libykcs11-2-2.2.1-1.3 RPM for ppc64

From OpenSuSE Ports Tumbleweed for ppc64

This is a PKCS#11 module that allows to communicate with the PIV application running on a YubiKey

Provides

• libykcs11-2
• libykcs11-2(ppc-64)
• libykcs11.so.2()(64bit)

Requires

• /sbin/ldconfig
• /sbin/ldconfig
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libcrypto.so.1.1()(64bit)
• libcrypto.so.1.1(OPENSSL_1_1_0)(64bit)
• libcrypto.so.1.1(OPENSSL_1_1_1)(64bit)
• libykpiv.so.2()(64bit)
• pcsc-ccid
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

BSD-2-Clause

Changelog

* Mon Jan 31 2022 Dirk Müller <dmueller@suse.com>
  - update to 2.2.1:
    * ykpiv: Minor bug fixes
    * ykcs11: Improved handling of object attributes
    * ykcs11: Update flags for EC related mechanisms
    * ykcs11: Minor bug fixes
    * test: Improved testing
    * doc: Improved documentation
* Sun Feb 28 2021 Dirk Müller <dmueller@suse.com>
  - update to 2.2.0:
    * ykpiv: Increased SO version
    * ykpiv: Fixed minor memory leaks
    * ykpiv: Improved error handling
    * ykpiv: Improved handling of PCSC card validation
    * ykcs11: Updated Cryptoki version
    * ykcs11: Support for CKM_ECDH1_DERIVE mechanism info
    * ykcs11: Support for destroying ECDH derived keys
    * ykcs11: Improved handling of PIN after device re-connection
    * ykcs11: Improved debug logging
    * cmd: Improved parsing of certificate Distinguished Name to allow an escape character
    * cmd: Warning to discourage generating RSA1024 keys
    * build: Use of platform standard installation path when building yubico-piv-tool
    * tests: Improved testing
    * Replaced building with autotool with building with cmake
    * Security update for YSA-2020-02
    * ykpiv: Fixed potential memory leaks
    * ykpiv: Use PIN-protected MGMT key if the device is configured that way
    * ykpiv: Added attestation to CSR if requested
    * ykpiv: Fixed compatibility with LibreSSL
    * ykcs11: Improved handling of error codes
    * ykcs11: Improved handling of examples in the PKCS11 specifications
    * ykcs11: Added the possibility to have debug output as a runtime setting
    * ykcs11: Added support to unblock PIN with PUK
    * ykcs11: Make C_SetPIN backwards compatible while also allowing unblock PIN
    * tests: Improved tests
  - run tests
  - add pthread-link.patch
* Sun Mar 01 2020 Marcus Rueckert <mrueckert@suse.de>
  - Version 2.0.0
    - ykpiv: Added ykpiv_get_metadata and ykpiv_util_parse_metadata
      to read and parse private key metadata (supported from YK 5.3).
    - ykpiv: Fixed PCSC transaction handling when re-selecting PIV
      due to external card reset events.
    - ykpiv: Improved error reporting.
    - ykpiv: Correctly report YK5 devices, and NEO and YK5 over NFC.
    - ykpiv: MGM KEY (SO PIN) is cached (in addition to PIN).
    - ykpiv: Fixed resetting of cached serial / version when an
      application re-uses ykpiv_state.
    - ykpiv: ykpiv_get_pin_retries selects a different applet before
      re-selecting PIV since just re-selecting PIV is a no-op on YK5.
    - ykcs11: Shared library exports all PKCS11 functions per the
      spec (For applications that don’t use C_GetFunctionList).
    - ykcs11: Support for up to 16 simultaneous sessions, with
      support for multi-threaded access (if requested when calling
      C_Initialize).
    - ykcs11: Support for resetting the PIV application via
      C_initToken.  Requires knowledge of the MGMT KEY (SO PIN) per
      the PKCS11 spec.
    - ykcs11: Support for public-key operations not supported by PIV
      (C_Verify, C_Encrypt), implemented using OpenSSL.
    - ykcs11: Support for attestations, exposed as session objects of
      certificate class. Generated when opening the first session to
