Compare commits
2 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| 385978d731 | |||
| a4136eb6b0 |
@@ -1,5 +1,5 @@
|
||||
--- a/Makefile.am 2025-06-10 08:52:39.000000000 +0200
|
||||
+++ b/Makefile.am 2025-06-16 12:25:31.040661532 +0200
|
||||
--- a/Makefile.am 2025-11-11 08:58:19.000000000 +0100
|
||||
+++ b/Makefile.am 2025-11-12 10:21:00.563936369 +0100
|
||||
@@ -51,19 +51,9 @@
|
||||
include doc/doc.mk
|
||||
|
||||
BIN
openCryptoki-3.25.0.tar.gz
LFS
BIN
openCryptoki-3.25.0.tar.gz
LFS
Binary file not shown.
BIN
openCryptoki-3.26.0.tar.gz
LFS
Normal file
BIN
openCryptoki-3.26.0.tar.gz
LFS
Normal file
Binary file not shown.
@@ -1,5 +1,45 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 7 15:12:38 UTC 2025 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
Wed Nov 12 09:04:02 UTC 2025 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Upgrade openCryptoki to 3.26
|
||||
* Soft: Add support for RSA keys up to 16K bits.
|
||||
* CCA: Add support for RSA keys up to 8K bits (requires CCA v8.4 or v7.6 or later).
|
||||
* p11sak: Add support for generating RSA keys up to 16K bits.
|
||||
* Soft/ICA: Add support for SHA512/224 and SHA512/256 key derivation mechanism (CKM_SHA512_224_KEY_DERIVATION and CKM_SHA512_256_KEY_DERIVATION).
|
||||
* Soft/ICA/CCA/EP11: Add support for SHA-HMAC key types CKK_SHAxxx_HMAC and key gen mechanisms CKM_SHAxxx_KEY_GEN.
|
||||
* p11sak: Add support for SHA-HMAC key types and key generation.
|
||||
* p11sak: Add support for key wrap and unwrap commands to export and import private and secret keys by means of key wrapping/unwrapping
|
||||
with various key wrapping mechanism.
|
||||
* p11kmip: Add support for using an HSM-protected TLS client key via a PKCS#11 provider.
|
||||
* p11sak: Add support for exporting non-sensitive private keys to password protected PEM files.
|
||||
* Add support for canceling an operation via NULL mechanism pointer at C_XxxInit() call as an alternative to C_SessionCancel() (PKCS#11 v3.0).
|
||||
* EP11: Add support for pairing friendly BLS12-381 EC curve for sign/verify using CKM_IBM_ECDSA_OTHER and signature/public key aggregation using CKM_IBM_EC_AGGREGATE.
|
||||
* p11sak: Add support for generating BLS12-381 EC keys.
|
||||
* EP11: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires an EP11 host library v4.2 or later, and
|
||||
a CEX8P crypto card with firmware v9.6 or later on IBM z17, and v8.39 or later on IBM z16).
|
||||
* CCA: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires CCA v8.4 or later).
|
||||
* Soft: Add support for IBM-specific ML-DSA and ML-KEM key types and mechanisms (requires OpenSSL 3.5 or later, or the OQS-provider must be configured).
|
||||
* p11sak: Add support for IBM-specific ML-DSA and ML-KEM key types.
|
||||
* Bug fixes.
