rpmlintrc file. - Added the following two patches: - fix-segfault-during-multithread-keygen.patch (bsc#991485) - fix-msa-level-detection.patch (bsc#1010927) - Added rng-performance.patch (bsc#990850). - Updated baselibs.conf to obsolete prior versions of the 32bit package. (bsc#983897): provides "libica-<targettype> = <version>" obsoletes "libica-<targettype> < <version>" provides "libica-2_1_0-<targettype> = <version>" obsoletes "libica-2_1_0-<targettype> < <version>" provides "libica-2_3_0-<targettype> = <version>" obsoletes "libica-2_3_0-<targettype> < <version>" - Added fix-initialization-of-s390-hardware-switches-1.patch and fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548) - Upgraded to version 2.6.2 (FATE#319610). - Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to naming standards. - Found the original location of the icaioctl.h file and downloaded it to replace what we had previously. - Removed the unnecessary libica2.la file - Removed unnecessary Requires for glibc-devel - Added Requires libica2 to the -devel package - Converted call to configure to %configure macro - Removed obsolete and unnecessary INSROOT and bindir parameters from the make install command - Add Provides/Obsoletes for libica-2_3_0 so that the package from SLE12 GA is replaced (bsc#953096). - move the .so file to the mainpackage, the openssl-ibmca engine will only load "libica.so" (bsc#952871) - Update to libica v2.4.2 (FATE#318035) - Removed outdated libica-aes_ccm-31-bit-compatibility.patch - Moved init script into libica-SuSE.tar.bz2 archive - sanitize release line in specfile - Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root - Removed libica-SuSE.tar.bz2 - z90crypt now starts and stops ap kernel module (bnc#888943) - libica-aes_ccm-31-bit-compatibility.patch: AES_CCM: fixed 64/31 bit compatibility - add obsoletes and provides for older libica versions - update to 2.3.0 (fate#315342) - obsolete/upstreamed patches: libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch libica-2_1_0-msa4-extension.patch libica-2_1_0-synchronize_shared_memory_ref_counting.patch - Added COPYING to %files - Fixed build dependency errors by requiring autoconf, automake and libtool - Changed license to CPL-1.0 - Created devel package - Support for MSA4 extension (bnc#794518, fate#314078) - synchronize shared memory reference counting for library statistics (bnc#719659) - fix temporary buffer allocation in ica_get_version() (bnc#719660) - update -> 2.1.0 (fate#311914) - Moved icainfo into /usr/bin (bnc#448643) - obsolete old -XXbit packages (bnc#437293) - fix build on all platforms - Added CPL license to include/z90crypt.h, removed GPL reference (This patch is upstream) - Changed package name to libica-1_3_9 to conform to rpmlint requirements. (bnc#433432) - Removed soname filter for rpmlint - Several RPM fixes to help satisfy rpmlint - Updated to libica 1.3.9 - added baselibs.conf file to build xxbit packages for multilib support - remove inclusion of linux/config.h - z90crypt: handle errors (bug #247799) - Add gcc-c++ to BuildRequires. - fix build for the rest of platforms - Update to libica 1.3.7 (#160036 - LTC22571) - Increasing # of open handles with symmetric crypto support (#165323 - LTC23095) - converted neededforbuild to BuildRequires - include string.h and unistd.h in icalinux.c - Port package from SLES9 SP3 - Update to libica 1.3.6-rc3. - Close all filehandles (#130060 - LTC19221). - downgrade to libica 1.3.6-rc2 (contains AES software fallback, bug #117336) - Update to libica 1.3.6 (#117336) - fix implicit declaration - Changing the default value from 0 to -1 in rcz90crypt (#114371) - Finally fix 'reload' messages (#81824 - LTC15733). - Fix sigill patch. - Remove printf output from sigill patch (#81829 - LTC15731). - Use correct default value for z90crypt (#81825 - LTC15732). - Fix messages for 'reload' (#81824 - LTC15733). - Fixed SIGILL on z900 (#46422). - Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005). - Fix module loading error (#42006). - Add sysconfig variable to set the 'domain' parameter (#42005). - update -> 1.3.5-3 (bug #42122) - Update README.SuSE and correct name as well - Use modprobe instead of insmod and fix module load error(#40526) - Fix error checking for no hardware found case and hw error on load - Update Readme again for the correct name (SUSE LINUX Server). - Moved README.SuSE to README.SUSE. - Update Readme to refer to the correct name (SUSE Linux Server). - Update to 1.3.5-2 (#38511, #39693). - Update Readme to refer to SUSE Linux Server instead of SuSE Linux Enterprise Server. - Update to 1.3.5 - export CFLAGS & CPPFLAGS for configure - Exclude S/390-specific files for other archs (#37183) - add "-I./include" to CFLAGS and use RPM_OPT_FLAGS - fix build - build as user - update to 1.3.4 - update to 1.3.2 - update to 1.3.1: now supports DES, TDES and SHA, as well as RSA. - throw libica.patch away, since autoversion and Makefile.am have similar changes now, and the renaming from _LINUX_S390_ to __s390__ is not really necessary - use %defattr - checked that icaioctl.h is still current - dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone open source meanwhile and comes with the kernel sources - added documentation how to set up crypto hardware support, esp. S/390 and zSeries. (#16011, #22056) - upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5 actually work. (#20737) - Correct PreReq - fixed src/Makefile.am and ugly ./autoversion to honor %_lib and to build on non-s390 - updated to current libica - hacked in icaioctl.h for build, 'til we have the module in the kernel. - add %run_ldconfig - fix for current automake/autoconf - removed old fillup-template and START_ variable - modified etc/init.d/z90crypt-script to report result at start. - Added openssl to #neededforbuild, which is needed in addition to openssl-devel - initial version OBS-URL: https://build.opensuse.org/request/show/835923 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=53 |
