openssl3-ibmca-2.4.0-150500.6.3.1<>,Kekp9|QQ[Qd~ȗp!~r܀.;yLdb)߾;q'%wz_VFSuMs_dӊ d-mcΚQLQ;mz+S' >oNi!aK!zr }ewCV>qoErp #sU0&Uk܁k} :1jm톌%+fg fEìwe ~%36;ZD~>B9?9d $ E *5 KZL      \X  s( 8 9 ,:o>2@2"F2*G2@H2|I2X2Y2\2]38^4Fb5c5d6Le6Qf6Tl6Vu6hv6w8hx8y8z989H9L9R9Copenssl3-ibmca2.4.0150500.6.3.1The IBMCA OpenSSL dynamic engineThis package contains a shared object OpenSSL dynamic engine which interfaces to libica, a library enabling the IBM s390/x CPACF crypto instructions.eks390zl33_+SUSE Linux Enterprise 15SUSE LLC Apache-2.0https://www.suse.com/Hardware/Otherhttps://github.com/opencryptoki/openssl-ibmcalinuxs390x#Original fix for bsc#942839 was to update on first install #For bsc#966139 update if openssl_def not found cp -p /usr/share/openssl3-ibmca/openssl-ibmca.sectiondef.txt /etc/ssl/engines3.d/openssl-ibmca.cnf cp -p /usr/share/openssl3-ibmca/openssl-ibmca.enginedef.cnf /etc/ssl/engdef3.d/openssl-ibmca.cnfif [ $1 -eq 0 ]; then # last uninstall rm -f /etc/ssl/engines3.d/openssl-ibmca.cnf rm -f /etc/ssl/engdef3.d/openssl-ibmca.cnf fi\ $ A큤큤A큤A큤ekekekekd%Rd%Rekekekd%Rekekekekb2'g668c57b24eafc7684bda4b394efa8ab3941ba68392f7090b26f92f17b9d32a69623de1246e60e9b17432253702c950790b831f4fc925ec198434c933c09163cfa30ee2ca84d9df1edd165058109ce87a0cceb6bca0b3126f057eda01f71aa3b2a7e6bd9768ef8bd82eeb6e6815489fc7f4a33022057d705345ef7ae28a17e597b15ca0996b5cce68d6d3623ef6f1afb97d619a8c4d33aae01f6b773c99cef4aa0d40c236e384fb57542ea314cd671ba2f6d1bcedaa9932c4c160952e87eb664b827900c632630b44065023a1033d4f8c450cb813fc8220e5ea601287a3eeb451f943b5c7aee57ec8d33f5baabf638230e0d5c3c4404eb21ecfc2ba93567257a971abfda12c2260475b16093109aa91ebe72c6849c9669156c99f368366e2d725985506f2b0ae896e2bd3287acd7be6688baaaed82083162d3f430a9f020b574dd21758b0834f572123eb4ea706e9e444586146d134789e7a8973a0677c900bb3dbd9c040f032510a5a2af3f4f0088794f79b19f28be2e0d557d081f763b78512rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootopenssl3-ibmca-2.4.0-150500.6.3.1.src.rpmlibtool(/usr/lib64/engines-3/ibmca-provider.la)openssl3-ibmcaopenssl3-ibmca(s390-64)@@@@@@@@@@@@@@@@     /bin/sh/bin/shld64.so.1()(64bit)ld64.so.1(GLIBC_2.3)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.30)(64bit)libc.so.6(GLIBC_2.4)(64bit)libcrypto.so.3()(64bit)libcrypto.so.3(OPENSSL_3.0.0)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2)(64bit)libica-cex.so.4()(64bit)libica-cex.so.4(LIBICA_3.0.0)(64bit)libica-cex.so.4(LIBICA_3.0.0_FIPS)(64bit)libica-cex.so.4(LIBICA_3.3.0)(64bit)libica-cex.so.4(LIBICA_4.0.2)(64bit)libica4-openssl3openssl-3rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)4.0.13.0.4-14.6.0-14.0-15.2-14.14.3d@d7dS@dP@dJcdGdA)@d-bd c< @b0aD@_a@]w@]fl]@[1[_[@[-Y@Y@X@Ww@W@V@V@V/g@V/g@T9T~@otto.hollmann@suse.compmonreal@suse.comotto.hollmann@suse.comnikolay.gueorguiev@suse.comnikolay.gueorguiev@suse.comnikolay.gueorguiev@suse.comnikolay.gueorguiev@suse.comnikolay.gueorguiev@suse.comnikolay.gueorguiev@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commpost@suse.commeissner@suse.commpluskal@suse.commpost@suse.comjjolly@suse.comjjolly@suse.comjjolly@suse.comp.drouand@gmail.commeissner@suse.com- Adjust configure and Makefile to require libica-openssl3 when building wiht openssl3 flavor. [bsc#1207472] * Add openssl3-rename-libica-files.patch- Adjust dlopen() for the new ibmca-openssl3.so for the multibuild flavor. This allows to install in parallel a version compiled against openssl 1.1.1 and another with