������openssl-ibmca-provider-2.4.1-150600.6.3.2���������������������������������������������������������<���>�������,���������������������������������������������������I܉�����fp9|��Z��;ڜ
Yo� 4�:�[ۻ ��PC˜ ΐx��:^�k{IBf�k,.V!-�N�(�*G|%gGZV�r^<��X[5TMy+T%_�n!�p�6Mt��l"RAo*F� a"�U�s
J00U-�@�
>Ĥ��#t,��,,�K5=��X��wu$\
ͱ@kO����>��������������������B��@���?������@�������d��������������������������������������������������������������� ���,���������� ���M�������������������������������������������������������������������������������������2��������������=���������� ���S��������������b������������������������������������������������������������������������������������������������ ��������������
���������������������� ���������������+�������
�������8���������������d�������������������������������������������������������������0���������������h�����������������������������
��������(������
?�������8������
H���%���9������
���%���:������
���%���>������:x�������@������:�������F������:�������G������:�������H������:�������I������:�������X������;��������Y������;��������\������;0�������]������;\�������^������<9�������b������= �������c������=�������d������>Z�������e������>_�������f������>b�������l������>d�������u������>x�������v������>�������w������?�������x������?�������y������@��������z������@T�������������@d�������������@h�������������@n�������������@����C�openssl-ibmca-provider�2.4.1�150600.6.3.2�The IBMCA OpenSSL dynamic engine�This package contains a shared object OpenSSL dynamic engine which interfaces
to libica, a library enabling the IBM s390/x CPACF crypto instructions.��fs390zl31������!SUSE Linux Enterprise 15�SUSE LLC �Apache-2.0�https://www.suse.com/�Hardware/Other�https://github.com/opencryptoki/openssl-ibmca�linux�s390x�#Original fix for bsc#942839 was to update on first install
#For bsc#966139 update if openssl_def not found
mkdir -p /etc/ssl/engines3.d
mkdir -p /etc/ssl/engdef3.d
cp -p /usr/share/openssl-ibmca-provider/openssl-ibmca.sectiondef.txt /etc/ssl/engines3.d/openssl-ibmca.cnf
cp -p /usr/share/openssl-ibmca-provider/openssl-ibmca.enginedef.cnf /etc/ssl/engdef3.d/openssl-ibmca.cnf�if [ $1 -eq 0 ]; then # last uninstall
rm -f /etc/ssl/engines3.d/openssl-ibmca.cnf
rm -f /etc/ssl/engdef3.d/openssl-ibmca.cnf
fi����������
)������������$�����������y����A큤A큤A큤����������������������ffe�;e�;e�;fe�;fffb2'gdab128ab512330284adc09921b70deacb4a3eaf2fa67351336c4376c882a81cc��54f51a5f6d9b3064fa033c3bf36e3faa7d574eba20351b4e75a3f85072d89e69�b15ca0996b5cce68d6d3623ef6f1afb97d619a8c4d33aae01f6b773c99cef4aa�731be61bc4173a05256343b4fc84079623c9c3dbfe3be444e3c92aaddc2f39e5��f943b5c7aee57ec8d33f5baabf638230e0d5c3c4404eb21ecfc2ba93567257a9�fd96e52b3aaa6e82f1e763105040490775e0bb7226f0a3c86469a23a68da0ca5��9bcbf8ca9d371dcb3df5617454b81d53035191ea05b2b46e86fa6e63c7c893a6�dbd9c040f032510a5a2af3f4f0088794f79b19f28be2e0d557d081f763b78512���������������������������������������������������������root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�root�openssl-ibmca-provider-2.4.1-150600.6.3.2.src.rpm�openssl-ibmca-provider�openssl-ibmca-provider(s390-64)������������@���@���@���@���@���@���@���@���@���@���@���@���@���@���@������������
���
���
���
/bin/sh�/bin/sh�ld64.so.1()(64bit)�ld64.so.1(GLIBC_2.3)(64bit)�libc.so.6()(64bit)�libc.so.6(GLIBC_2.17)(64bit)�libc.so.6(GLIBC_2.2)(64bit)�libc.so.6(GLIBC_2.30)(64bit)�libc.so.6(GLIBC_2.34)(64bit)�libc.so.6(GLIBC_2.4)(64bit)�libcrypto.so.3()(64bit)�libcrypto.so.3(OPENSSL_3.0.0)(64bit)�libica-cex.so.4()(64bit)�libica-cex.so.4(LIBICA_3.0.0)(64bit)�libica-cex.so.4(LIBICA_3.0.0_FIPS)(64bit)�libica-cex.so.4(LIBICA_3.3.0)(64bit)�libica-cex.so.4(LIBICA_4.0.2)(64bit)�libica4�libopenssl3�rpmlib(CompressedFileNames)�rpmlib(FileDigests)�rpmlib(PayloadFilesHavePrefix)�rpmlib(PayloadIsXz)������������������4.0.0��3.0.4-1�4.6.0-1�4.0-1�5.2-1�4.14.3���f�@f�f�f�-f�@e,e)1@e�dkY@dP@dGdFo@d?d.@d�ac< @b0aD@_a@]w@]fl]��@[1[_[�@[-Y@Y@X@Ww@W�@V�@V@V/g@V/g@T9T~@nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�nikolay.gueorguiev@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�mpost@suse.com�meissner@suse.com�mpluskal@suse.com�mpost@suse.com�jjolly@suse.com�jjolly@suse.com�jjolly@suse.com�p.drouand@gmail.com�meissner@suse.com�- Amended the .spec file (bsc#1227537)