||
Mark Post
|
1930ff00ed |
Accepting request 835915 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0 (jsc#14466) * Version 3.7.0 - [FEATURE] FIPS: Add HMAC based library integrity check - [PATCH] icainfo: bugfix for RSA and EC related info for software column. - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests - [PATCH] FIPS: Fix DES and TDES key length - [PATCH] icastats: Fix stats counter format * Version 3.6.1 - [PATCH] Fix x25519 and x448 handling of non-canonical values - Removed the following obsolete patches * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch * libica-sles15sp2-Build-with-pthread-flag.patch * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch - Fix lack of SHA3 KATs in "make check" processing (bsc#1175277) * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch - Fix FIPS hmac check (bsc#1175356). * Update FIPS support to upstream - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch from upstream. - Add libica-sles15sp2-Build-with-pthread-flag.patch - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch * FIPS check should fail when hmac is missing - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch - Create an hmac for the selftest - Check that selftest fails without a hmac - Hash libica.so.3 rather than libica.so.3.6.0 * Fix hmac key format. It should be hexadecimal, not ASCII - Refresh libica-sles15sp2-FIPS-hmac-key.patch - Fix Some internal variables used to store sensitive information (keys) were not zeroized before returning to the calling application. (bsc#1175357) * Added libica-sles15sp2-Zeroize-local-variables.patch - Updated libica-rpmlintrc to eliminate the warning about the HMAC file being a hidden file. It is supposed to be hidden. - Added the following patches for FIPS certification (bsc#1162533) * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-hmac-key.patch - Added a BuildRequires for the fipscheck package. - Made a couple of changes to the spec file based upon recommendations by spec-cleaner. - Added the following patches for FIPS certification. * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch (bsc#1166071) Although a DES key has only 56 effective bits, all 64 bits must be considered, because the parity bits are spread over all 8 bytes of the key. * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch (bsc#1166210) FIPS tests require the output iv to be the iv resulting from decrypting the last block with a zero iv as input. * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch (bsc#1166224) The output from icainfo never shows 'yes' for RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN, due to the missing ICA_FLAG_SW flag in the icaList. - Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch (bsc#1156768) - Upgraded to version 3.6.0 (jsc#SLE-7584) * [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448 - Upgraded to version 3.5.0 (Fate#327840) - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify - Reworked how libica-tools loads and unloads kernel modules to avoid spurious error messages (bsc#1134004): * Converted the boot.z90crypt sysV init script to a systemd unit file. * Removed any references to insserv in the spec file. * Updated the z90crypt script itself to properly load and unload the kernel modules as they exist today. * Eliminated the obsolete libica-SuSE.tar.bz2 archive. - Updated the README.SUSE file to reflect the change from sysV init style script to systemd. - Made numerous changes to the spec file, based on the output from the spec-cleaner command. - Run testsuite during build - Upgraded to version 3.4.0 (Fate#325690) * v3.4.0 [FEATURE] Add SHA-512/224 and SHA-512/256 support - Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch - Made numerous updates to spec file based on spec-cleanup run. - Upgraded to version 3.3.3 (Fate#325690) * v3.3.3 [PATCH] Various bug fixes * v3.3.2 [PATCH] Skip ECC tests if required HW is not available [PATCH] Update spec file * v3.3.1 [PATCH] Fix configure.ac to honour CFLAGS * v3.3.0 [FEATURE] Add CEX supported elliptic-curve crypto interfaces [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces [FEATURE] Add interface to enable/disable SW fallbacks [FEATURE] Add 'make check' target, test-suite rework * v3.2.1 [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG. [PATCH] Various bug fixes. - Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch - Removed COPYING from %files, since it is no longer in the tarball. - Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch (bsc#1103493). - Made multiple changes to the spec file based on the output of spec-cleaner - Added "Obsoletes: libica-2_3_0" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1112655) - Added "Obsoletes: libica2" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638) - Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756) - Updated boot.z90crypt script to fix a problem with the modprobe command not being found. (bsc#1040229). - Added "Recommends: libica-tools" (bsc#1046435). - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Added "--enable-fips" to the %configure parms (Fate#324115) - Upgraded to version 3.2 (Fate#321517) * v3.2.0 [FEATURE] New AES-GCM interface. [UPDATE] Add symbol versioning. * v3.1.1 [PATCH] Various bug fixes related to old and new AES-GCM implementations. [UPDATE] Add SHA3 test cases. Improved and extended test suite. * v3.1.0 [FEATURE] Add KMA support for AES-GCM. [FEATURE] Add SHA-3 support. [PATCH] Reject RSA keys with invalid