- Update to version 2.8.0

Most notable new features:
  * Support for SHA3.
  * Name the MS CryptographicServiceProvider in the comment.
  * OpenSSL PURPOSE and validation results in the certificate
    details.
  * Support UniveralPrincipalName (UPN) and NameConstraints.
  * Support JSON Web Key (JWK) export format.
  * Hide unusable (expired / revoked) certificates.
  Full changelog
  * https://hohnstaedt.de/xca-doc/html/changelog.html#xca-2-8-0-sun-oct-13-2024
- Drop patch:
  * xca-desktop.patch

OBS-URL: https://build.opensuse.org/package/show/security/xca?expand=0&rev=35

.gitattributes

@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text

.gitignore

@@ -0,0 +1 @@
+.osc

xca-2.6.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:55a39f22eabadcce4532ebfcf07f796372bdb0d323720db6b6e0deaf267b1709
+size 1870446

xca-2.7.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:15ff6fbe4c004ac2ad18885ab35ae6940364a8246d5fe8562a41312fe45ec15e
+size 1888329

xca-2.8.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:87955987ad6e05ba3dcac826cd22f7d9cedf00e4a409a1931e94e5347e79a7d0
+size 1952653

xca-desktop.patch

@@ -0,0 +1,11 @@
+Index: xca-2.7.0/misc/xca.desktop
+===================================================================
+--- xca-2.7.0.orig/misc/xca.desktop
++++ xca-2.7.0/misc/xca.desktop
+@@ -15,5 +15,5 @@ Comment[it]=Interfaccia grafica per gene
+ Exec=xca %F
+ Icon=de.hohnstaedt.xca
+ Terminal=false
+-Categories=Application;Utility;Qt;
++Categories=Utility;DesktopUtility;
+ MimeType=application/x-xca-database;application/x-xca-template;application/x-x509-ca-cert;application/pkcs10;application/x-pkcs7-certificates;application/x-pkcs12;