* 'rpm.install.excludedocs = yes' in zypp.conf excludes the /usr/share/doc/..
* Added a check, if there is is /usr/share/doc file to be editted.
* Replaced hard-coded '/usr/share' with %{_datadir}�- Amended the .spec file
- Changed the package names
+-------------+---------------------------------+--------------------------+
| Flavor | Package name | Note |
+-------------+---------------------------------+--------------------------+
| '' | openssl-ibmca | Both engine and provider |
| openssl1_1 | openssl1_1-ibmca | openssl1 flavor |
| engine | openssl-ibmca-engine | Only engine |
| provider | openssl-ibmca-provider | Only provider |
+-------------+---------------------------------+--------------------------+�- Applied a patch for openssl1_1 (bsc#1221627)
* openssl1-rename-libica-files.patch�- Re-implemented flavors (openssl3, engine, provider) (bsc#1221627)
+------------+---------------------------------+--------------------------+
| Flavor | Package name | Note |
+------------+---------------------------------+--------------------------+
| '' | openssl-ibmca | openssl1 flavor |
| engine | openssl3-ibmca-engine | Only engine |
| provider | openssl3-ibmca-provider | Only provider |
| openssl3 | openssl3-ibmca | Both engine and provider |
+------------+---------------------------------+--------------------------+
- Changing/editing 'dynamic_path' after the installation on the target system
* From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in
/usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig
for openssl3 flavor�- Amended the .spec file (bsc#1221627)
* Removed the flavors
* Removed 'muiltibuild' environment
* Removed the 'provider' logic�- Updated the .spec file (bsc#1218933, bsc#1221627)
* Amended the .spec file to use modulesdir variable
- Implemented _multibuild environment (openssl1, engine, provider)
- Added a flag and logic for provider in the .spec file
* When provider is set to 1, it 'configures' the provider
* When provider is set to 0, it 'configures' the engine�- Removed an obsolete patch (implemented in the version 2.4.1)
* openssl-ibmca-engine-noregister.patch�- Upgrade to version 2.4.1 (jsc#PED-5422)
* Provider: Change the default log directory to /tmp
* Bug fixes�- Updated the .spec file, amended to use libica4 instead of libica
* Requires: libica4 >= 4�- Updated the .spec file
* uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries�- Updated the .spec file as follow:
* BuildRequires: libica-devel >= 4.0.0
* BuildRequires: libica-tools >= 4.0.0�- Added dependency on libica4 (bsc#1209038)
* BuildRequires and Requires statements in .spec file for libica4�- Applies a patch (bsc#1210359)
* openssl-ibmca-engine-noregister.patch
- Updated the '#dynamic_path' line, as it was before, with the comment '#'.�- Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059)
* openssl-ibmca 2.4.0
- Provider: Adjustments for OpenSSL versions 3.1 and 3.2
- Provider: Support RSA blinding
- Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
- Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
- Provider: Adjustments in OpenSSL config generator and example configs
- Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
- Engine: Enable RSA blinding�- Updated .spec file removed '#' from the line containing
'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files
* /usr/lib64/engines-3/ibmca-provider.la
* /usr/lib64/engines-3/ibmca-provider.so�- Upgraded to version 2.3.1 (jsc#PED-597)
* openssl-ibmca 2.3.1
