Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libica4-4.2.3-150600.1.9 RPM for s390x

From OpenSuSE Leap 15.6 for s390x

Name: libica4 Distribution: SUSE Linux Enterprise 15
Version: 4.2.3 Vendor: SUSE LLC <https://www.suse.com/>
Release: 150600.1.9 Build date: Thu Mar 28 19:32:55 2024
Group: System/Libraries Build host: s390zp38
Size: 446186 Source RPM: libica-4.2.3-150600.1.9.src.rpm
Packager: https://www.suse.com/
Url: https://github.com/opencryptoki/libica
Summary: Library interface for the IBM Cryptographic Accelerator
This package contains the interface library routines used by IBM
modules to interface with the IBM eServer Cryptographic Accelerator
(ICA).

Provides

Requires

License

CPL-1.0

Changelog

* Fri Oct 06 2023 nikolay.gueorguiev@suse.com
  - Upgrade to version 4.2.3 (jsc#PED-5446)
    * Add OPENSSL_init_crypto in libica constructor
    * Remove deprecated ioctl Z90STAT_STATUS_MASK
    * Bug fixes
* Tue May 23 2023 nikolay.gueorguiev@suse.com
  - Upgrade to version 4.2.2 (jsc#PED-3277, jsc#PED-3276)
    - [UPDATE] syslog msgs only in error cases
    - [UPDATE] don't count statistics in fips power-on self tests
    - [PATCH] various fixes and some new tests
* Fri Apr 28 2023 otto.hollmann@suse.com
  - Remove file /etc/libica/openssl3-fips.cnf - we don't support FIPS yet
* Thu Apr 27 2023 dimstar@opensuse.org
  - Prefix /etc/libica with %dir to ensure we don't package
    unversioned files in libica4, as otherwise we violate SLPP.
* Thu Apr 27 2023 otto.hollmann@suse.com
  - Add /etc/libica directory into %files section.
* Fri Feb 17 2023 nikolay.gueorguiev@suse.com
  - Upgrade to version 4.2.1 (jsc#PED-2872)
    - [PATCH] fix regression opening shared memory
* Mon Jan 16 2023 meissner@suse.com
  - Upgrade to version 4.2.0 (jsc#PED-581, bsc#1202365).
    - [FEATURE] Display build info via icainfo -v
    - [FEATURE] New API function ica_get_build_version()
    - [FEATURE] Display fips indication via icainfo -f
    - [FEATURE] New API function ica_get_fips_indicator()
    - [FEATURE] New API function ica_aes_gcm_initialize_fips()
    - [FEATURE] New API function ica_aes_gcm_kma_get_iv()
    - [FEATURE] New API function ica_get_msa_level()
    - [PATCH] icainfo: check for malloc error when getting functionlist
* Tue Oct 11 2022 mpost@suse.com
  - Upgrade to version 4.1.1 (jsc#PED-581, bsc#1202365).
    v4.1.1
    - [PATCH] Fix aes-xts multi-part operations
      [PATCH] Fix make dist
    v4.1.0
    - [FEATURE] FIPS: make libica FIPS 140-3 compliant
      [FEATURE] New API function ica_ecdsa_sign_ex()
      [FEATURE] New icainfo output option -r
    - [PATCH] Various bug fixes
  - Removed the following obsolete files:
    baselibs.conf
    icaioctl.h
* Mon Sep 12 2022 mpost@suse.com
  - Upgraded to version 4.0.3 (jsc#PED-581, jsc#PED-621, jsc#PED-629)
    v4.0.3
    - [PATCH] Reduce the number of open file descriptors
    - [PATCH] Various bug fixes
    v4.0.2
    - [PATCH] Various bug fixes
    v4.0.1
    - [PATCH] Various bug fixes
    - [PATCH] Compute HMAC from installed library
    v4.0.0
    - [UPDATE] NO_SW_FALLBACKS is now the default for libica.so
      [UPDATE] Removed deprecated API functions including tests
      [UPDATE] Introduced 'const' for some API function parameters
      [FEATURE] icastats: new parm -k to display detailed counters
  - Replaced libica-sles15sp2-FIPS-hmac-key.patch with an updated
    version named libica-sles15sp5-FIPS-hmac-key.patch.
  - Updated the libica-rpmlintrc file to suppress warnings about the
    libica-cex hmac files being hidden.
  - Updated the spec file to properly both obsolete and provide two
    older versions of the package.
* Tue Oct 19 2021 mpost@suse.com
  - Upgrade to version 3.9.0 (jsc#SLE-18454, jsc#SLE-18564)
    - [FEATURE] Add support for OpenSSL 3.0
    - [FEATURE] icainfo: new parm -c to display available EC curves
  - Replaced the obsolete PreReq: %fillup_prereq
    with                  Requires(post): %fillup_prereq
    in the spec file.