xca.changes

@@ -0,0 +1,560 @@
+-------------------------------------------------------------------
+Sun Oct 13 15:24:38 UTC 2024 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.8.0
+  Most notable new features:
+  * Support for SHA3.
+  * Name the MS CryptographicServiceProvider in the comment.
+  * OpenSSL PURPOSE and validation results in the certificate
+    details.
+  * Support UniveralPrincipalName (UPN) and NameConstraints.
+  * Support JSON Web Key (JWK) export format.
+  * Hide unusable (expired / revoked) certificates.
+  Full changelog
+  * https://hohnstaedt.de/xca-doc/html/changelog.html#xca-2-8-0-sun-oct-13-2024
+- Drop patch:
+  * xca-desktop.patch
+
+-------------------------------------------------------------------
+Thu Sep  5 09:04:30 UTC 2024 - Andrea Manzini <andrea.manzini@suse.com>
+
+- version update to 2.7.0
+  * Database Schema changed and is not backwards-compatible. Backup your database.
+  * Drivers for SQL Servers must be installed separately since 2.5.0
+  * full changelog at https://hohnstaedt.de/xca-doc/html/changelog.html#xca-2-7-0-tue-aug-27-2024
+
+- switched to QT6
+- added fdupes to handle duplicate files during package build
+
+-------------------------------------------------------------------
+Thu Apr  4 13:18:04 UTC 2024 - ecsos <ecsos@opensuse.org>
+
+- Fix build error in Leap.
+
+-------------------------------------------------------------------
+Wed Apr  3 11:43:34 UTC 2024 - pgajdos@suse.com
+
+- version update to 2.6.0
+  * Export certificates for ovpn file
+  * SHA1 based MAC for PKCS12
+  * Support legacy keys
+    and automatically transform them if possible.
+  * Renew Certificate freeze XCA
+  * paste an encrypted private key results in a crash
+  * Fix crash when deleting CA certificates
+  * add flatpak build information and github action
+  * Subject Alternative Name not filled by all CN
+  * Improve import: Finish multi import when empty
+  * Add File extensions in Info.plist supported by XCA
+  * Quick view of certificates without trying to open XCA
+  * pass private key password
+  * Export PEM + Key in one File
+  * Impossible to import PKCS#12 (RC40_CBC)
+  * Make XCA AppStore compliant with -DAPPSTORE_COMPLIANT=ON
+- modified patches
+  % xca-desktop.patch (refreshed)
+
+-------------------------------------------------------------------
+Thu Nov 16 07:58:48 UTC 2023 - ecsos <ecsos@opensuse.org>
+
+- Fix build error in Leap.
+
+-------------------------------------------------------------------
+Fri Oct 20 13:38:18 UTC 2023 - Jonathan Brielmaier <jbrielmaier@opensuse.org>
+
+- Update to version 2.5.0:
+  * Multiple bug fixes
+  * Add Bulgarian, Indonesian and Persian translation
+  * Switch from autotools/qmake to cmake
+  * Add support for Qt6 and OpenSSL 3.x
+  * Drop support for Qt4
+  * Drop support for old XCA < 2.0.0 databases
+  * Drop support for OpenSSL < 1.1.0
+- Switch to cmake build system
+- Update URL
+- VERSION file got renamed to VERSION.txt
+- Improve Supplements syntax to conform with linter
+- Set buildrequires again to openssl as openSSL 3 is now supported
+
+-------------------------------------------------------------------
+Mon Feb 20 11:07:45 CET 2023 - ro@suse.de
+
+- change buildrequires for openssl on factory to use openssl-1.1
+  openSSL 3 is not supported in xca-2.4.0 yet
+
+-------------------------------------------------------------------
+Thu May 13 19:22:56 UTC 2021 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.4.0
+  * Unify XCA icon (certificate) on all platforms
+  * Add Microsoft BitLocker extended key usage
+  * Disregard OpenSSL 0.9.8 compatibility
+  * Add bash completion script
+  * Add context sensitive help
+  * Convert documentation from linuxdoc/SGML to sphinxdoc
+  * Close #258: xca aborts on exit and on access to own templates
+  * Close #142: Support Ed25519 Import / Export private SSH2 key
+  * Close #142: Support Ed25519: Key-generation, import, export
+  * Close #251: AuthorityKeyIdentifier: use issuer:always
+  * Change language maintainer of brazilian portuguese
