From 94d65bd980c8a410c70e3cf91728933525b81db58fe04ffe75277422641af36d Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Sun, 1 Mar 2020 00:15:48 +0000
Subject: [PATCH] - Version 2.0.0

OBS-URL: https://build.opensuse.org/package/show/security/yubico-piv-tool?expand=0&rev=30
---
 yubico-piv-tool-1.7.0.tar.gz     |   3 --
 yubico-piv-tool-1.7.0.tar.gz.sig | Bin 310 -> 0 bytes
 yubico-piv-tool-2.0.0.tar.gz     |   3 ++
 yubico-piv-tool-2.0.0.tar.gz.sig | Bin 0 -> 566 bytes
 yubico-piv-tool.changes          |  46 +++++++++++++++++++++++++++++++
 yubico-piv-tool.spec             |  12 ++++----
 6 files changed, 54 insertions(+), 10 deletions(-)
 delete mode 100644 yubico-piv-tool-1.7.0.tar.gz
 delete mode 100644 yubico-piv-tool-1.7.0.tar.gz.sig
 create mode 100644 yubico-piv-tool-2.0.0.tar.gz
 create mode 100644 yubico-piv-tool-2.0.0.tar.gz.sig

diff --git a/yubico-piv-tool-1.7.0.tar.gz b/yubico-piv-tool-1.7.0.tar.gz
deleted file mode 100644
index 9535879..0000000
--- a/yubico-piv-tool-1.7.0.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:b428527e4031453a637128077983e782e9fea25df98e95e0fc27819b2e82fd7f
-size 588206
diff --git a/yubico-piv-tool-1.7.0.tar.gz.sig b/yubico-piv-tool-1.7.0.tar.gz.sig
deleted file mode 100644
index dba80a987c8b037f9045fadff9c9e65e8cb560a7d134674e8dddecbc41eb5ae7..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 310
zcmV-60m=S}0W$;u0SEvc79j)*I|5?7p>R_N)&B;(pbylt7K{o70$ikKq5ujB5WJud
z)Up<g3RnvV{S^llo<YrXyap6Nz>7HR3N29phWBPnkhl9Rn~Qryx*#tO_a(v`>oQih
z8xOjMOPg(qbu||8V;NhtV;gjjb)^`nmfjNf(@*@RuFnYzWw7!V4UGW*waAoqYZh1_
z$BSM@X<<vSH+q?sKRArbzWnc32ztm4mYUh%g>ELNaS8#n=jyy6uSb3>y{rN@BN3ss
zi^ZW`&%!oD`0SE9*CanC4mjJY)Bx;Pk_=Y{T;{A#Kw6llsM2SW0K+}L6F+8<*s>e0
z%CODByQS8ZG&7=VhSn+95A|)bv0SSr;*d9}Tr~r}KCmNtd+FGo4U{{iu6m;t<TEH`
I*=)(em`MkU>i_@%

diff --git a/yubico-piv-tool-2.0.0.tar.gz b/yubico-piv-tool-2.0.0.tar.gz
new file mode 100644
index 0000000..2878288
--- /dev/null
+++ b/yubico-piv-tool-2.0.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:dae510ea88922720019029c7f0296ddc74bb30573e40d9bc18fc155023859488
+size 1701905
diff --git a/yubico-piv-tool-2.0.0.tar.gz.sig b/yubico-piv-tool-2.0.0.tar.gz.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..f752459769ff2290d64825363d9d368bc4184e9de4818eb6fa3cd251229667f2
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SEvc79j+1*A!nbHN<pP0fL$vAy<#YXlwoj0$wqyx&R6Z5E~&^
zkHlze{^s%!0Jhb&bn?|T#BblDaoQ^4lT(C2#mctni9*AK8lZpl|27(=`6EplBmOKV
z8tbb<hqZrN^r@JJH{9ft10|UvJS?{ZsQP^DScm<SU_}!19TiF{ylT*-KlR9`+Qz~x
zu3c#mN^?*Ti_;rEzW4OKu{8f2Vy$4BJThz)p8mlMJ7qDkg<-wybB#~IK^w_NKA#qY
zknusJz3CZ#uKJeatlHUI_`7Cj;$cf+KLg*{Fb|e_ru`QCjsM3d4frLLhG?_C@w-<u
z98AeY*z+=8W9_^m3`^1bLg`Qg6A5huZqQ6$#F(Vzvq{su|1%i`PxFv31n<%z{Ofnv
zE{<@D_~kuvf?(hV(OK_pbVY)={`?lN+nTbbgSZt;-v9BdyU4>94!qvB6Rvm3XyP`m
zS8tmVu<NR?iLOd)a>~6tfZQ+mb~2P#fi~2XaKQXpwMGFZvDw=hG-d-SB%@QgcH56W
zaO>Sz<L*^_H|^3zgwTni{LE!uILgXs5ko{8N`uRh(Ob~iTpB%<QL&fJzzERNxRwZd
zZODCD;m8-YSn8>Tc;H?Hvtacje`QEP8cNY0y2L|7Yh=Aot{$B>g_sB%@?tRusEClU
zsI}sQD2pVgG`r9;O?tGE4O5jG10TL4DFOkSj-3c!TYbIjqsLOJAO#&4f%KsAVS^aC
EGU5#u=Kufz