* Mon Jun 07 2021 msuchanek@suse.com
  - Update to version 3.8.0 (jsc#SLE-18334)
    - [FEATURE] provide libica-cex module to satisfy special security requirements
    - [FEATURE] FIPS: enforce the HMAC check
  - Remove upstreamed patches:
    - libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
    - libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
    - libica-sles15sp2-Zeroize-local-variables.patch
  - Remove patches obsoleted by upstrea developent:
    * FIPS: Find libica from phdrs.
    - libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
    * FIPS: enforce the hmac check
    - libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
  - Fix up tests and hmac generation
    + libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
  - Remove obsolete attributes from filelists
* Fri Sep 18 2020 mpost@suse.com
  - Upgraded to version 3.7.0 (jsc#SLE-13708)
    * Version 3.7.0
    - [FEATURE] FIPS: Add HMAC based library integrity check
    - [PATCH] icainfo: bugfix for RSA and EC related info for software column.
    - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests
    - [PATCH] FIPS: Fix DES and TDES key length
    - [PATCH] icastats: Fix stats counter format
    * Version 3.6.1
    - [PATCH] Fix x25519 and x448 handling of non-canonical values
  - Removed the following obsolete patches
    * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
    * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
    * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
    * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
    * libica-sles15sp2-Build-with-pthread-flag.patch
    * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
    * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
* Tue Sep 15 2020 mpost@suse.com
  - Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
    * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
    * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
  - Fix FIPS hmac check (bsc#1175356).
    * Update FIPS support to upstream
    - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
      from upstream.
    - Add libica-sles15sp2-Build-with-pthread-flag.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
    - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
    * FIPS check should fail when hmac is missing
    - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
    * Fix hmac key format. It should be hexadecimal, not ASCII
    - Refresh libica-sles15sp2-FIPS-hmac-key.patch
  - Fix Some internal variables used to store sensitive information
    (keys) were not zeroized before returning to the calling application.
    (bsc#1175357)
    * Added libica-sles15sp2-Zeroize-local-variables.patch
  - Updated libica-rpmlintrc to eliminate the warning about the HMAC file
    being a hidden file. It is supposed to be hidden.
* Thu May 07 2020 mpost@suse.com
  - Added the following patches for FIPS certification (bsc#1162533)
    * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
    * libica-sles15sp2-FIPS-hmac-key.patch
  - Added a BuildRequires for the fipscheck package.
  - Made a couple of changes to the spec file based upon recommendations
    by spec-cleaner.
* Wed Apr 08 2020 mpost@suse.com
  - Added the following patches for FIPS certification.
    * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
      (bsc#1166071) Although a DES key has only 56 effective bits,
      all 64 bits must be considered, because the parity bits are
      spread over all 8 bytes of the key.
    * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
      (bsc#1166210) FIPS tests require the output iv to be the iv
      resulting from decrypting the last block with a zero iv as input.
    * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
      (bsc#1166224) The output from icainfo never shows 'yes' for
      RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
      due to the missing ICA_FLAG_SW flag in the icaList.
* Thu Nov 14 2019 mpost@suse.com