+  * Close #230: Change PKCS12 export extension from .p12 to .pfx
+  * Close #208: XCA hung when importing EC keys. For example prime256v1
+  * Close #210: Make dialog to edit SAN less strict
+  * Close #224: Store original path/filename on import
+  * Close #213: configure.ac: add description to AC_DEFINE_UNQUOTED
+  * Close #172 #46: Multiple OCSP Responders
+  * Store default database and recently opened file as UTF8
+  * Close #157 Generate and export CRLs from commandline
+  * Add command line support for creating CRLs, keys and analyzing items
+- Drop patch:
+  * xca-configure.patch (not longer needed)
+
+-------------------------------------------------------------------
+Sun Jul 26 17:08:49 UTC 2020 - chris@computersalat.de
+
+- xca 2.3.0 Wed Apr 29 2020
+
+ * Close #191 OID LN differs warning popups at startup
+ * Close #189 Database compaction #189
+ * Improve PKCS11 library loading for portable app
+ * Refactor native separators / and \ on windows.
+ * Support TLS encrypted MariaDB and PostgreSQL connection
+ * Close #182: UI not using Windows native theme in 2.2.1 portable
+ * Close #70: cant open ics file in ical on macos mojave
+ * Close #72: Add checkbox for OCSP staple feature
+ * Use DESTDIR instead of destdir when installing. Follows autotools convention.
+ * Close #172 #46: Multiple OCSP Responders
+ * Close #170 xca-portable-2.2.1 cannot change language
+ * Fix certificate assignment when importing a CA certificate
+ * Close #163: Show key type/size on column of Certificates tab
+- rebase patches
+
+-------------------------------------------------------------------
+Thu Jan 30 21:11:18 UTC 2020 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.2.1
+  * This is a patch release, fixing Issue #159: "Opening existing
+    database" which prevented the current version opening databases
+    of XCA 2.1.2
+
+-------------------------------------------------------------------
+Wed Jan 29 22:19:09 UTC 2020 - Martin Hauke <mardnh@gmx.de>
+
+- Update to version 2.2.0
+  * Most notable improvements:
+    + Support concurrent database access
+    + Support ODBC database driver
+  A detailled changelog can be found here:
+  http://hohnstaedt.de/xca/index.php/software/changelog
+
+-------------------------------------------------------------------
+Mon Jan 20 20:13:34 UTC 2020 - Martin Hauke <mardnh@gmx.de>
+
+- Run spec-cleaner
+
+-------------------------------------------------------------------
+Mon Feb  4 14:02:49 UTC 2019 - Ismail Dönmez <idonmez@suse.com>
+
+- Cleanup spec file
+- Use Qt5
+- Refresh patches
+
+-------------------------------------------------------------------
+Tue Jan 22 14:26:00 UTC 2019 - liedke@rz.uni-mannheim.de
+
+-Update to 2.1.2
+  * Close #40 macOS: Crash after xca v2.0.1 quit
+  * Close #37: XCA 2: EVP_DecryptFinal_ex:bad decrypt
+  * Close #74: Exiting XCA 2.1.1 corrupts database
+  * Make PKCS11 libs, working dir and main-window size host-dependent
+  * Support for XCA as portable App
+  * Close #69 Library not loaded: @rpath/ contains local directory
+  * Close #60: Fix MacOSX 2.1.1 binary
+  * Add new maintained languages: Polish, Spanish, Portuguese
+
+-Update to 2.1.1
+  * Allow manual override of the CSR signed flag
+  * Close #56: Duplicate Serials after Upgrade 2.1.0
+  * Close #57: SAN IP not working in 2.1.0
+  * Close #55: Calculate "CSR signed" information from legacy database
+  * Close #55: Add Certificate counter column for CSR
+  * Fix slovak translation
+  * Close #50: Hang while importing 1.4.1 database into 2.1.0
+
+-Update to 2.1.0
+  * Close #48: The SKI tickbox isn't generating an SKI extension for CSRs
+  * Fix translation of dates
+  * Add private key icon to the key name
+  * Inspired by #42: display dates relative (seconds ago, yesterday, ...)
+    while column ordering is still strict by age. The ToolTip shows date
+    and time.
+  * Related to #39: Dynamically adjust explicit DN entries
+  * Close #39: Subject entries shuffled
+  * Close #36: Support adding CN to X509v3 SAN automatically