key-length. [PATCH] Allow zero output length for ica_random_number_generate. [PATCH] icastats: Correct owner of shared segment when root creates it. * Removed the following obsolete patches: libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch libica-3.0.2-03-fix-aes-ctr.patch libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567) - Added the following patches (bsc#1058567) - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch - libica-3.0.2-03-fix-aes-ctr.patch - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - baselibs.conf doesn't need any additional provides/conflicts for libica3. - Update baselibs.conf with proper name for library package name, stop providing/obsoleting libica-2_1_0/libica-2_3-0. - Upgraded to version 3.0.2 (Fate#322025). - v3.0.2 - Fix locking callbacks for openSSL APIs. - v3.0.1 - Fixed msa level detection on zEC/BC12 GA1 and predecessors. - v3.0.0 - Added FIPS mode. - Sanitized exported symbols. - Removed deprecated APIs. Marked some APIs as deprecated. - Adapted to OpenSSL v1.1.0. - RSA key generation is thread-safe now. - Removed the following obsolete patches: - fix-initialization-of-s390-hardware-switches-1.patch - fix-initialization-of-s390-hardware-switches-2.patch - fix-msa-level-detection.patch - fix-segfault-during-multithread-keygen.patch - rng-performance.patch - Made the following packaging changes: - Implemented the shared library packaging guidelines. - Consolidated double invocation of %setup into just one. - Dropped redundant %ifarch, the package is already ExclusiveArch. - Updated descriptions. - Added an libica-rpmlintrc file. - Added the following two patches: - fix-segfault-during-multithread-keygen.patch (bsc#991485) - fix-msa-level-detection.patch (bsc#1010927) - Added rng-performance.patch (bsc#990850). - Updated baselibs.conf to obsolete prior versions of the 32bit package. (bsc#983897): provides "libica-<targettype> = <version>" obsoletes "libica-<targettype> < <version>" provides "libica-2_1_0-<targettype> = <version>" obsoletes "libica-2_1_0-<targettype> < <version>" provides "libica-2_3_0-<targettype> = <version>" obsoletes "libica-2_3_0-<targettype> < <version>" - Added fix-initialization-of-s390-hardware-switches-1.patch and fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548) - Upgraded to version 2.6.2 (FATE#319610). - Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to naming standards. - Found the original location of the icaioctl.h file and downloaded it to replace what we had previously. - Removed the unnecessary libica2.la file - Removed unnecessary Requires for glibc-devel - Added Requires libica2 to the -devel package - Converted call to configure to %configure macro - Removed obsolete and unnecessary INSROOT and bindir parameters from the make install command - Add Provides/Obsoletes for libica-2_3_0 so that the package from SLE12 GA is replaced (bsc#953096). - move the .so file to the mainpackage, the openssl-ibmca engine will only load "libica.so" (bsc#952871) - Update to libica v2.4.2 (FATE#318035) - Removed outdated libica-aes_ccm-31-bit-compatibility.patch - Moved init script into libica-SuSE.tar.bz2 archive - sanitize release line in specfile - Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root - Removed libica-SuSE.tar.bz2 - z90crypt now starts and stops ap kernel module (bnc#888943) - libica-aes_ccm-31-bit-compatibility.patch: AES_CCM: fixed 64/31 bit compatibility - add obsoletes and provides for older libica versions - update to 2.3.0 (fate#315342) - obsolete/upstreamed patches: libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch libica-2_1_0-msa4-extension.patch libica-2_1_0-synchronize_shared_memory_ref_counting.patch - Added COPYING to %files - Fixed build dependency errors by requiring autoconf, automake and libtool - Changed license to CPL-1.0 - Created devel package - Support for MSA4 extension (bnc#794518, fate#314078) - synchronize shared memory reference counting for library statistics (bnc#719659) - fix temporary buffer allocation in ica_get_version() (bnc#719660) - update -> 2.1.0 (fate#311914) - Moved icainfo into /usr/bin (bnc#448643) - obsolete old -XXbit packages (bnc#437293) - fix build on all platforms - Added CPL license to include/z90crypt.h, removed GPL reference (This patch is upstream) - Changed package name to libica-1_3_9 to conform to rpmlint requirements. (bnc#433432) - Removed soname filter for rpmlint - Several RPM fixes to help satisfy rpmlint - Updated to libica 1.3.9 - added baselibs.conf file to build xxbit packages for multilib support - remove inclusion of linux/config.h - z90crypt: handle errors (bug #247799) - Add gcc-c++ to BuildRequires. - fix build for the rest of platforms - Update to libica 1.3.7 (#160036 - LTC22571) - Increasing # of open handles with symmetric crypto support (#165323 - LTC23095) - converted neededforbuild to BuildRequires - include string.h and unistd.h in icalinux.c - Port package from SLES9 SP3 - Update to libica 1.3.6-rc3. - Close all filehandles (#130060 - LTC19221). - downgrade to libica 1.3.6-rc2 (contains AES software fallback, bug #117336) - Update to libica 1.3.6 (#117336) - fix implicit declaration - Changing the default value from 0 to -1 in rcz90crypt (#114371) - Finally fix 'reload' messages (#81824 - LTC15733). - Fix sigill patch. - Remove printf output from sigill patch (#81829 - LTC15731). - Use correct default value for z90crypt (#81825 - LTC15732). - Fix messages for 'reload' (#81824 - LTC15733). - Fixed SIGILL on z900 (#46422). - Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005). - Fix module loading error (#42006). - Add sysconfig variable to set the 'domain' parameter (#42005). - update -> 1.3.5-3 (bug #42122) - Update README.SuSE and correct