forked from pool/openssl-1_1
02427a3414
* All the minor versions of the 1.1.x openssl branch have the same
sonum and keep ABI compatibility
- Remove bit obsolete syntax
- Use %license macro
- Don't disable afalgeng on aarch64
- Add support for s390x CPACF enhancements (fate#321518)
patches taken from https://github.com/openssl/openssl/pull/2859:
* 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch
* 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch
* 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch
* 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch
* 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch
* 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch
* 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch
* 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
* 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch
* 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch
- Do not filter pkgconfig() provides/requires.
- Obsolete openssl-1_0_0 by openssl-1_1_0: this is required for a
clean upgrade path as an aid to zypp (boo#1070003).
- Update to 1.1.0g
OpenSSL Security Advisory [02 Nov 2017]
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-1_1?expand=0&rev=2
115 lines
2.4 KiB
Diff
115 lines
2.4 KiB
Diff
From 79310b18d90badd58595cf2fff40591ad76c301a Mon Sep 17 00:00:00 2001
|
|
From: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
Date: Tue, 31 Jan 2017 12:43:35 +0100
|
|
Subject: [PATCH 05/44] s390x assembly pack: add OPENSSL_s390xcap man page.
|
|
|
|
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
|
|
---
|
|
doc/man3/OPENSSL_s390xcap.pod | 94 +++++++++++++++++++++++++++++++++++++++++++
|
|
1 file changed, 94 insertions(+)
|
|
create mode 100644 doc/man3/OPENSSL_s390xcap.pod
|
|
|
|
diff --git a/doc/man3/OPENSSL_s390xcap.pod b/doc/man3/OPENSSL_s390xcap.pod
|
|
new file mode 100644
|
|
index 0000000000..de56c7cf55
|
|
--- /dev/null
|
|
+++ b/doc/man3/OPENSSL_s390xcap.pod
|
|
@@ -0,0 +1,94 @@
|
|
+=pod
|
|
+
|
|
+=head1 NAME
|
|
+
|
|
+OPENSSL_s390xcap - the z processor capabilities vector
|
|
+
|
|
+=head1 SYNOPSIS
|
|
+
|
|
+ env OPENSSL_s390xcap=... <application>
|
|
+
|
|
+=head1 DESCRIPTION
|
|
+
|
|
+libcrypto supports z architecture instruction set extensions. These
|
|
+extensions are denoted by individual bits in the capability vector.
|
|
+When libcrypto is initialized, the bits returned by the STFLE instruction
|
|
+and by the QUERY functions are stored in the vector.
|
|
+
|
|
+The OPENSSL_s390xcap environment variable can be set before starting an
|
|
+application to affect capability detection. It is specified by a
|
|
+colon-separated list of 64-bit values in hexadecimal notation, the 0x
|
|
+prefix being optional. The ~ prefix means bitwise NOT and a point
|
|
+indicates the end of the STFLE bits respectively the beginning of the
|
|
+QUERY bits.
|
|
+
|
|
+After initialization, the capability vector is ANDed bitwise with the
|
|
+corresponding parts of the environment variable.
|
|
+
|
|
+The following bits are significant:
|
|
+
|
|
+.
|
|
+
|
|
+=over
|
|
+
|
|
+=item #60 KIMD-SHA-512
|
|
+
|
|
+=item #61 KIMD-SHA-256
|
|
+
|
|
+=item #62 KIMD-SHA-1
|
|
+
|
|
+=back
|
|
+
|
|
+:
|
|
+
|
|
+=over
|
|
+
|
|
+=item #62 KIMD-GHASH
|
|
+
|
|
+=back
|
|
+
|
|
+:
|
|
+
|
|
+=over
|
|
+
|
|
+=item #11 KM-XTS-AES-256
|
|
+
|
|
+=item #13 KM-XTS-AES-128
|
|
+
|
|
+=item #43 KM-AES-256
|
|
+
|
|
+=item #44 KM-AES-192
|
|
+
|
|
+=item #45 KM-AES-128
|
|
+
|
|
+=back
|
|
+
|
|
+:
|
|
+:
|
|
+
|
|
+=over
|
|
+
|
|
+=item #43 KMC-AES-256
|
|
+
|
|
+=item #44 KMC-AES-192
|
|
+
|
|
+=item #45 KMC-AES-128
|
|
+
|
|
+=back
|
|
+
|
|
+=head1 EXAMPLES
|
|
+
|
|
+OPENSSL_s390xcap=.0:0 disables KIMD.
|
|
+
|
|
+OPENSSL_s390xcap=.::~0x2800 disables KM-XTS-AES.
|
|
+
|
|
+=head1 COPYRIGHT
|
|
+
|
|
+Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
|
|
+
|
|
+Licensed under the OpenSSL license (the "License"). You may not use
|
|
+this file except in compliance with the License. You can obtain a copy
|
|
+in the file LICENSE in the source distribution or at
|
|
+L<https://www.openssl.org/source/license.html>.
|
|
+
|
|
+=cut
|
|
--
|
|
2.13.6
|
|
|