+  * Close #35: Configurable size of serial number.
+  * Close #34: Improve Mac OSX installation
+  * Close #27: Configurable certificate expiry warning threshold
+  * Generate calender (.ics) files for certificate and CRL expiries
+
+-Update to 2.0.1
+  * Close #32: Version field contains "Created by Qt/QMake" on MacOSX
+  * Review and update russian ltranslation
+  * Close #31: Closing certificate details window toggles tree folding
+  * Close #25: Certificates are no longer coloured
+  * Close #24: Add LibreSSL support. Tested with LibreSSL 2.7.2
+  * Close #23: Improve limiting to pattern in certificate tree view
+  * Close #20: Unable to chose remote database type (dropdown empty)
+  * Close #19: Replace 3DES encryption by AES-256 during key export 
+
+-Update to 2.0.0
+  * Open database before starting a transaction
+  * Fix default hash during startup
+  * Fix Importing PKCS#12 and PKCS#7 files
+  * Improve automatic setting of the certificate internal name
+  * Don't use remote DB descriptor as local database filename proposal
+  * Usability: Preset remote database input values with previous ones
+  * Add another missing windows postgres library
+  * xca 2.0.0-pre04 Thu Mar 22 2018
+  * Accept drivers that don't support transactions
+  * Install MySQL and PostgreSQL drivers on windows
+  * Closes #10: Warn if certificate without any extension is created
+  * Add table prefix to be prepended to each table for remote SQL DB
+  * Update translations
+  * xca 2.0.0-pre03 Thu Mar 15 2018
+  * Fix installation of sql plugins in the Windows installer
+  * Fix opening, importing and dropping databases
+  * xca 2.0.0-pre02 Tue Mar 13 2018
+  * Fix crash during PKCS#12 export
+  * Update HTTPS_server template and add example SAN
+  * Acceppt empty password for private key decryption
+  * Fix legacy database-without-password import
+  * xca 2.0.0-pre01 Sun Mar 11 2018
+  * Close GitHub Bug #5: Exporting a private key results in too-permissive
+    permissions
+  * Close GitHub Bug #4: Workaround QT bug of editing in QDateTimeEdit
+  * Fix display of dates in the Certificate details (local time displayed a GMT)
+  * The internal name is not neccessarily unique anymore and can be edited
+    in the details dialog as well as the comment.
+  * CSR signing is now statically stored in the database and the comment of the
+    issued certificate.
+  * Private keys in the database are PKCS#8 encrypted and can be exported and
+    decrypted without XCA.
+  * No more incrementing serials. Only unique random serial numbers.
+  * "xca_db_stat" application removed. Use the SQLite3 browser "sqlitebrowser".
+  * "xca extract" functionality removed. SQL views may be used instead.
+  * Each item may be commented. XCA itself comments important events in the item.
+  * Each item knows its time and origin of appearance.
+  * Change database format to SQL(ite) and support MySQL and PostgreSQL.  
+
+-------------------------------------------------------------------
+Wed Oct 31 11:39:19 UTC 2018 - Jan Engelhardt <jengelh@inai.de>
+
+- Fix grammar in %description -l de.
+- Throw out old %__-type macro indirections and $RPM_ shell vars.
+
+-------------------------------------------------------------------
+Tue Oct 30 22:34:27 UTC 2018 - Christian Wittmer <chris@computersalat.de>
+
+- update to 1.4.1
+  * Replace links to XCA on Sourceforge in the software and
+  * documentation by links to my Site.
+  * SF Bug #122 isValid() tried to convert the serial to 64 bit
+  * Beautify mandatory distinguished name entry errors
+  * Support dragging certificates and other items as PEM text
+  * Show User settings and installation path in the about dialog
+  * Remove SPKAC support. Netscape is not of this world anymore.
+  * SF bug #124 Wrong assumptions about slots returned by PKCS11 library
+  * Cleanup and improve the OID text files, remove senseless aia.txt
+  * Update HTML documentation
+  * Refine and document Entropy gathering
+  * Indicate development and release version by git commit hash
+  * Fix dumping private keys during "Dump database"