name as well - Use modprobe instead of insmod and fix module load error(#40526) - Fix error checking for no hardware found case and hw error on load - Update Readme again for the correct name (SUSE LINUX Server). - Moved README.SuSE to README.SUSE. - Update Readme to refer to the correct name (SUSE Linux Server). - Update to 1.3.5-2 (#38511, #39693). - Update Readme to refer to SUSE Linux Server instead of SuSE Linux Enterprise Server. - Update to 1.3.5 - export CFLAGS & CPPFLAGS for configure - Exclude S/390-specific files for other archs (#37183) - add "-I./include" to CFLAGS and use RPM_OPT_FLAGS - fix build - build as user - update to 1.3.4 - update to 1.3.2 - update to 1.3.1: now supports DES, TDES and SHA, as well as RSA. - throw libica.patch away, since autoversion and Makefile.am have similar changes now, and the renaming from _LINUX_S390_ to __s390__ is not really necessary - use %defattr - checked that icaioctl.h is still current - dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone open source meanwhile and comes with the kernel sources - added documentation how to set up crypto hardware support, esp. S/390 and zSeries. (#16011, #22056) - upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5 actually work. (#20737) - Correct PreReq - fixed src/Makefile.am and ugly ./autoversion to honor %_lib and to build on non-s390 - updated to current libica - hacked in icaioctl.h for build, 'til we have the module in the kernel. - add %run_ldconfig - fix for current automake/autoconf - removed old fillup-template and START_ variable - modified etc/init.d/z90crypt-script to report result at start. - Added openssl to #neededforbuild, which is needed in addition to openssl-devel - initial version OBS-URL: https://build.opensuse.org/request/show/835915 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=52 |
||
Mark Post
|
3c631b9647 |
Accepting request 835912 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.7.0 * Version 3.7.0 - [FEATURE] FIPS: Add HMAC based library integrity check - [PATCH] icainfo: bugfix for RSA and EC related info for software column. - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests - [PATCH] FIPS: Fix DES and TDES key length - [PATCH] icastats: Fix stats counter format * Version 3.6.1 - [PATCH] Fix x25519 and x448 handling of non-canonical values - Removed the following obsolete patches * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch * libica-sles15sp2-Build-with-pthread-flag.patch * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch OBS-URL: https://build.opensuse.org/request/show/835912 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=51 |
||
Mark Post
|
fe79785559 |
Accepting request 834746 from home:markkp:branches:devel:openSUSE:Factory
Bug fixes for bsc#1175277, bsc#1175356, and bsc#1175357 OBS-URL: https://build.opensuse.org/request/show/834746 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=44 |
||
Mark Post
|
943bbccb27 |
Accepting request 801383 from home:markkp:branches:devel:openSUSE:Factory
- Added the following patches for FIPS certification (bsc#1162533) * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch * libica-sles15sp2-FIPS-hmac-key.patch - Added a BuildRequires for the fipscheck package. - Made a couple of changes to the spec file based upon recommendations by spec-cleaner. - Added the following patches for FIPS certification. * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch (bsc#1166071) Although a DES key has only 56 effective bits, all 64 bits must be considered, because the parity bits are spread over all 8 bytes of the key. * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch (bsc#1166210) FIPS tests require the output iv to be the iv resulting from decrypting the last block with a zero iv as input. * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch (bsc#1166224) The output from icainfo never shows 'yes' for RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN, due to the missing ICA_FLAG_SW flag in the icaList. OBS-URL: https://build.opensuse.org/request/show/801383 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=42 |
||
Mark Post
|
107d4586e6 |
Accepting request 748777 from home:markkp:branches:devel:openSUSE:Factory
- Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch (bsc#1156768) OBS-URL: https://build.opensuse.org/request/show/748777 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=40 |
||
Mark Post
|
1b4d354b6a |
Accepting request 738687 from home:markkp:branches:devel:openSUSE:Factory
Upgrade to version 3.6.0 OBS-URL: https://build.opensuse.org/request/show/738687 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=38 |
||
Mark Post
|
c4a8d70a12 |
Accepting request 728092 from home:markkp:branches:devel:openSUSE:Factory
Upgrade to version 3.5.0 OBS-URL: https://build.opensuse.org/request/show/728092 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=36 |
||
Mark Post
|
bb0a38c887 |
Accepting request 718181 from home:pluskalm:branches:devel:openSUSE:Factory
- Run testsuite during build OBS-URL: https://build.opensuse.org/request/show/718181 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=34 |
||
Mark Post
|
21f915e192 |
Accepting request 650562 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.4.0 (Fate#325690) * v3.4.0 [FEATURE] Add SHA-512/224 and SHA-512/256 support - Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch - Made numerous updates to spec file based on spec-cleanup run. OBS-URL: https://build.opensuse.org/request/show/650562 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=32 |
||
Mark Post
|
116c38a998 | OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=30 | ||
Mark Post
|
9130c2a747 |
- Removed COPYING from %files, since it is no longer in the tarball.
- Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch (bsc#1103493). - Made multiple changes to the spec file based on the output of spec-cleaner OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=29 |
||
Mark Post
|
23e8e71f70 |
Accepting request 649054 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.3.3 (Fate#325690) * v3.3.3 [PATCH] Various bug fixes * v3.3.2 [PATCH] Skip ECC tests if required HW is not available [PATCH] Update spec file * v3.3.1 [PATCH] Fix configure.ac to honour CFLAGS * v3.3.0 [FEATURE] Add CEX supported elliptic-curve crypto interfaces [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces [FEATURE] Add interface to enable/disable SW fallbacks [FEATURE] Add 'make check' target, test-suite rework * v3.2.1 [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG. [PATCH] Various bug fixes. - Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch - Added "Obsoletes: libica-2_3_0" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1112655) - Added "Obsoletes: libica2" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638) - Removed COPYING from %files, since it is no longer in the tarball. - Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch (bsc#1103493). - Replaced multiple instances of $RPM_BUILD_ROOT with %buildroot in the spec file. - Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756) - Updated boot.z90crypt script to fix a problem with the modprobe command not being found. (bsc#1040229). - Added "Recommends: libica-tools" (bsc#1046435). - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Added "--enable-fips" to the %configure parms (Fate#324115) - Upgraded to version 3.2 (Fate#321517) * v3.2.0 [FEATURE] New AES-GCM interface. [UPDATE] Add symbol versioning. * v3.1.1 [PATCH] Various bug fixes related to old and new AES-GCM implementations. [UPDATE] Add SHA3 test cases. Improved and extended test suite. * v3.1.0 [FEATURE] Add KMA support for AES-GCM. [FEATURE] Add SHA-3 support. [PATCH] Reject RSA keys with invalid key-length. [PATCH] Allow zero output length for ica_random_number_generate. [PATCH] icastats: Correct owner of shared segment when root creates it. * Removed the following obsolete patches: libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch libica-3.0.2-03-fix-aes-ctr.patch libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567) - Added the following patches (bsc#1058567) - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch - libica-3.0.2-03-fix-aes-ctr.patch - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - baselibs.conf doesn't need any additional provides/conflicts for libica3. - Update baselibs.conf with proper name for library package name, stop providing/obsoleting libica-2_1_0/libica-2_3-0. - Upgraded to version 3.0.2 (Fate#322025). - v3.0.2 - Fix locking callbacks for openSSL APIs. - v3.0.1 - Fixed msa level detection on zEC/BC12 GA1 and predecessors. - v3.0.0 - Added FIPS mode. - Sanitized exported symbols. - Removed deprecated APIs. Marked some APIs as deprecated. - Adapted to OpenSSL v1.1.0. - RSA key generation is thread-safe now. - Removed the following obsolete patches: - fix-initialization-of-s390-hardware-switches-1.patch - fix-initialization-of-s390-hardware-switches-2.patch - fix-msa-level-detection.patch - fix-segfault-during-multithread-keygen.patch - rng-performance.patch - Made the following packaging changes: - Implemented the shared library packaging guidelines. - Consolidated double invocation of %setup into just one. - Dropped redundant %ifarch, the package is already ExclusiveArch. - Updated descriptions. - Added an libica-rpmlintrc file. - Added the following two patches: - fix-segfault-during-multithread-keygen.patch (bsc#991485) - fix-msa-level-detection.patch (bsc#1010927) - Added rng-performance.patch (bsc#990850). - Updated baselibs.conf to obsolete prior versions of the 32bit package. (bsc#983897): provides "libica-<targettype> = <version>" obsoletes "libica-<targettype> < <version>" provides "libica-2_1_0-<targettype> = <version>" obsoletes "libica-2_1_0-<targettype> < <version>" provides "libica-2_3_0-<targettype> = <version>" obsoletes "libica-2_3_0-<targettype> < <version>" - Added fix-initialization-of-s390-hardware-switches-1.patch and fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548) - Upgraded to version 2.6.2 (FATE#319610). - Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to naming standards. - Found the original location of the icaioctl.h file and downloaded it to replace what we had previously. - Removed the unnecessary libica2.la file - Removed unnecessary Requires for glibc-devel - Added Requires libica2 to the -devel package - Converted call to configure to %configure macro - Removed obsolete and unnecessary INSROOT and bindir parameters from the make install command - Add Provides/Obsoletes for libica-2_3_0 so that the package from SLE12 GA is replaced (bsc#953096). - move the .so file to the mainpackage, the openssl-ibmca engine will only load "libica.so" (bsc#952871) - Update to libica v2.4.2 (FATE#318035) - Removed outdated libica-aes_ccm-31-bit-compatibility.patch - Moved init script into libica-SuSE.tar.bz2 archive - sanitize release line in specfile - Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root - Removed libica-SuSE.tar.bz2 - z90crypt now starts and stops ap kernel module (bnc#888943) - libica-aes_ccm-31-bit-compatibility.patch: AES_CCM: fixed 64/31 bit compatibility - add obsoletes and provides for older libica versions - update to 2.3.0 (fate#315342) - obsolete/upstreamed patches: libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch libica-2_1_0-msa4-extension.patch libica-2_1_0-synchronize_shared_memory_ref_counting.patch - Added COPYING to %files - Fixed build dependency errors by requiring autoconf, automake and libtool - Changed license to CPL-1.0 - Created devel package - Support for MSA4 extension (bnc#794518, fate#314078) - synchronize shared memory