openssl 3.0. [bsc#1207472]- Add multibuild flavor to provide library compiled against openssl-3 [bsc#1207472]- Updated the .spec file * uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries- Updated the .spec file as follow: * BuildRequires: libica-devel >= 4.0.0 * BuildRequires: libica-tools >= 4.0.0- Added dependency on libica4 (bsc#1209038) * BuildRequires and Requires statements in .spec file for libica4- Applies a patch (bsc#1210359) * openssl-ibmca-engine-noregister.patch - Updated the '#dynamic_path' line, as it was before, with the comment '#'.- Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059) * openssl-ibmca 2.4.0 - Provider: Adjustments for OpenSSL versions 3.1 and 3.2 - Provider: Support RSA blinding - Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding - Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding - Provider: Adjustments in OpenSSL config generator and example configs - Engine: EC: Cache ICA key in EC_KEY object (performance improvement) - Engine: Enable RSA blinding- Updated .spec file removed '#' from the line containing 'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038) - Added in %files * /usr/lib64/engines-3/ibmca-provider.la * /usr/lib64/engines-3/ibmca-provider.so- Upgraded to version 2.3.1 (jsc#PED-597) * openssl-ibmca 2.3.1 - Adjustments for libica 4.1.0 * openssl-ibmca 2.3.0 - First version including the provider - Fix for engine build without OpenSSL 3.0 sources * openssl-ibmca 2.2.3 - Fix PKEY segfault with OpenSSL 3.0 * openssl-ibmca 2.2.2 - Fix tests with OpenSSL 3.0 - Build against libica 4.0 - Removed a Requires for libica from the specfile. - Removed the obsolete baselibs.conf file- Completely revamped the postinstall scriptlet so that it doesn't need to know or care about how many lines are in either /etc/ssl/openssl.cnf, or the sample file at /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample We're now using the ".include" directive for the openssl.cnf file, and only modifying that file the minimum necessary to implement the change. (bsc#1004463)- Upgraded to version 2.2.1 (jsc#SLE-18333) * openssl-ibmca 2.2.1 Bug fixes * openssl-ibmca 2.2.0 Implement fallbacks based on OpenSSL Disable software fallbacks from libica Allow to specify default library (libica vs. libica-cex) to use Provide "libica" engine ctrl to switch library at load time Update README.md Remove libica link dependency Generate sample configuration files from system configuration Restructure registration global data * openssl-ibmca 2.1.3 Bug fix * openssl-ibmca 2.1.2 Bug fixes - Modified spec file to * Define a global variable enginesdir the same was as IBM does instead of _ENGINE_DIR as we had been doing. * Implemented %make_build macro according to spec-cleaner * Changed the package description to match IBM's. * Removed the redundant "autoreconf --force --install"- Upgrade to version 2.1.1 (jsc#SLE-13709) * Bug fixes- Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882) Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448- Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424) * openssl-ibmca 2.0.3 Add MSA9 CPACF support for ECDSA sign/verify - Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch - Changed the ExclusiveArch directive to include s390x only. - The code in e_ibmca.c does a dlopen for libica.so.3, instead of linking against the shared library. As a result, if the package containing libica.so.3 isn't installed, problems occur. Added a "Requires: libica3" to the spec file to fix this. (bsc#1142286) - Made a couple of changes to the spec file based on the output from spec-cleaner.- Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch An Apache HTTP Server was set up with mod_ssl and the openssl ibmca engine using libica and a CEX6A card. Whenever a worker process is cleaned up a segmentation fault occurs. (bsc#1138517)- Upgraded to version 2.0.2 (Fate#325688) * openssl-ibmca 2.0.2 Fix doing rsa-me, altough rsa-crt would be possible.- Upgraded to version 2.0.1 (Fate#325688) * openssl-ibmca 2.0.1 Dont fail when a libica symbol cannot be resolved. - Made multiple changes to the spec file based on spec-cleaner output.- Upgraded to version 2.0.0 (Fate#325688) * openssl-ibmca 2.0.0 Add ECC support. Add check and distcheck make-targets. Project cleanup, code was broken into multiple files and coding style cleanup. Improvements to compat macros for openssl. Don't disable libica sw fallbacks. Fix dlclose logic. * openssl-ibmca 1.4.1 Fix structure size for aes-256-ecb/cbc/cfb/ofb Update man page Switch to ibmca.so filename to allow standalone use Switch off Libica fallback mode if available Make sure ibmca_init only runs once Provide simple macro for DEBUG_PRINTF possibility Cleanup and slight rework of function set_supported_meths - Did some cleanup to the spec file, based on spec-cleanup. - Removed the following obsolete patches: * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch- Added the following patches for bsc#1097463 * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch- Upgraded to version 1.4.0 * Re-license to Apache License v2.0 * Fix aes_gcm initialization. * Update man page. * Add macros for OpenSSL 0.9.8 compat. * Remove AC_FUNC_MALLOC from configure.ac * Add compat macro for OpenSSL 1.0.1e-fips. * Setting 'foreign' strictness for automake. * Add AES-GCM support. * Rework EVP_aes macros. * Remove dependency of old local OpenSSL headers. * Fix engine initialization to set function pointers only once. * Remove blank COPYING and NEWS files. * Remove INSTALL and move its content to README.md * Update README.md file to make use of markdown. * Rename README file to README.md to use markdown * Add CONTRIBUTING guidelines. * Adding coding style documentation. * Enable EVP_MD_FLAG_FIPS flag for SHA-*. * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0 * Fix SHA512 EVP digest struct to use EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0 * Fix wrong parenthesis * convert libica loading to dlopen() and friends * Add support to DSO on new API of OpenSSL-1.1.0 - Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch - Added BuildRequires for autoconf, automake, and libtool. - Updated BuildRequires for libica-devel to be >= 3.1.1- Now that the openSSL engines directory is versioned: * Modified the spec file to query the libcrypto package for which directory to install the engine into. * Removed openssl-ibmca-fix-enginepath.patch. Replaced it with a sed command so that it will provide the correct versioned engines directory - Removed openssl-ibmca-configure.patch. It doesn't seem to be needed any longer.- Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113) - Added libica-tools to the BuildRequires due to repackaging of libica. - Renamed BuildRequires from libica2-devel to libica-devel for the same reason. - Tweaked a comment to get rid of an rpmlint warning message.