+  * Fix Null pointer exception when importing PKCS#12 with OpenSSL 1.1.0
+  * SF Bug #110 Exported private key from 4096 bit SSH key is wrong
+  * SF Bug #109 Revoked.png isn't a valid image
+  * SF Bug #121 CA serial number is ignored in hierarchical view
+  * Improve speed of Bulk import.
+  * Fix starting xca with a database as first arg
+- xca 1.4.0
+  * Update OpenSSL version for MacOSX and W32 to 1.1.0g
+  * Change default hash to SHA-256 and
+  * add a warning if the default hash algorithm is SHA1 or less
+  * Switch to Qt5 for Windows build and installation
+  * Do not apply the default template when creating a similar cert
+  * Close SF #120 Crash when importing CA certificate
+  * Close SF #116 db_x509.cpp:521: Mismatching allocation and deallocation
+  * Add support for OpenSSL 1.1 (by Patrick Monnerat)
+  * Support generating an OpenSSL "index.txt" (by Adam Dawidowski)
+  * Thales nCipher key generation changes for EC and DSA keys
+  * Add Slovak translation
+- remove obsolete 
+  * xca-1.3.2-openssl11.patch
+  * xca-doc_Makefile.patch
+- add xca-configure.patch
+  * fix sgml2html command
+- cleanup spec, fix deps
+
+-------------------------------------------------------------------
+Tue Dec  5 15:08:16 CET 2017 - ro@suse.de
+
+- add xca-1.3.2-openssl11.patch to fix build on factory with
+  openssl-1.1
+
+-------------------------------------------------------------------
+Fri Jan 29 01:07:37 UTC 2016 - chris@computersalat.de
+
+- fix Changelog
+- fix deps
+  * openssl-devel >= 0.9.8
+  * openssl >= 0.9.8
+- fix missing help files
+- fix rpmlint
+  * spurious-executable-perm /usr/share/man/man1/xca.1.gz
+  * spurious-executable-perm /usr/share/man/man1/xca.1.gz
+- add xca-doc_Makefile.patch
+
+-------------------------------------------------------------------
+Fri Oct 16 07:13:41 UTC 2015 - ecsos@opensuse.org
+
+- update to 1.3.2
+  * Gentoo Bug #562288 linking fails
+  * Add OID resolver, move some Menu items to "Extra"
+  * SF. Bug. #81 Make xca qt5 compatible
+  * SF. Bug. #107 error:0D0680A8:asn1 encoding
+  * Don't validate notBefore and notAfter if they are disabled.
+- xca 1.3.1
+  * Fix endless loop while searching for a signer of a CRL
+- xca 1.3.0
+  * Update to OpenSSL 1.0.2d for Windows and MAC
+  * SF Bug #105 1.2.0 OS X Retina Display Support
+  * Digitaly sign Windows and MAC binaries with a valid certificate
+  * Refactor the context menu. Exporting many selected items
+    to the clipboard or a PEM file now works. Certificate renewal
+    and revocation may now be performed on a batch of certificates.
+  * Feat. Reg. #83 Option to revoke old certificate when renewing
+  * Refactor revocation handling. All revocation information is
+    stored with the CA and may be modified.
+    Revoked certificates may now be deleted from the database
+  * Support nameConstraints, policyMappings, InhibitAnyPolicy,
+    PolicyConstraint and (OSCP)noCheck when transforming
+    certificates to templates or OpenSSL configs
+  * Fix SF Bug #104 Export to template introduces spaces
+  * Add option for disabling legacy Netscape extensions
+  * Support exporting SSH2 public key to the clipboard
+  * SF Bug #102 Weak entropy source used for key generation:
+    Use /dev/random, mouse/kbd entropy, token RNG
+  * SF Feat. Req. #80 Create new certificate,
+    based on existing certificate, same for requests
+  * Add Cert/Req Column for Signature Algorithm
+  * SF Feat. Req. #81 Show key size in New Certificate dialog
+  * Distinguish export from transform:
+    - Export writes to an external file,
+    - Transform generates another XCA item
+
+-------------------------------------------------------------------
+Tue Mar 31 09:28:37 UTC 2015 - ecsos@opensuse.org
+
+- update to 1.2.0
+  * Update to OpenSSL 1.0.2a for Windows and MAC drop brainpool
+    extra builds
+  * Use CTRL +/- to change the font size in the view
+  * Add Row numbering for easy item counting
+  * Support SSH2 public key format for import and export
+  * Add support for SHA-224
