pool/tpm2-pkcs11
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
tpm2-pkcs11/tpm2-pkcs11.changes
Alberto Planas Dominguez 878388cbc8 - Enable unit testing 
- Update to 1.9.1
  + Fixed
    * configure:
      Change mistaken += to =.
      use user supplied --prefix even when p11kit is detected.
    * Remove warning about unable to find FAPI when it's is not-compiled in and not chosen as the beckend.
    * Fix memory leaks in tpm_create_transient_primary_from_template.
    * Fix NULL pointer dereference in db.c on uses of CKA_ALLOWED_MECHANISMS.
    * Fix offset miscalculation in FAPI backend that was corrupting data.
    * Support CKM_ECDH1_DERIVE via C_DeriveKey.
    * Fix usages of tpm2-ptool for its wrapped tpm2_ptool in tests.
    * Fix failing db upgrades on double conversion to int.
    * Fix db lock file due to missing parenthesis and order of operations.
    * documentation:
      Fix use of objects where tokens was meant.
  + Changed
    * --enable-fapi to --with-fapi. Note this is not a major version bump as its internal to builders only. However --enable-fapi left in place for backwards compat.
  + Add maintainer public key:
    tpm2-pkcs11.keyring

OBS-URL: https://build.opensuse.org/package/show/security/tpm2-pkcs11?expand=0&rev=18
2024-12-12 13:14:38 +00:00

168 lines
7.1 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Thu Dec 12 12:37:19 UTC 2024 - Lucas Mulling <lucas.mulling@suse.com>
- Enable unit testing
-------------------------------------------------------------------
Wed Dec 11 16:38:18 UTC 2024 - Lucas Mulling <lucas.mulling@suse.com>
- Update to 1.9.1
+ Fixed
* configure:
Change mistaken += to =.
use user supplied --prefix even when p11kit is detected.
* Remove warning about unable to find FAPI when it's is not-compiled in and not chosen as the beckend.
* Fix memory leaks in tpm_create_transient_primary_from_template.
* Fix NULL pointer dereference in db.c on uses of CKA_ALLOWED_MECHANISMS.
* Fix offset miscalculation in FAPI backend that was corrupting data.
* Support CKM_ECDH1_DERIVE via C_DeriveKey.
* Fix usages of tpm2-ptool for its wrapped tpm2_ptool in tests.
* Fix failing db upgrades on double conversion to int.
* Fix db lock file due to missing parenthesis and order of operations.
* documentation:
Fix use of objects where tokens was meant.
+ Changed
* --enable-fapi to --with-fapi. Note this is not a major version bump as its internal to builders only. However --enable-fapi left in place for backwards compat.
+ Add maintainer public key:
tpm2-pkcs11.keyring
-------------------------------------------------------------------
Thu May 18 15:29:46 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
- Merge subpackages lib and devel into the main one
-------------------------------------------------------------------
Thu Feb 16 15:21:43 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
- Update to 1.9.0
+ Fixed
* Fix autoconf invocation on a release tarball not being a git
repo for VERSION. VERSION file now generated and packaged as
part of the release tarball from the git version information.
* Fix TPM2_PKCS11_OWNER_AUTH not being used when a persistent SRK
is needed in the C_InitToken path.
* During an upgrade of the database to version 4, the config key
'persistent' is added instead of 'transient', causing KeyError
when using the upgraded database.
* Leave the original db on upgrade failure, a bug caused the
original db to be unlinked not the upgraded db.
* A bug prevented the use of CreateLoaded if the TPM supports the
command.
* A bug when creating keys through the PKCS11 interface (not
tpm2-ptool), the attributes for CKA_ALLOWED_MECHANISMS were
encoded as a hex string and not a sequence of ints within the
YAML. Correcting this will trigger a db upgrade to 8
+ Added
* Env varibale PKCS11_SQL_LOCK to allow setting a lock directory,
eg for temprary directory so lock files do not persist across
reboots.