- Adjustments for libica 4.1.0
* openssl-ibmca 2.3.0
- First version including the provider
- Fix for engine build without OpenSSL 3.0 sources
* openssl-ibmca 2.2.3
- Fix PKEY segfault with OpenSSL 3.0
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file�- Completely revamped the postinstall scriptlet so that it doesn't
need to know or care about how many lines are in either
/etc/ssl/openssl.cnf, or the sample file at
/usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
We're now using the ".include" directive for the openssl.cnf
file, and only modifying that file the minimum necessary to
implement the change. (bsc#1004463)�- Upgraded to version 2.2.1 (jsc#SLE-18333)
* openssl-ibmca 2.2.1
Bug fixes
* openssl-ibmca 2.2.0
Implement fallbacks based on OpenSSL
Disable software fallbacks from libica
Allow to specify default library (libica vs. libica-cex) to use
Provide "libica" engine ctrl to switch library at load time
Update README.md
Remove libica link dependency
Generate sample configuration files from system configuration
Restructure registration global data
* openssl-ibmca 2.1.3
Bug fix
* openssl-ibmca 2.1.2
Bug fixes
- Modified spec file to
* Define a global variable enginesdir the same was as IBM does
instead of _ENGINE_DIR as we had been doing.
* Implemented %make_build macro according to spec-cleaner
* Changed the package description to match IBM's.
* Removed the redundant "autoreconf --force --install"�- Upgrade to version 2.1.1 (jsc#SLE-13709)
* Bug fixes�- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448�- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
* openssl-ibmca 2.0.3
Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
linking against the shared library. As a result, if the package
containing libica.so.3 isn't installed, problems occur. Added
a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
from spec-cleaner.�- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
An Apache HTTP Server was set up with mod_ssl and the openssl
ibmca engine using libica and a CEX6A card. Whenever a worker
process is cleaned up a segmentation fault occurs.
(bsc#1138517)�- Upgraded to version 2.0.2 (Fate#325688)
* openssl-ibmca 2.0.2
Fix doing rsa-me, altough rsa-crt would be possible.�- Upgraded to version 2.0.1 (Fate#325688)
* openssl-ibmca 2.0.1
Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output.�- Upgraded to version 2.0.0 (Fate#325688)
* openssl-ibmca 2.0.0
Add ECC support.
Add check and distcheck make-targets.
Project cleanup, code was broken into multiple files and coding style cleanup.
Improvements to compat macros for openssl.
Don't disable libica sw fallbacks.
Fix dlclose logic.
* openssl-ibmca 1.4.1
Fix structure size for aes-256-ecb/cbc/cfb/ofb
Update man page
Switch to ibmca.so filename to allow standalone use
Switch off Libica fallback mode if available
Make sure ibmca_init only runs once
Provide simple macro for DEBUG_PRINTF possibility
Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
* openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
* openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
* openssl-ibmca-sles15-Update-lib-name-in-documentation.patch�- Added the following patches for bsc#1097463
* openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
* openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
* openssl-ibmca-sles15-Update-lib-name-in-documentation.patch�- Upgraded to version 1.4.0
* Re-license to Apache License v2.0
* Fix aes_gcm initialization.
* Update man page.
* Add macros for OpenSSL 0.9.8 compat.
* Remove AC_FUNC_MALLOC from configure.ac
* Add compat macro for OpenSSL 1.0.1e-fips.
* Setting 'foreign' strictness for automake.
* Add AES-GCM support.
* Rework EVP_aes macros.
* Remove dependency of old local OpenSSL headers.
* Fix engine initialization to set function pointers only once.
* Remove blank COPYING and NEWS files.