      a slot.
    - ykcs11: Support for forked processes on Linux and MacOS.
    - ykcs11: Support for RSA signatures using PKCS or PSS padding
      with optional digesting by the library. Raw signatures are also
      supported.
    - ykcs11: Support for ECDSA signatures with optional digesting by
      the library. Raw signatures are also supported.
    - ykcs11: Support for RSA encryption / decryption with PKCS or
      OAEP padding.
    - ykcs11: Makes use of key metadata when available (YK 5.3 and
      above), providing access to keys even if certificates are not
      present.
    - ykcs11: Supports SHA1, SHA256, SHA384 and SHA512 digesting,
      plus SHA224 digesting for ECDSA signatures and for the MGF1
      digest in PSS / OAEP, implemented using OpenSSL.
    - ykcs11: Supports C_Login with context-specific user type. This
      allows use cases that require both SO PIN and normal PIN in the
      same session.
* Mon Jun 03 2019 Karol Babioch <kbabioch@suse.de>
  - Version 1.7.0 (released 2019-04-03)
    * Add ykpiv_get_serial() to API.
    * Add version and serial to status output.
    * FASC-N fixes for CHUID.
    * ykcs11: Fix ECDSA signatures.
    * Make selfsigned X.509 extensions have correct extensions to match openssl.
    * Security fixes.
    * Documentation fixes.
    * Try to clear memory that might contain secrets.
* Fri Sep 28 2018 Jan Engelhardt <jengelh@inai.de>
  - Rename %soname to %sover to better reflect its use.
  - Fix RPM groups.
* Thu Sep 27 2018 Karol Babioch <kbabioch@suse.com>
  - Version 1.6.2 (released 2018-09-14)
    - Compare reader names case insensitive
    - Fix certificate and certificate request signatures with OpenSSL 1.1
* Tue Aug 28 2018 kbabioch@suse.com
  - Version 1.6.1 (released 2018-08-17)
    - Compilation warning fixes for OpenSSL 1.1 builds
    - Fix length when encoding exactly 0xff bytes
    - Check length of objects correctly before storing in buffer
    - Check length of certificate correctly when storing
  - Version 1.6.0 (released 2018-08-08)
    - Security release to mitigate YSA-2018-03 (YSA-2018-03, CVE-2018-14779,
      CVE-2018-14780, bsc#1104809, bsc#1104811)
    - Allow building against LibreSSL
    - Bugfixes in OpenSSL 1.1 code
    - Fix compilation warnings
    - Fix ykcs11 key generation to work with OpenSSL 1.1
    - Ykcs11 compatibility fixes
  - Make use of %license macro instead of %doc for COPYING
  - Applied spec-cleaner
* Thu Nov 30 2017 t.gruner@katodev.de
  - Version 1.5.0 (released 2017-11-29)
    - API additions: Higher-level "util" API added to libykpiv.
    - Added ykpiv_attest(), ykpiv_get_pin_retries(), ykpiv_set_pin_retries()
    - Added functions for using existing PCSC card handle.
    - Support using custom memory allocator.
    - Documentation updates. make doxygen for HTML format.
    - Expanded automated tests for hardware devices, moved to make hwcheck.
    - OpenSSL 1.1 support
    - Moderate internal refactoring. Many small bugs fixed.
* Wed Nov 15 2017 t.gruner@katodev.de
  - Version 1.4.4 (released 2017-10-17)
    - Documentation updates.
    - Add pin caching to work around disconnect problems.
    - Disable RSA key generation on YubiKey 4 before 4.3.5. See https://yubi.co/ysa201701/ for details.
* Mon May 29 2017 t.gruner@katodev.de
  - Version 1.4.3 (released 2017-04-18)
    - Encode RSA x509 certificates correctly.
    - Documentation updates.
    - In ykcs11 return CKA_MODULUS correctly for private keys.
    - In ykcs11 fix for signature size approximation.
    - Fix PSS signatures in ykcs11.
    - Add a CLI flag --stdin-input to make batch execution easier.

Files

/usr/lib64/libykcs11.so.2
/usr/lib64/libykcs11.so.2.2.1

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat May 20 00:06:09 2023