- fixed ssl configuration merging (bsc#1004463) - openssl-ibmca-fix-enginepath.patch: fix the engine path- Use macro for configure (fate#319941) - Use url for source - Enable parallel building - Cleanup spec file with spec-cleaner- Upgraded to version 1.3.0 (fate#319941) - Updated openssl-ibmca-configure.patch to apply cleanly - Removed obsolete patches - openssl-ibmca-README.patch - openssl-ibmca-sha256-digest-length.patch - openssl-pkey.patch - openssl-des-ede.patch - Did some spec file cleanup.- Fixed %post script to update library path (the only dynamic part of the ibmca configuration) every time the package is installed. (bsc#966139)- Updated AUTHORS, INSTALL, and README (bsc#942839) - %post and %postun added to properly update openssl.cnf (bsc#942839)- Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138)- Remove dependency on fillup anf insserv; the package provides neither sysconfig file nor sysvinit script - Remove depreciated AUTHORS section - Use %configure macro - Add openssl-ibmca-configure.patch- the openssl engines moved to /%_lib/engines bnc#905480/bin/sh/bin/shs390zl33 1701519120 2.4.0-150500.6.3.12.4.0-150500.6.3.1ibmca-provider.laibmca-provider.soibmca.soopenssl3-ibmcaChangeLogREADME.mdibmca-engine-opensslconfigopenssl.cnf.sampleopenssl3-ibmcaLICENSEopenssl3-ibmca-provider.5.gzopenssl3-ibmca.5.gzopenssl3-ibmcaopenssl-ibmca.enginedef.cnfopenssl-ibmca.sectiondef.txt/usr/lib64/engines-3//usr/share/doc/packages//usr/share/doc/packages/openssl3-ibmca//usr/share/licenses//usr/share/licenses/openssl3-ibmca//usr/share/man/man5//usr/share//usr/share/openssl3-ibmca/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31233/SUSE_SLE-15-SP5_Update/beb46e53caf9e7fad4b3e487a1cfc3f9-openssl-ibmca.SUSE_SLE-15-SP5_Update:openssl3drpmxz5s390x-suse-linuxlibtool library fileELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=c182c0040f65f9bcb38a3deeeeb312a69e1a3f5e, strippedELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=521008a2277d44f1a8744b6b399bdd34779e8cbd, strippeddirectoryASCII textPerl script text executabletroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix) PRRRRRRRRR R R RRR RRRR R R R\X{K~W utf-8c3dc543489b450985c6d269cf0c7da1233da9aa18a2c3bf22fd2f5cc484d44f1?7zXZ !t/ ]"k%N6՞p j'EJ8q9pnc0YYTtB%jEH@oG}̓sby eNxu׊ݺ!&Q-_u[2 KUb`mhh-hy3qe@ rzD@S~!Au7׷ʷkL屜?N(-n[ /t]O=Q͂JM=J'x!|E$HC7U_ZMC Q3Q^1J3#ޘGW)F_OQ:%JW_URM.w=}Un|E~_IB`|ЁUp׉mJ#2.͂>wx djhʶn0+gkFGAyn,*s~0xw! K]hzIhP=Ts]e5OtŠTd 0ZKM:xbJeA4PłE"XwBiPȰ,,HdW^Sq7_zQ+ggn b9?H6VݺCLq+20[k-41(TJwvm8H?%Ҧ?>UZC,աN¯C;7nyd Z/^sQ>4<ΑSip@Htq`8(}iVyJ32c!'~ؙ1}g=PP-* C?ogij,Pȡ~JD+U)b-Ȳthos+` c24kE",͑fN+.e:lSK ~ j1yV3+qeEH"󈵩,|.(3vz<S-ŸJm0o)D)3`1vȩ8PBD{Gcy}FZk-b0Av6 ^+>Y_tv`cy%[" }q/&"qi7a` Z9So8pWe$z Ani*"vɮЍ[7jEzW/e8_k$p ؼ`]T|3 #čtɧaX%^7#5)COYU8bPO` lG*Pn${OyYpO]- LOzc=#Eb'=_LBGלړ߰kAṭ !{RFttT9&7Bf ;ܡ @14 6hZv#i1JktxWϺWJNOoAo݄(G|nkg nqk4@4K,p#(_o֗ vSu_!|[~!߽#k} ]"pKq < fzo`7eXO(jϥ/v /U- ^c+$4 Kʋod0c_(n^@kᮖ6% n=W[ۗZwOv;T\rYqҦԩ"_HP&j39={3/=jb`~F0(9 rtexX UU_eQ`a?f{} 3O4fV@>{*y3?JM۫WN͝CB/Rq ?]sί"%;zmM('qA2}PNM^x 8.yx[՛\>q$`R}"Ə1)*+3VTpaGQtrtCQFD\m[`šH@&cVK<*vr}'I2E۟I4kd)K2ߓL|n,aATBFF*\0P#:_ԋ[Ex7-cvҮ24';D|e'G aj2[/9My\;FeTDt [:;@d=={ KZ[0ҚBfNN_:ua8%@aэa䇎REHsD:Cêj)w4AtR-Ӈ>[1 $ (T0J 0GkD2Ș*aՠ~2̌bߨOM-TWrSG DvEPx=Bl fU0Pzga-Qogb祻oD~.(@oK05@)5r:A1k>dkúRjqL)aIjǮh ^51*谴7|e[A^6O;L-[zdcF  iI° O9L :0VHm2 Jy7f 'B8e `)KmjC.AtL& {ERO~jYV.YS`r:Xnd>bIR`G;DبɂZD=zK*pډ,FЭoNu-P _oUᗧd|g=JN YZ