|
||||
- Removed obsolete patches
|
||||
* ocki-3.25-remove-make-install-chgrp.patch
|
||||
* ocki-3.25-PKCSSLOTD-Remove-the-use-of-MD5.patch
|
||||
- Applied a new patch for version 3.26
|
||||
* ocki-3.26-remove-make-install-chgrp.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 14 04:56:04 UTC 2025 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Applied a patch (bsc#1248002)
|
||||
* ocki-3.25-PKCSSLOTD-Remove-the-use-of-MD5.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 29 07:27:20 UTC 2025 - Andreas Schwab <schwab@suse.de>
|
||||
|
||||
- Add riscv64 to openCryptoki_64bit_arch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 16 09:43:23 UTC 2025 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Upgrade openCryptoki to version 3.25 (jsc#PED-3361)
|
||||
* Updates/add supports
|
||||
@@ -23,17 +63,17 @@ Mon Jul 7 15:12:38 UTC 2025 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
- ocki-3.24-remove-group-from-tests.patch
|
||||
- ocki-3.24-remove-make-install-chgrp.patch
|
||||
* Applied a new patch for version 3.25
|
||||
- ocki-3.25-remove-make-install-chgrp.patch
|
||||
* Bug fixes
|
||||
- ocki-3.25-remove-make-install-chgrp.patch
|
||||
* Bug fixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 11 07:35:28 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
Wed Dec 11 07:25:11 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Moved pkcshsm_mk_change from openCryptoki-devel to openCryptoki
|
||||
(jsc#PED-10291, jsc#PED-10290)
|
||||
- Moved pkcshsm_mk_change from openCryptoki-devel to openCryptoki
|
||||
(jsc#PED-10291, jsc#PED-10290)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 10 08:13:46 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
Tue Dec 10 07:08:59 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Amended the .spec file (jsc#PED-10291, jsc#PED-10290)
|
||||
* Changed attributes - %attr(0640,root,%{pkcs_group}) - of files below:
|
||||
@@ -41,7 +81,7 @@ Tue Dec 10 08:13:46 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
- %{_sysconfdir}/opencryptoki/p11sak_defined_attrs.conf
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 25 11:42:14 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
Thu Nov 21 10:42:00 UTC 2024 - Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
|
||||
|
||||
- Amended the .spec file (jsc#PED-10291, jsc#PED-10290)
|
||||
- Improved handling of user/group. use existing user/group if they
|
||||
@@ -1333,4 +1373,3 @@ Tue Feb 5 11:01:16 CET 2002 - froh@suse.de
|
||||
Wed Jan 30 16:20:48 CET 2002 - froh@suse.de
|
||||
|
||||
- initial version
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package openCryptoki
|
||||
#
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -19,7 +19,7 @@
|
||||
%define openCryptoki_32bit_arch %{ix86} s390 ppc %{arm}
|
||||
# support in the workings for: ppc64
|
||||
# no support in sight for: ia64
|
||||
%define openCryptoki_64bit_arch s390x ppc64 ppc64le x86_64 aarch64
|
||||
%define openCryptoki_64bit_arch s390x ppc64 ppc64le x86_64 aarch64 riscv64
|
||||
# autobuild:/work/cd/lib/misc/group
|
||||
# openCryptoki pkcs11:x:64:
|
||||
%define pkcs11_group_id 64
|
||||
@@ -27,7 +27,7 @@
|
||||
%define oc_cvs_tag opencryptoki
|
||||
|
||||
Name: openCryptoki
|
||||
Version: 3.25.0
|
||||
Version: 3.26.0
|
||||
Release: 0
|
||||
Summary: An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware
|
||||
License: CPL-1.0
|
||||
@@ -39,8 +39,7 @@ Source2: openCryptoki-TFAQ.html
|
||||
Source3: openCryptoki-rpmlintrc
|
||||
# Patch 0 is needed because group pkcs11 doesn't exist in the build environment
|
||||
# and because we don't want(?) various file and directory permissions to be 0700.
|
||||
Patch000: ocki-3.25-remove-make-install-chgrp.patch
|
||||
#
|
||||
Patch000: ocki-3.26-remove-make-install-chgrp.patch
|
||||
#
|
||||
BuildRequires: bison
|
||||
BuildRequires: dos2unix
|
||||
@@ -326,6 +325,10 @@ ln -sf %{_libdir}/opencryptoki/libopencryptoki.so %{_prefix}/lib/pkcs11/PKCS11_A
|
||||
%{_libdir}/opencryptoki/stdll/libpkcs11_cca.so
|
||||
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_CCA.so
|
||||
%endif
|
||||
%ifnarch i586
|
||||
%{_libdir}/opencryptoki/stdll/libpkcs11_cca.so
|
||||
%endif
|
||||
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_CCA.so
|
||||
%{_libdir}/opencryptoki/stdll/libpkcs11_tpm.so
|
||||
%ghost %{_libdir}/opencryptoki/stdll/PKCS11_TPM.so
|
||||
%{_libdir}/opencryptoki/stdll/libpkcs11_sw.so
|
||||
|
||||
Reference in New Issue
Block a user