literal 0
HcmV?d00001

diff --git a/yubico-piv-tool.changes b/yubico-piv-tool.changes
index df243db..e7e07e0 100644
--- a/yubico-piv-tool.changes
+++ b/yubico-piv-tool.changes
@@ -1,3 +1,49 @@
+-------------------------------------------------------------------
+Sun Mar  1 00:11:08 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Version 2.0.0
+  - ykpiv: Added ykpiv_get_metadata and ykpiv_util_parse_metadata
+    to read and parse private key metadata (supported from YK 5.3).
+  - ykpiv: Fixed PCSC transaction handling when re-selecting PIV
+    due to external card reset events.
+  - ykpiv: Improved error reporting.
+  - ykpiv: Correctly report YK5 devices, and NEO and YK5 over NFC.
+  - ykpiv: MGM KEY (SO PIN) is cached (in addition to PIN).
+  - ykpiv: Fixed resetting of cached serial / version when an
+    application re-uses ykpiv_state.
+  - ykpiv: ykpiv_get_pin_retries selects a different applet before
+    re-selecting PIV since just re-selecting PIV is a no-op on YK5.
+  - ykcs11: Shared library exports all PKCS11 functions per the
+    spec (For applications that don’t use C_GetFunctionList).
+  - ykcs11: Support for up to 16 simultaneous sessions, with
+    support for multi-threaded access (if requested when calling
+    C_Initialize).
+  - ykcs11: Support for resetting the PIV application via
+    C_initToken.  Requires knowledge of the MGMT KEY (SO PIN) per
+    the PKCS11 spec.
+  - ykcs11: Support for public-key operations not supported by PIV
+    (C_Verify, C_Encrypt), implemented using OpenSSL.
+  - ykcs11: Support for attestations, exposed as session objects of
+    certificate class. Generated when opening the first session to
+    a slot.
+  - ykcs11: Support for forked processes on Linux and MacOS.
+  - ykcs11: Support for RSA signatures using PKCS or PSS padding
+    with optional digesting by the library. Raw signatures are also
+    supported.
+  - ykcs11: Support for ECDSA signatures with optional digesting by
+    the library. Raw signatures are also supported.
+  - ykcs11: Support for RSA encryption / decryption with PKCS or
+    OAEP padding.
+  - ykcs11: Makes use of key metadata when available (YK 5.3 and
+    above), providing access to keys even if certificates are not
+    present.
+  - ykcs11: Supports SHA1, SHA256, SHA384 and SHA512 digesting,
+    plus SHA224 digesting for ECDSA signatures and for the MGF1
+    digest in PSS / OAEP, implemented using OpenSSL.
+  - ykcs11: Supports C_Login with context-specific user type. This
+    allows use cases that require both SO PIN and normal PIN in the
+    same session.
+
 -------------------------------------------------------------------
 Mon Jun  3 08:22:20 UTC 2019 - Karol Babioch <kbabioch@suse.de>
 
diff --git a/yubico-piv-tool.spec b/yubico-piv-tool.spec
index d274101..6ebea07 100644
--- a/yubico-piv-tool.spec
+++ b/yubico-piv-tool.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package yubico-piv-tool
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %define sover  1
 Name:           yubico-piv-tool
-Version:        1.7.0
+Version:        2.0.0
 Release:        0
 Summary:        Yubico YubiKey NEO CCID Manager
 License:        BSD-2-Clause
@@ -79,7 +79,7 @@ Yubikey NEO PKCS#11 applet library.
 
 %build
 %configure --disable-static --with-backend=pcsc
-make %{?_smp_mflags}
+make %{?_smp_mflags} V=1
 
 %install
 %make_install INSTALL="install -p"
@@ -97,12 +97,10 @@ find %{buildroot} -type f -name "*.la" -delete -print
 %{_mandir}/man1/*
 
 %files -n libykpiv%{sover}
-%{_libdir}/libykpiv.so.%{sover}
-%{_libdir}/libykpiv.so.%{sover}.5.0
+%{_libdir}/libykpiv.so.%{sover}*
 
 %files -n libykcs11-%{sover}
-%{_libdir}/libykcs11.so.%{sover}
-%{_libdir}/libykcs11.so.%{sover}.5.0
+%{_libdir}/libykcs11.so.%{sover}*
 
 %files -n libykpiv-devel
 %dir %{_includedir}/ykpiv/