  - Added libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
    (bsc#1156768)
* Tue Oct 15 2019 mpost@suse.com
  - Upgraded to version 3.6.0 (jsc#SLE-7584)
    * [FEATURE] Add MSA9 CPACF support for Ed25519, Ed448, X25519 and X448
* Fri Aug 30 2019 mpost@suse.com
  - Upgraded to version 3.5.0 (Fate#327840)
    - [FEATURE] Add MSA9 CPACF support for ECDSA sign/verify
  - Reworked how libica-tools loads and unloads kernel modules to
    avoid spurious error messages (bsc#1134004):
    * Converted the boot.z90crypt sysV init script to a systemd unit
    file.
    * Removed any references to insserv in the spec file.
    * Updated the z90crypt script itself to properly load and unload
    the kernel modules as they exist today.
    * Eliminated the obsolete libica-SuSE.tar.bz2 archive.
  - Updated the README.SUSE file to reflect the change from sysV init
    style script to systemd.
  - Made numerous changes to the spec file, based on the output from
    the spec-cleaner command.
* Wed Jul 24 2019 mpluskal@suse.com
  - Run testsuite during build
* Thu Nov 15 2018 mpost@suse.com
  - Upgraded to version 3.4.0 (Fate#325690)
    * v3.4.0
      [FEATURE] Add SHA-512/224 and SHA-512/256 support
  - Dropped obsolete patch Add-non-executable-gnu-stack-markings-in-the-assembl.patch
  - Made numerous updates to spec file based on spec-cleanup run.
* Wed Nov 14 2018 mpost@suse.com
  - Upgraded to version 3.3.3 (Fate#325690)
    * v3.3.3
      [PATCH] Various bug fixes
    * v3.3.2
      [PATCH] Skip ECC tests if required HW is not available
      [PATCH] Update spec file
    * v3.3.1
      [PATCH] Fix configure.ac to honour CFLAGS
    * v3.3.0
      [FEATURE] Add CEX supported elliptic-curve crypto interfaces
      [FEATURE] Add SIMD supported multiple-precision arithmetic interfaces
      [FEATURE] Add interface to enable/disable SW fallbacks
      [FEATURE] Add 'make check' target, test-suite rework
    * v3.2.1
      [FEATURE] Use z14 PRNO-TRNG to seed SHA512-DRBG.
      [PATCH] Various bug fixes.
  - Dropped obsolete patch increment-icastats-counter-for-aes-gcm.patch
  - Removed COPYING from %files, since it is no longer in the tarball.
  - Added Add-non-executable-gnu-stack-markings-in-the-assembl.patch
    (bsc#1103493).
  - Made multiple changes to the spec file based on the output of
    spec-cleaner
* Mon Oct 22 2018 mpost@suse.com
  - Added "Obsoletes: libica-2_3_0" to the libica-tools package to
    fix a problem with upgrading from SLES12 SP2 to either SLES12
    SP3/SP4, or SLES15. (bsc#1112655)
* Tue Sep 11 2018 mpost@suse.com
  - Added "Obsoletes: libica2" to the libica-tools package to fix
    a problem with upgrading from SLES12 SP2 to either SLES12
    SP3/SP4, or SLES15. (bsc#1046435, bsc#1104638)
* Wed Apr 18 2018 mpost@suse.com
  - Added increment-icastats-counter-for-aes-gcm.patch (bsc#1086756)
  - Updated boot.z90crypt script to fix a problem with the modprobe
    command not being found. (bsc#1040229).
  - Added "Recommends: libica-tools" (bsc#1046435).
* Thu Nov 23 2017 rbrown@suse.com
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)
* Wed Oct 04 2017 mpost@suse.com
  - Added "--enable-fips" to the %configure parms (Fate#324115)
* Fri Sep 22 2017 mpost@suse.com
  - Upgraded to version 3.2 (Fate#321517)
    * v3.2.0
      [FEATURE] New AES-GCM interface.
      [UPDATE] Add symbol versioning.
    * v3.1.1
      [PATCH] Various bug fixes related to old and new AES-GCM implementations.
      [UPDATE] Add SHA3 test cases. Improved and extended test suite.
    * v3.1.0
      [FEATURE] Add KMA support for AES-GCM.
      [FEATURE] Add SHA-3 support.
      [PATCH] Reject RSA keys with invalid key-length.
      [PATCH] Allow zero output length for ica_random_number_generate.
      [PATCH] icastats: Correct owner of shared segment when root creates it.
    * Removed the following obsolete patches:
      libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
      libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
      libica-3.0.2-03-fix-aes-ctr.patch
      libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
* Wed Sep 13 2017 mpost@suse.com
  - libica: AES-GCM/CCM sometimes compute wrong tag values (bsc#1058567)
    - Added the following patches (bsc#1058567)
    - libica-3.0.2-01-fix-old-aes-gcm-decrypt-code-path.patch
    - libica-3.0.2-02-fix-aes-ccm-encrypt-code-path.patch
    - libica-3.0.2-03-fix-aes-ctr.patch
    - libica-3.0.2-04-fix-aes-gcm-to-allow-zero-pt-ct-length.patch
* Thu Jun 01 2017 fcrozat@suse.com
  - baselibs.conf doesn't need any additional provides/conflicts for
    libica3.
* Fri May 12 2017 fcrozat@suse.com
  - Update baselibs.conf with proper name for library package name,
    stop providing/obsoleting libica-2_1_0/libica-2_3-0.
* Tue May 09 2017 mpost@suse.com
  - Upgraded to version 3.0.2 (Fate#322025).
    - v3.0.2
    - Fix locking callbacks for openSSL APIs.
    - v3.0.1
    - Fixed msa level detection on zEC/BC12 GA1 and predecessors.
    - v3.0.0
    - Added FIPS mode.
    - Sanitized exported symbols.
    - Removed deprecated APIs. Marked some APIs as deprecated.
    - Adapted to OpenSSL v1.1.0.
    - RSA key generation is thread-safe now.
  - Removed the following obsolete patches:
    - fix-initialization-of-s390-hardware-switches-1.patch
    - fix-initialization-of-s390-hardware-switches-2.patch
    - fix-msa-level-detection.patch
    - fix-segfault-during-multithread-keygen.patch
    - rng-performance.patch
* Fri Mar 31 2017 mpost@suse.com
  - Made the following packaging changes:
    - Implemented the shared library packaging guidelines.
    - Consolidated double invocation of %setup into just one.
    - Dropped redundant %ifarch, the package is already ExclusiveArch.
    - Updated descriptions.
  - Added an libica-rpmlintrc file.
* Wed Nov 30 2016 mpost@suse.com
  - Added the following two patches:
    - fix-segfault-during-multithread-keygen.patch (bsc#991485)
    - fix-msa-level-detection.patch (bsc#1010927)
* Tue Aug 02 2016 mpost@suse.com
  - Added rng-performance.patch (bsc#990850).
* Tue Jun 14 2016 mpost@suse.com
  - Updated baselibs.conf to obsolete prior versions of the 32bit
    package. (bsc#983897):
    provides "libica-<targettype> = <version>"
    obsoletes "libica-<targettype> < <version>"
    provides "libica-2_1_0-<targettype> = <version>"
    obsoletes "libica-2_1_0-<targettype> < <version>"
    provides "libica-2_3_0-<targettype> = <version>"
    obsoletes "libica-2_3_0-<targettype> < <version>"
* Wed May 18 2016 mpost@suse.com
  - Added fix-initialization-of-s390-hardware-switches-1.patch and
    fix-initialization-of-s390-hardware-switches-2.patch (bsc#980548)
* Mon Feb 22 2016 mpost@suse.com
  - Upgraded to version 2.6.2 (FATE#319610).
  - Renamed /etc/init.d/z90crypt to boot.z90crypt to conform to
    naming standards.
  - Found the original location of the icaioctl.h file and downloaded
    it to replace what we had previously.
  - Removed the unnecessary libica2.la file
  - Removed unnecessary Requires for glibc-devel
  - Added Requires libica2 to the -devel package
  - Converted call to configure to %configure macro
  - Removed obsolete and unnecessary INSROOT and bindir parameters
    from the make install command
* Fri Nov 06 2015 pth@suse.de
  - Add Provides/Obsoletes for libica-2_3_0 so that the package from
    SLE12 GA is replaced (bsc#953096).
* Wed Nov 04 2015 meissner@suse.com
  - move the .so file to the mainpackage, the openssl-ibmca engine
    will only load "libica.so" (bsc#952871)
* Mon Aug 17 2015 jjolly@suse.com
  - Update to libica v2.4.2 (FATE#318035)
  - Removed outdated libica-aes_ccm-31-bit-compatibility.patch
  - Moved init script into libica-SuSE.tar.bz2 archive

Files

/usr/lib64/.libica-cex.so.4.2.3.hmac
/usr/lib64/.libica-cex.so.4.hmac
/usr/lib64/.libica.so.4.2.3.hmac
/usr/lib64/.libica.so.4.hmac
/usr/lib64/libica-cex.so.4
/usr/lib64/libica-cex.so.4.2.3
/usr/lib64/libica.so.4
/usr/lib64/libica.so.4.2.3


Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Apr 10 00:33:57 2024