reference counting for library statistics (bnc#719659) - fix temporary buffer allocation in ica_get_version() (bnc#719660) - update -> 2.1.0 (fate#311914) - Moved icainfo into /usr/bin (bnc#448643) - obsolete old -XXbit packages (bnc#437293) - fix build on all platforms - Added CPL license to include/z90crypt.h, removed GPL reference (This patch is upstream) - Changed package name to libica-1_3_9 to conform to rpmlint requirements. (bnc#433432) - Removed soname filter for rpmlint - Several RPM fixes to help satisfy rpmlint - Updated to libica 1.3.9 - added baselibs.conf file to build xxbit packages for multilib support - remove inclusion of linux/config.h - z90crypt: handle errors (bug #247799) - Add gcc-c++ to BuildRequires. - fix build for the rest of platforms - Update to libica 1.3.7 (#160036 - LTC22571) - Increasing # of open handles with symmetric crypto support (#165323 - LTC23095) - converted neededforbuild to BuildRequires - include string.h and unistd.h in icalinux.c - Port package from SLES9 SP3 - Update to libica 1.3.6-rc3. - Close all filehandles (#130060 - LTC19221). - downgrade to libica 1.3.6-rc2 (contains AES software fallback, bug #117336) - Update to libica 1.3.6 (#117336) - fix implicit declaration - Changing the default value from 0 to -1 in rcz90crypt (#114371) - Finally fix 'reload' messages (#81824 - LTC15733). - Fix sigill patch. - Remove printf output from sigill patch (#81829 - LTC15731). - Use correct default value for z90crypt (#81825 - LTC15732). - Fix messages for 'reload' (#81824 - LTC15733). - Fixed SIGILL on z900 (#46422). - Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005). - Fix module loading error (#42006). - Add sysconfig variable to set the 'domain' parameter (#42005). - update -> 1.3.5-3 (bug #42122) - Update README.SuSE and correct name as well - Use modprobe instead of insmod and fix module load error(#40526) - Fix error checking for no hardware found case and hw error on load - Update Readme again for the correct name (SUSE LINUX Server). - Moved README.SuSE to README.SUSE. - Update Readme to refer to the correct name (SUSE Linux Server). - Update to 1.3.5-2 (#38511, #39693). - Update Readme to refer to SUSE Linux Server instead of SuSE Linux Enterprise Server. - Update to 1.3.5 - export CFLAGS & CPPFLAGS for configure - Exclude S/390-specific files for other archs (#37183) - add "-I./include" to CFLAGS and use RPM_OPT_FLAGS - fix build - build as user - update to 1.3.4 - update to 1.3.2 - update to 1.3.1: now supports DES, TDES and SHA, as well as RSA. - throw libica.patch away, since autoversion and Makefile.am have similar changes now, and the renaming from _LINUX_S390_ to __s390__ is not really necessary - use %defattr - checked that icaioctl.h is still current - dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone open source meanwhile and comes with the kernel sources - added documentation how to set up crypto hardware support, esp. S/390 and zSeries. (#16011, #22056) - upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5 actually work. (#20737) - Correct PreReq - fixed src/Makefile.am and ugly ./autoversion to honor %_lib and to build on non-s390 - updated to current libica - hacked in icaioctl.h for build, 'til we have the module in the kernel. - add %run_ldconfig - fix for current automake/autoconf - removed old fillup-template and START_ variable - modified etc/init.d/z90crypt-script to report result at start. - Added openssl to #neededforbuild, which is needed in addition to openssl-devel - initial version OBS-URL: https://build.opensuse.org/request/show/649054 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=28 |
||
Mark Post
|
455515e800 |
Accepting request 649045 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.3.3 (Fate#325690) * v3.3.3 [PATCH] Various bug fixes * v3.3.2 [PATCH] Skip ECC tests if required HW is not available [PATCH] Update spec file * v3.3.1 [PATCH] Fix configure.ac to honour CFLAGS * v3.3.0 [FEATURE] Add CEX supported elliptic-curve crypto interfaces [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces [FEATURE] Add interface to enable/disable SW fallbacks [FEATURE] Add 'make check' target, test-suite rework * v3.2.1 [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG. [PATCH] Various bug fixes. - Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch - Added "Obsoletes: libica-2_3_0" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1112655) - Added "Obsoletes: libica2" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638) - Removed COPYING from %files, since it is no longer in the tarball. - Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch (bsc#1103493). - Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756) - Updated boot.z90crypt script to fix a problem with the modprobe command not being found. (bsc#1040229). - Added "Recommends: libica-tools" (bsc#1046435). - Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) - Added "--enable-fips" to the %configure parms (Fate#324115) - Upgraded to version 3.2 (Fate#321517) * v3.2.0 [FEATURE] New AES-GCM interface. [UPDATE] Add symbol versioning. * v3.1.1 [PATCH] Various bug fixes related to old and new AES-GCM implementations. [UPDATE] Add SHA3 test cases. Improved and extended test suite. * v3.1.0 [FEATURE] Add KMA support for AES-GCM. [FEATURE] Add SHA-3 support. [PATCH] Reject RSA keys with invalid key-length. [PATCH] Allow zero output length for ica_random_number_generate. [PATCH] icastats: Correct owner of shared segment when root creates it. * Removed the following obsolete patches: libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch libica-3.0.2-03-fix-aes-ctr.patch libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567) - Added the following patches (bsc#1058567) - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch - libica-3.0.2-03-fix-aes-ctr.patch - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch - baselibs.conf doesn't need any additional