+  * add "xca extract" to export items from the database on the
+    commandline
+
+-------------------------------------------------------------------
+Thu Nov 27 10:46:50 UTC 2014 - chris@computersalat.de
+
+- update to 1.1.0
+  * SF#xca#79 Template export from WinXP cannot be imported in Linux
+    and Mac OS X
+  * Support for Brainpool windows and MacOSX binaries
+  * SF Feat. Req. #70 ability to search certificates
+  * SF Feat. Req. #75 show SHA-256 digest
+  * RedHat Bug #1164340 - segfault when viewing a RHEL entitlement
+    certificate
+  * Database hardening
+  * Delete invalid items (on demand)
+  * Be more tolerant against database errors
+  * Gracefully handle and repair corrupt databases
+  * Add "xca_db_stat(.exe)" binary to all installations
+  * Translation updates
+  * Optionally allow hash algos not supported by the token
+  * Select whether to translate established x509 terms
+  * Finish Token EC and DSA support - generate, import, export, sign
+  * SF Feat. Req. #57 More options for Distinguished Name
+  * Switch to autoconf for the configure script
+  * SF Feature Req. #76 Export private keys to clipboard
+  * EC Keys: show Curve name in table
+  * Support EC key generation on PKCS#11 token
+  * PKCS#11: Make EC and RSA signatures work
+  * PKCS#11: Fix reading EC keys from card
+  * SF#xca#82 Certificate Creation out of Spec
+  * SF#xca#95 XCA 1.0 only runs in French on a UK English Mac
+- xca 1.0.0
+  * SF#xca#89 Validating CRL distribution point results in error
+  * SF Feature Req. #69 Create "Recent databases..." file menu item
+  * SF#xca#75 authorityInfoAccess set error
+  * SF#xca#88 Minor spelling error
+  * SF#xca#87 Unable to set default key length The Key generation
+    dialog now allows to remember the current settings
+  * Do not interpret HTML tags in message boxes
+  * Overwite extensions from the PKCS#10 request by local extensions
+    This avoids duplication errors and allows to overwrite some
+    extensions from the request
+  * SF#xca#78 replace path separators in export filenames
+  * SF Feature Req. #71 Add KDC Authentication OIDs to default files
+  * SF#xca#82 Certificate Creation out of Spec
+  * Add Croatian translation
+  * SF#xca#83 Inappropriate gcc argument order in configure script
+- update dependencies
+  * qt >= 4.6.0
+- remove obsolete 0001-Fix-for-openssl-1.0.1i.patch
+- replace xca-configure.patch with xca-linuxdoc.patch
+- rebase xca-desktop.patch
+
+-------------------------------------------------------------------
+Thu Oct  9 10:29:12 UTC 2014 - mrueckert@suse.de
+
+- added 0001-Fix-for-openssl-1.0.1i.patch
+  From http://sourceforge.net/p/xca/patches/14/
+
+-------------------------------------------------------------------
+Wed Jun  6 20:37:43 UTC 2012 - chris@computersalat.de
+
+- update to 0.9.3
+  * Fix double free in a1time resulting in random crashes
+- fix License (http://spdx.org/licenses/)
+  * BSD-3-Clause
+- rebase patches
+
+-------------------------------------------------------------------
+Mon May  7 18:42:49 UTC 2012 - chris@computersalat.de
+
+- update to 0.9.2
+  * Support for Local timezone dates.
+    Differentiate between invalid and undefined dates.
+  * Fix Bug #3461403 Error when create certificate with CRL distribution point
+    User error -> Improve user-friendlyness
+  * Fix Bug #3485139 Exception when creating certificates in passwordless db
+  * Avoid very long names resulting in duplicate names in the database.
+  * Add warning colors for expired dates.
+- rebase patches
+
+-------------------------------------------------------------------
+Tue Nov  8 22:32:27 UTC 2011 - chris@computersalat.de
+
+- update to 0.9.1
+  * Close bug [ 3372449 ] All numeric names cannot be used
+  * add search functionality for PKCS#11 libraries
+  * fix ASN.1 encoding of PKCS#10 request
+  * Close bug [ 3318203 ] Build failure with GNU gold linker
+  * Add x509v3 extensions to the list of selectable columns
+  * Close bug [ 3314262 ] Incorrect "Path length" template parameter handling
+  * Close bug [ 3314263 ] Unrevoking a certificate does not make it "Trusted"