* Remove INSTALL and move its content to README.md
* Update README.md file to make use of markdown.
* Rename README file to README.md to use markdown
* Add CONTRIBUTING guidelines.
* Adding coding style documentation.
* Enable EVP_MD_FLAG_FIPS flag for SHA-*.
* Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
* Fix SHA512 EVP digest struct to use
EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
* Fix wrong parenthesis
* convert libica loading to dlopen() and friends
* Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1�- Now that the openSSL engines directory is versioned:
* Modified the spec file to query the libcrypto package
for which directory to install the engine into.
* Removed openssl-ibmca-fix-enginepath.patch. Replaced it
with a sed command so that it will provide the correct
versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
be needed any longer.�- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
same reason.
- Tweaked a comment to get rid of an rpmlint warning message.�- fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path�- Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner�- Upgraded to version 1.3.0 (fate#319941)
- Updated openssl-ibmca-configure.patch to apply cleanly
- Removed obsolete patches
- openssl-ibmca-README.patch
- openssl-ibmca-sha256-digest-length.patch
- openssl-pkey.patch
- openssl-des-ede.patch
- Did some spec file cleanup.�- Fixed %post script to update library path (the only dynamic part
of the ibmca configuration) every time the package is installed.
(bsc#966139)�- Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839)�- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)�- Remove dependency on fillup anf insserv; the package provides
neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch�- the openssl engines moved to /%_lib/engines bnc#905480�/bin/sh�/bin/sh�s390zl31 1721211901�������������������������������������������������������������������������������� ���
������������������������2.4.1-150600.6.3.2�2.4.1-150600.6.3.2�����������������������������������������������ibmca-provider.so�openssl-ibmca-provider�ChangeLog�README.md�ibmca-provider-opensslconfig�openssl-ibmca-provider�LICENSE�ibmca-provider.5.gz�openssl-ibmca-provider�openssl-ibmca.enginedef.cnf�openssl-ibmca.sectiondef.txt�/usr/lib64/ossl-modules/�/usr/share/doc/packages/�/usr/share/doc/packages/openssl-ibmca-provider/�/usr/share/licenses/�/usr/share/licenses/openssl-ibmca-provider/�/usr/share/man/man5/�/usr/share/�/usr/share/openssl-ibmca-provider/�-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g�obs://build.suse.de/SUSE:Maintenance:34809/SUSE_SLE-15-SP6_Update/1a8a337f1f019bc2ac4e961f7321f55b-openssl-ibmca.SUSE_SLE-15-SP6_Update:provider�drpm�xz�5�s390x-suse-linux������������������������������������������������ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=c22d5233dceb7b545f2a5b97dc41f0a7dafa7c89, stripped�directory�ASCII text�Perl script text executable�troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)�����������������������������������������������������������������������������������������R���R���R���R���R�� R���R���R���R���R��
R���R���R��
R���R���L{b�=/m`n�����utf-8�4fb08c3f9bf6d8a7d28312ff8b3f4095a12e104ec39c43d7a77b395af7378164���������?��������7zXZ��
���!�����t/�:�]�"��k%�N6�eƦ62���G�L/��Ey2���%�jc8��}�{ɯƶ
7(�P+>(sxJ�_
�hObjV$5q=!N[��uW_0�h��)*\, N�a�kiNr�|t�Yi�Ji+,XOz�-HenF³�} vSIλLp.|k-�m{Em~f�E
�8M�9q#%0}Y�S�(tR*flg�RŠ^`|'�� ssJ��/���&�jZUz#�l,6�eI:^ZK!6LmЛ��cEKQ]CSm5�f�0�
}�
b�z-���R��
DPSFSckg�f@xX'H]
��Ka�jj��pPV(v8RyɱDC6ӈ3
ٿ˕����&
B}�{��_�LRFJf�H-h��{ˣ���N( �'P
24�&w���?05*ZB�{"w2w��>F[J�cIjpF�
#r���?j6Bd�1+��o�'�)�wʭs#JZ`���pPw��Z
\:u90>BhC �LTqVy�?QN�Uz�ڰZ"it0PWH�Iv���8I�����<���\<8%\d]`ce䋾�� &��d������
YZ