provides/conflicts for libica3. - Update baselibs.conf with proper name for library package name, stop providing/obsoleting libica-2_1_0/libica-2_3-0. - Upgraded to version 3.0.2 (Fate#322025). - v3.0.2 - Fix locking callbacks for openSSL APIs. - v3.0.1 - Fixed msa level detection on zEC/BC12 GA1 and predecessors. - v3.0.0 - Added FIPS mode. - Sanitized exported symbols. - Removed deprecated APIs. Marked some APIs as deprecated. - Adapted to OpenSSL v1.1.0. - RSA key generation is thread-safe now. - Removed the following obsolete patches: - fix-initialization-of-s390-hardware-switches-1.patch - fix-initialization-of-s390-hardware-switches-2.patch - fix-msa-level-detection.patch - fix-segfault-during-multithread-keygen.patch - rng-performance.patch - Made the following packaging changes: - Implemented the shared library packaging guidelines. - Consolidated double invocation of %setup into just one. - Dropped redundant %ifarch, the package is already ExclusiveArch. - Updated descriptions. - Added an libica-rpmlintrc file. - Added the following two patches: - fix-segfault-during-multithread-keygen.patch (bsc#991485) - fix-msa-level-detection.patch (bsc#1010927) - Added rng-performance.patch (bsc#990850). - Updated baselibs.conf to obsolete prior versions of the 32bit package. (bsc#983897): provides "libica-<targettype> = <version>" obsoletes "libica-<targettype> < <version>" provides "libica-2_1_0-<targettype> = <version>" obsoletes "libica-2_1_0-<targettype> < <version>" provides "libica-2_3_0-<targettype> = <version>" obsoletes "libica-2_3_0-<targettype> < <version>" - Added fix-initialization-of-s390-hardware-switches-1.patch and fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548) - Upgraded to version 2.6.2 (FATE#319610). - Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to naming standards. - Found the original location of the icaioctl.h file and downloaded it to replace what we had previously. - Removed the unnecessary libica2.la file - Removed unnecessary Requires for glibc-devel - Added Requires libica2 to the -devel package - Converted call to configure to %configure macro - Removed obsolete and unnecessary INSROOT and bindir parameters from the make install command - Add Provides/Obsoletes for libica-2_3_0 so that the package from SLE12 GA is replaced (bsc#953096). - move the .so file to the mainpackage, the openssl-ibmca engine will only load "libica.so" (bsc#952871) - Update to libica v2.4.2 (FATE#318035) - Removed outdated libica-aes_ccm-31-bit-compatibility.patch - Moved init script into libica-SuSE.tar.bz2 archive - sanitize release line in specfile - Moved z90crypt out of useless libica-SuSE.tar.bz2 tarball to root - Removed libica-SuSE.tar.bz2 - z90crypt now starts and stops ap kernel module (bnc#888943) - libica-aes_ccm-31-bit-compatibility.patch: AES_CCM: fixed 64/31 bit compatibility - add obsoletes and provides for older libica versions - update to 2.3.0 (fate#315342) - obsolete/upstreamed patches: libica-2_1_0-fix_temporary_buffer_allocation_in_ica_get_version.patch libica-2_1_0-msa4-extension.patch libica-2_1_0-synchronize_shared_memory_ref_counting.patch - Added COPYING to %files - Fixed build dependency errors by requiring autoconf, automake and libtool - Changed license to CPL-1.0 - Created devel package - Support for MSA4 extension (bnc#794518, fate#314078) - synchronize shared memory reference counting for library statistics (bnc#719659) - fix temporary buffer allocation in ica_get_version() (bnc#719660) - update -> 2.1.0 (fate#311914) - Moved icainfo into /usr/bin (bnc#448643) - obsolete old -XXbit packages (bnc#437293) - fix build on all platforms - Added CPL license to include/z90crypt.h, removed GPL reference (This patch is upstream) - Changed package name to libica-1_3_9 to conform to rpmlint requirements. (bnc#433432) - Removed soname filter for rpmlint - Several RPM fixes to help satisfy rpmlint - Updated to libica 1.3.9 - added baselibs.conf file to build xxbit packages for multilib support - remove inclusion of linux/config.h - z90crypt: handle errors (bug #247799) - Add gcc-c++ to BuildRequires. - fix build for the rest of platforms - Update to libica 1.3.7 (#160036 - LTC22571) - Increasing # of open handles with symmetric crypto support (#165323 - LTC23095) - converted neededforbuild to BuildRequires - include string.h and unistd.h in icalinux.c - Port package from SLES9 SP3 - Update to libica 1.3.6-rc3. - Close all filehandles (#130060 - LTC19221). - downgrade to libica 1.3.6-rc2 (contains AES software fallback, bug #117336) - Update to libica 1.3.6 (#117336) - fix implicit declaration - Changing the default value from 0 to -1 in rcz90crypt (#114371) - Finally fix 'reload' messages (#81824 - LTC15733). - Fix sigill patch. - Remove printf output from sigill patch (#81829 - LTC15731). - Use correct default value for z90crypt (#81825 - LTC15732). - Fix messages for 'reload' (#81824 - LTC15733). - Fixed SIGILL on z900 (#46422). - Fixed range for 'domain' parameter in sysconfig.z90crypt (#42005). - Fix module loading error (#42006). - Add sysconfig variable to set the 'domain' parameter (#42005). - update -> 1.3.5-3 (bug #42122) - Update README.SuSE and correct name as well - Use modprobe instead of insmod and fix module load error(#40526) - Fix error checking for no hardware found case and hw error on load - Update Readme again for the correct name (SUSE LINUX Server). - Moved README.SuSE to README.SUSE. - Update Readme to refer to the correct name (SUSE Linux Server). - Update to 1.3.5-2 (#38511, #39693). - Update Readme to refer to SUSE Linux Server instead of SuSE Linux Enterprise Server. - Update to 1.3.5 - export CFLAGS & CPPFLAGS for configure - Exclude S/390-specific files for other archs (#37183) - add "-I./include" to CFLAGS and use RPM_OPT_FLAGS - fix build - build as user - update to 1.3.4 - update to 1.3.2 - update to 1.3.1: now supports DES, TDES and SHA, as well as RSA. - throw