+  * Feature Request [3286442] Make success/import messges optional
+  * improve Password entry
+  * Improve SPKAC import
+  * add french translation by Patrick Monnerat
+  * Export requests or certificates as openssl config file
+  * Support building with EC disabled
+  * Close bug [3091576] Private key export is always PKCS#8 encoded
+  * Feature Request [3058196] Autoload database
+  * Feature Request [3058195] Export directly to the clipboard
+  * Close bug [3062711] Additional OIDs
+  * Close bug [3062708] Invalid user configuration file path name
+  * Fix PKCS#11 library handling
+- remove obsolete Makefile patch
+- rework configure, desktop patch
+  * remove version from name
+- fix deps
+  * remove obsolete dos2unix (COPYRIGHT got fixed)
+
+-------------------------------------------------------------------
+Mon Oct  4 21:14:15 UTC 2010 - chris@computersalat.de
+
+- update to 0.9.0
+  * support loading more than one PKCS#11 library
+  * remove the need for engine_pkcs11
+    now more than one PKCS#11 library can be loaded and used in parallel
+  * Add de/selection of columns and add a lot of new possible columns
+    All Subject entries, the subject hash and whole name,
+    Certificate fingerprints, dates, CA info, CRL number,
+    corresponding key of certs and requests
+  * Improve CRL generation [3035294] CRLNumber, CRLReason
+  * improve creating templates from cert
+    - enhance parsing of CRL-DP, SAN, IAN and AuthInfoAcc
+    - add support for CertificatePolicies
+    - unknown extension are written as generic DER
+  * improve date handling. "notBefore" is not reset to now anymore
+    when applying a time range
+  * Support dropping files onto the application
+  * russian translation by Pavel Belly
+  * support loading DER formatted PKCS#8 keys
+  * ease commandline use
+  * add DH param generation menu entry
+  * improve token handling and PIN changing dialogs
+  * improve key-value table input for "additional DN entries"
+  * PIN and PUK changing implemented
+  * apply partial template-contents
+    - applying the subject only or the extensions only is possible now
+  * add informational messageboxes
+    - whenever an item was successfully created or imported
+  * add support for random serial numbers
+  * improve messages, usability and german translation
+  * improve token support
+    - token initializing
+    - creating keys on a token
+    - store existing keys on a token
+    - delete keys and certs from a token
+- xca 0.8.1 Tue Jan 5 07:52:03 2010
+  * fix string conversion from QString to ASN1
+- xca 0.8.0 Thu Dec 10 18:44:03 2009
+  * improve documentation
+  * improve file-dialog handling
+  * Generate Template from certificate or PKCS#10 request
+    -> Feature request [2213094] and [1108304]
+  * add hash algos "ripemd160" and "SHA384"
+  * add the "no well-defined date" from RFC 5280 as checkbox
+  * Feature request [1996192]
+    Include "OCSPSigning" in misc/eku.txt
+  * Support for EC keys
+  * Update Step-by-step documentation
+    Thanks Devin Reade
+  * Support for Smart Cards
+  * set proper file-extension .xdb on opening databases
+- reworked patches
+  o Makefile, configure, desktop patch
+- remove obsolete uint32_t patch
+
+-------------------------------------------------------------------
+Sun Jun 20 17:38:35 UTC 2010 - rpm@scorpio-it.net
+
+- fix build for 11.2
+  o added uint32_t patch
+
+-------------------------------------------------------------------
+Tue Oct 27 18:24:14 UTC 2009 - chris@computersalat.de
+
+- fixed deps for SLES 10
+  o qt-devel
+
+-------------------------------------------------------------------
+Tue Oct 27 15:19:34 UTC 2009 - chris@computersalat.de
+
+- update to new version 0.7.0 
+  o removed 0.6.3 patches
+  o added 0.7.0 patches
+    * configure
+    * Makefile
+    * desktop
+  o cleanup spec
+  o moved changes to .changes file
+
+-------------------------------------------------------------------
+Sat Sep 22 15:15:10 UTC 2007 - rpm@scorpio-it.net
+
+- initial package 0.6.3
+