-------------------------------------------------------------------
Fri Jul 8 12:23:01 UTC 2022 - Alberto Planas Dominguez <aplanas@suse.com>
- Update to 1.8.0
+ Fixed
* Fix GetRandom Memory Leak
* Fix some spelling mistakes
* Fix unit test test_parser
* Fix importing of RSA private key through pkcs11 interface should
fail.
* Fix ECDSA signature length calculation.
* Fix memory leak of tokens.
* Fix suspicious sizeof usage in _str_padded_copy
* Fix encoding errors when importing a certificate into the pkcs11
store.
* Fix try/finally scope issues in tpm2_ptool.
* Fix, an OOB access in db upgrade path.
* Fix ECDSA length calculation that was causing issues with Mutual
TLS in Firefox and Chrome.
+ Changed
* remove unused macro set_safe_rc
+ Added
* Add support for OpenSSL 3. Note that calls through engine are no
longer supported on OpenSSL3.
* Add tpm2_ptool export commandlet for exporting token keys into
PEM and TPM blob format.
- Add new dependencies to PyYAML, cryptography, pyasn1 and tpm2-pytss
-------------------------------------------------------------------
Sat Feb 26 14:12:48 UTC 2022 - Callum Farmer <gmbr3@opensuse.org>
- Use hardlinks in %fdupes for python files
-------------------------------------------------------------------
Wed Oct 20 10:48:58 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
- Add keyring & use source verification
-------------------------------------------------------------------
Wed Oct 20 09:58:09 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
- Update to 1.7.0
+ DB Schema Change from 5 to 7.
* Backup your DB before upgrading
+ Fixed compilation issues with GCC11.
+ Fixed errors on releases due to newer compilers from failing by
only adding -Werror for non-release builds.
+ Fixed error message when the DB is too new in tpm2_ptool.
+ Added support for tpm2_ptool import with ssh-keygen format
keys. Note: Requires cryptography >= 3.0.
+ Changed default long level from error to warning.
+ Added better error message for FAPI backend errors along with
docs/FAPI.md document.
+ Changed tpm2_ptool make --algorithm optional.
+ Fixed error message of wrong attribute name on expected attribute
check to be false.
+ Added support for ECDSA 256, 384 and 512.
+ Fixed a bug in the Python code DB upgrade path from 4 to 5 where
it didn't add AES mode CTR to CKA_ALLOWED_MECHANISMS.
+ Added tpm2_ptool support for ECC key size 192.
+ Added support passwordless login for tokens, ie not setting
CKF_LOGIN_REQUIRED.
+ Fixed Running integration tests when Java version has the -ea,
like on Debian 11 and OpenJDK 17.
+ Added support for HMAC keys using tpm2_ptool and the C_Sign and
C_Verify interfaces. The following interfaces in ptool have
support:
* addkey: previous working versions of tpm2-tools will support
this.
* link: previous working versions of tpm2-tools will support this.
* import: requires tpm2-tools 5.2+ for support.
+ Fixed leaking of temp file descriptors in tpm2_ptool.
+ Fixed wrong free in tpm code, should use Esys_Free.
+ Fixed a space formatting issue in tpm2_ptool verify.
+ Fixed leaked file descriptor in tpm2_ptool.
+ Fixed a few suspicious sizeof usages in str_padded_copy
+ Fixed a memory leak of the token list on a failure condition in
initialization.
-------------------------------------------------------------------
Sun Aug 22 11:04:39 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Use definite tense in %description.
-------------------------------------------------------------------
Sat Aug 21 13:32:30 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
- Build and install python tools
-------------------------------------------------------------------
Fri Aug 20 17:59:05 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
- Clean spec file
- Use better source URL
- Split library
- Don't package .la files
- Create store directory
- Move devel library to devel subpackage
-------------------------------------------------------------------
Wed Sep 9 10:05:02 UTC 2020 - Alexander Evseev <aevseev@gmail.com> - 1.4.0
- New upstream version - 1.4.0
-------------------------------------------------------------------
Mon Aug 3 14:19:30 UTC 2020 - Alexander Evseev <aevseev@gmail.com> - 1.3.1
- First build. Version - 1.3.1
Reference in New Issue View Git Blame Copy Permalink