libica.patch away, since autoversion and Makefile.am have similar changes now, and the renaming from _LINUX_S390_ to __s390__ is not really necessary - use %defattr - checked that icaioctl.h is still current - dump the bin-only z90crypt-2.4.7-s390-2.tar.gz which has gone open source meanwhile and comes with the kernel sources - added documentation how to set up crypto hardware support, esp. S/390 and zSeries. (#16011, #22056) - upgraded to version 1.2 as requested by IBM to make openCryptoki 1.5 actually work. (#20737) - Correct PreReq - fixed src/Makefile.am and ugly ./autoversion to honor %_lib and to build on non-s390 - updated to current libica - hacked in icaioctl.h for build, 'til we have the module in the kernel. - add %run_ldconfig - fix for current automake/autoconf - removed old fillup-template and START_ variable - modified etc/init.d/z90crypt-script to report result at start. - Added openssl to #neededforbuild, which is needed in addition to openssl-devel - initial version OBS-URL: https://build.opensuse.org/request/show/649045 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=27 |
||
Mark Post
|
d17a6d5639 |
Accepting request 643794 from home:markkp:branches:devel:openSUSE:Factory
- Added "Obsoletes: libica-2_3_0" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1112655) OBS-URL: https://build.opensuse.org/request/show/643794 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=25 |
||
Mark Post
|
6802c716ca |
Accepting request 635068 from home:markkp:branches:devel:openSUSE:Factory
- Added "Obsoletes: libica2" to the libica-tools package to fix a problem with upgrading from SLES12 SP2 to either SLES12 SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638) OBS-URL: https://build.opensuse.org/request/show/635068 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=23 |
||
Mark Post
|
30d9261e6c |
Accepting request 597615 from home:markkp:branches:devel:openSUSE:Factory
- Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756) - Updated boot.z90crypt script to fix a problem with the modprobe command not being found. (bsc#1040229). - Added "Recommends: libica-tools" (bsc#1046435). OBS-URL: https://build.opensuse.org/request/show/597615 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=21 |
||
Mark Post
|
5a3a4b6298 |
Accepting request 544827 from home:RBrownSUSE:branches:devel:openSUSE:Factory
Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468) OBS-URL: https://build.opensuse.org/request/show/544827 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=19 |
||
Mark Post
|
37989d1316 |
Accepting request 531453 from home:markkp:branches:devel:openSUSE:Factory
- Added "--enable-fips" to the %configure parms (Fate#324115) OBS-URL: https://build.opensuse.org/request/show/531453 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=17 |
||
Mark Post
|
9e8e45a218 |
Accepting request 530009 from home:markkp:branches:devel:openSUSE:Factory
- Upgraded to version 3.2 (Fate#321517) * v3.2.0 [FEATURE] New AES-GCM interface. [UPDATE] Add symbol versioning. * v3.1.1 [PATCH] Various bug fixes related to old and new AES-GCM implementations. [UPDATE] Add SHA3 test cases. Improved and extended test suite. * v3.1.0 [FEATURE] Add KMA support for AES-GCM. [FEATURE] Add SHA-3 support. [PATCH] Reject RSA keys with invalid key-length. [PATCH] Allow zero output length for ica_random_number_generate. [PATCH] icastats: Correct owner of shared segment when root creates it. * Removed the following obsolete patches: libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch libica-3.0.2-03-fix-aes-ctr.patch libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch OBS-URL: https://build.opensuse.org/request/show/530009 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=15 |
||
Mark Post
|
d2f5998194 |
- libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
- Added the following patches (bsc#1058567) - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch - libica-3.0.2-03-fix-aes-ctr.patch - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=13 |
||
Mark Post
|
e301b1f452 |
Accepting request 500422 from home:fcrozat:branches:devel:openSUSE:Factory
- baselibs.conf doesn't need any additional provides/conflicts for libica3. OBS-URL: https://build.opensuse.org/request/show/500422 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=11 |
||
Mark Post
|
3383a96283 |
Accepting request 498393 from home:fcrozat:branches:devel:openSUSE:Factory
- Update baselibs.conf with proper name for library package name, stop providing/obsoleting libica-2_1_0/libica-2_3-0. OBS-URL: https://build.opensuse.org/request/show/498393 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=10 |
||
OBS User buildservice-autocommit
|
e50cc9e503 |
Accepting request 494492 from devel:openSUSE:Factory
baserev update by copy to link target OBS-URL: https://build.opensuse.org/request/show/494492 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=8 |
||
OBS User buildservice-autocommit
|
18a9517abb |
Updating link to change in openSUSE:Factory/libica revision 2.0
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=dad636625f9a6a121584f3c3911a9d1c |
||
Mark Post
|
212edc1c22 |
- Update baselibs.conf with proper name for library package name.
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=7 |
||
Mark Post
|
910ea538d2 |
Accepting request 493816 from openSUSE:Factory:zSystems
Upgrade to version 3.0.2 per Fate#322025. OBS-URL: https://build.opensuse.org/request/show/493816 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=3 |
||
Stephan Kulow
|
053908a9ac |
Accepting request 484290 from openSUSE:Factory:zSystems
Major rework of package to conform to shared library policy, including being renamed from libica2 to libica. Additional bugfixes from previous version. Please also make me the maintainer of the package. OBS-URL: https://build.opensuse.org/request/show/484290 OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory/libica?expand=0&rev=1 |