xca.spec

@@ -0,0 +1,116 @@
+#
+# spec file for package xca
+#
+# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2023 Jonathan Brielmaier <jbrielmaier@opensuse.org>
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           xca
+Version:        2.8.0
+Release:        0
+Summary:        An RSA key and certificate management tool
+License:        BSD-3-Clause
+Group:          Productivity/Networking/Security
+Summary(de):    Ein RSA-Schlüssel- und -Zertifikat-Managementprogramm
+URL:            https://www.hohnstaedt.de/xca/
+Source:         https://github.com/chris2511/xca/releases/download/RELEASE.%{version}/%{name}-%{version}.tar.gz
+%if 0%{?suse_version} <= 1600
+BuildRequires:  gcc12
+BuildRequires:  gcc12-c++
+%else
+BuildRequires:  gcc
+BuildRequires:  gcc-c++
+%endif
+BuildRequires:  fdupes
+BuildRequires:  hicolor-icon-theme
+BuildRequires:  libqt5-linguist
+BuildRequires:  libtool
+BuildRequires:  pkgconfig
+BuildRequires:  update-desktop-files
+BuildRequires:  cmake(Qt6Test)
+BuildRequires:  pkgconfig(Qt6Gui)
+BuildRequires:  pkgconfig(Qt6Help)
+BuildRequires:  pkgconfig(Qt6Linguist)
+BuildRequires:  pkgconfig(Qt6Sql)
+BuildRequires:  pkgconfig(Qt6Widgets)
+BuildRequires:  pkgconfig(openssl)
+#Requires:       libQt5Sql5-sqlite
+
+%description
+Graphical certification authority is an interface for managing RSA
+keys and certificates, and the creation and signing of PKCS#10
+requests. It uses the OpenSSL library and a Berkeley DB for key and
+certificate storage. It supports importing and exporting keys and
+PEM/DER/PKCS8 certificates, signing and revoking of PEM/DER/PKCS12,
+and the selection of X509v3 extensions. A tree view of certificates
+is presented.
+
+%description -l de
+"Graphical certification authority" ist ein Interface zum Verwalten
+von RSA-Schlüsseln und -Zertifikaten, und dem Erzeugen und Signieren von
+PKCS#10-Requests. Es verwendet die OpenSSL-Biliothek und Berkley DB
+zum Speichern von Schlüsseln und Zerifkaten. Es unterstützt den
+Import und Export von Schlüsseln und PEM/DER/PKCS#8-Zertifikaten,
+das Signieren und Widerrufen von PEM/DER/PKCS12, und die
+Auswahl von X509v3-Erweiterungen. Die Zertifikate werden in einer
+Baumstruktur präsentiert.
+
+%package bash-completion
+Summary:        Bash Completion for %{name}
+Group:          Productivity/Networking/Security
+Requires:       %{name} = %{version}
+Requires:       bash-completion
+Supplements:    (%{name} and bash-completion)
+BuildArch:      noarch
+
+%description bash-completion
+Bash completion script for %{name}.
+
+%prep
+%setup -q
+
+%build
+%if 0%{?suse_version} <= 1600
+export CC=gcc-12
+export CXX=g++-12
+%endif
+%if 0%{?suse_version} <= 1600
+%cmake
+%cmake_build
+%else
+%cmake xca
+%cmake_build
+%endif
+
+%install
+%cmake_install
+%fdupes %{buildroot}
+
+%files
+%license COPYRIGHT
+%doc AUTHORS changelog VERSION.txt
+%{_bindir}/%{name}
+%{_datadir}/applications/de.hohnstaedt.xca.desktop
+%{_datadir}/icons/hicolor/*/apps/*%{name}.png
+%{_datadir}/icons/hicolor/*/mimetypes/x-xca-*.png
+%{_datadir}/mime/packages/%{name}.xml
+%{_datadir}/metainfo/de.hohnstaedt.xca.metainfo.xml
+%{_datadir}/%{name}
+%{_mandir}/man1/%{name}.1%{?ext_man}
+
+%files bash-completion
+%{_datadir}/bash-completion/completions/%{name}
+
+%changelog