Hello community, here is the log from the commit of package openssl-ibmca for openSUSE:Factory checked in at 2015-03-27 09:39:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openssl-ibmca (Old) and /work/SRC/openSUSE:Factory/.openssl-ibmca.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openssl-ibmca" Changes: -------- --- /work/SRC/openSUSE:Factory/openssl-ibmca/openssl-ibmca.changes 2013-12-13 11:59:55.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openssl-ibmca.new/openssl-ibmca.changes 2015-03-27 09:39:58.000000000 +0100 @@ -1,0 +2,57 @@ +Sun Mar 8 17:15:03 UTC 2015 - [email protected] + +- Remove dependency on fillup anf insserv; the package provides + neither sysconfig file nor sysvinit script +- Remove depreciated AUTHORS section +- Use %configure macro +- Add openssl-ibmca-configure.patch + +------------------------------------------------------------------- +Thu Aug 14 13:03:44 UTC 2014 - [email protected] + +- Forced requirement of libica-2_3_0 (bnc#890824) + +------------------------------------------------------------------- +Thu Jun 26 07:35:34 UTC 2014 - [email protected] + +- openssl-des-ede.patch: fixed a crash during benchmark (bnc#879922) +- openssl-pkey.patch: defer HMAC signing to pkey framework, fixes + fips self-test during EC key creation (bnc#879922) +- spec file cleaned up a bit + +------------------------------------------------------------------- +Tue Mar 18 12:33:49 UTC 2014 - [email protected] + +- openssl-ibmca-sha256-digest-length.patch: SHA256: Fixed message + digest length definition in sha256 template (bnc#868275) + +------------------------------------------------------------------- +Wed Mar 5 18:51:25 CET 2014 - [email protected] + +- update to 1.2.0 +- removed patches: + ibmca-configure.patch + ibmca-segfault.fix.patch + ibmca-sw-fix.patch + openssl-ibmca-1.0.0.rc2-memset-fix.patch +- make it exclusivearch for s390/s390x as the required libica + is only available for s390/s390x + +------------------------------------------------------------------- +Wed Feb 19 14:02:44 UTC 2014 - [email protected] + +- Made required libica-2_1_0 s390 specific +- Added x86_64 to ExclusiveArch as %ix86 doesn't do it +- Removed libica requirement - allowing build process to find it + +------------------------------------------------------------------- +Wed Feb 19 06:10:42 UTC 2014 - [email protected] + +- Added COPYING to %files + +------------------------------------------------------------------- +Tue Feb 18 14:47:27 UTC 2014 - [email protected] + +- Requiring libica 2.1.0 or greater + +------------------------------------------------------------------- Old: ---- ibmca-configure.patch ibmca-segfault.fix.patch ibmca-sw-fix.patch openssl-ibmca-1.0.0-rc2.tar.bz2 openssl-ibmca-1.0.0.rc2-memset-fix.patch New: ---- openssl-des-ede.patch openssl-ibmca-1.2.0.tar.gz openssl-ibmca-configure.patch openssl-ibmca-sha256-digest-length.patch openssl-pkey.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openssl-ibmca.spec ++++++ --- /var/tmp/diff_new_pack.B4ILfz/_old 2015-03-27 09:39:59.000000000 +0100 +++ /var/tmp/diff_new_pack.B4ILfz/_new 2015-03-27 09:39:59.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package openssl-ibmca # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,58 +19,43 @@ Name: openssl-ibmca BuildRequires: autoconf BuildRequires: automake -BuildRequires: libica +BuildRequires: libica-2_3_0-devel BuildRequires: libtool BuildRequires: openssl-devel Summary: The IBMCA OpenSSL dynamic engine License: IPL-1.0 Group: Hardware/Other -Version: 1.0.0 +Version: 1.2.0 Release: 0 -Source: openssl-ibmca-1.0.0-rc2.tar.bz2 +Source: openssl-ibmca-1.2.0.tar.gz Source2: baselibs.conf -Patch: ibmca-configure.patch Patch1: openssl-ibmca-README.patch -Patch2: ibmca-segfault.fix.patch -Patch3: ibmca-sw-fix.patch -Patch4: openssl-ibmca-1.0.0.rc2-memset-fix.patch +Patch2: openssl-ibmca-configure.patch +Patch3: openssl-ibmca-sha256-digest-length.patch +Patch4: openssl-pkey.patch +Patch5: openssl-des-ede.patch Url: http://sourceforge.net/projects/opencryptoki BuildRoot: %{_tmppath}/%{name}-%{version}-build -PreReq: %fillup_prereq %insserv_prereq -Requires: libica +Requires: libica-2_3_0 Requires: openssl -# bug437293 -%ifarch ppc64 -Obsoletes: openssl-ibmca-64bit -%endif +ExclusiveArch: s390 s390x # -%define ibmca_64bit_arch s390x ppc64 ppc64le -%define ibmca_32bit_arch %ix86 s390 ppc %arm -ExclusiveArch: %ibmca_32bit_arch %ibmca_64bit_arch %description This package contains a shared object OpenSSL dynamic engine for the IBM eServer Cryptographic Accelerator (ICA). - - -Authors: --------- - Mike Halcrow <[email protected]> - %prep -%setup -n openssl-ibmca-1.0.0-rc2 -%patch -p1 +%setup -q %patch1 -%patch2 -p1 +%patch2 %patch3 -p1 %patch4 -p1 +%patch5 -p1 %build autoreconf --force --install -export CFLAGS="$RPM_OPT_FLAGS" -export CPPFLAGS="$RPM_OPT_FLAGS" -./configure --with-engines-dir=%_libdir/engines --libdir=%_libdir/engines +%configure --with-engines-dir=%_libdir/engines --libdir=%_libdir/engines make %install @@ -78,14 +63,9 @@ #(cd $RPM_BUILD_ROOT; libtool --finish ./%_libdir/engines) rm ${RPM_BUILD_ROOT}%{_libdir}/engines/libibmca.la -%post -%run_ldconfig - -%postun - %files %defattr(-, root, root) -%doc README +%doc README COPYING %doc openssl.cnf.sample %dir %{_libdir}/engines %{_libdir}/engines/libibmca.* ++++++ openssl-des-ede.patch ++++++ commit 83b8ed7b25c809fa36ec86d7041a6350dc516606 Author: Joy Latten <[email protected]> Date: Wed Mar 19 15:57:10 2014 -0500 openssl-ibmca: openssl speed -engine ibmca -evp des-ede3-ofb segfaults Signed-off-by: Joy Latten <[email protected]> diff --git a/e_ibmca.c b/e_ibmca.c index b1ad975..0acbe5f 100644 --- a/e_ibmca.c +++ b/e_ibmca.c @@ -883,8 +883,7 @@ typedef unsigned int (*ica_sha256_t)(unsigned int, unsigned int, unsigned char * sha256_context_t *, unsigned char *); typedef unsigned int (*ica_des_ofb_t)(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, - unsigned int key_length, unsigned char *iv, - unsigned int direction); + unsigned char *iv, unsigned int direction); typedef unsigned int (*ica_des_cfb_t)(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, unsigned char *iv, unsigned int lcfb, @@ -894,8 +893,7 @@ typedef unsigned int (*ica_3des_cfb_t)(const unsigned char *, unsigned char *, unsigned int, unsigned int); typedef unsigned int (*ica_3des_ofb_t)(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, - unsigned int key_length, unsigned char *iv, - unsigned int direction); + unsigned char *iv, unsigned int direction); typedef unsigned int (*ica_aes_ofb_t)(const unsigned char *in_data, unsigned char *out_data, unsigned long data_length, const unsigned char *key, unsigned int key_length, unsigned char *iv, @@ -1197,7 +1195,7 @@ static int ibmca_des_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, rv = p_ica_des_cfb(in, out, len, pCtx->key, ctx->iv, 8, ICA_ENCRYPT); } else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) { - rv = p_ica_des_ofb(in, out, len, pCtx->key, 8, ctx->iv, + rv = p_ica_des_ofb(in, out, len, pCtx->key, ctx->iv, ICA_ENCRYPT); } else { rv = p_ica_des_encrypt(mode, len, (unsigned char *)in, @@ -1223,7 +1221,7 @@ static int ibmca_des_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, rv = p_ica_des_cfb(in, out, len, pCtx->key, ctx->iv, 8, ICA_DECRYPT); } else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) { - rv = p_ica_des_ofb(in, out, len, pCtx->key, 8, ctx->iv, + rv = p_ica_des_ofb(in, out, len, pCtx->key, ctx->iv, ICA_DECRYPT); } else { /* Protect against decrypt in place */ @@ -1279,7 +1277,7 @@ static int ibmca_tdes_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, ctx->iv, 8, ICA_ENCRYPT); } else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) { rv = p_ica_3des_ofb(in, out, len, pCtx->key, - 8, ctx->iv, ICA_ENCRYPT); + ctx->iv, ICA_ENCRYPT); } else { rv = p_ica_3des_encrypt(mode, len, (unsigned char *)in, (ica_des_vector_t *) ctx->iv, @@ -1305,7 +1303,7 @@ static int ibmca_tdes_cipher(EVP_CIPHER_CTX * ctx, unsigned char *out, ctx->iv, 8, ICA_DECRYPT); } else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) { rv = p_ica_3des_ofb(in, out, len, pCtx->key, - 8, ctx->iv, ICA_DECRYPT); + ctx->iv, ICA_DECRYPT); } else { /* Protect against decrypt in place */ /* FIXME: Again, check if EVP_CIPHER_CTX_iv_length() should be used */ ++++++ openssl-ibmca-configure.patch ++++++ --- configure.in +++ configure.in @@ -28,7 +28,7 @@ # libica is dlopened, so do not add it to LIBS save_LIBS=$LIBS AC_CHECK_LIB(ica, ica_open_adapter, [], \ - AC_MSG_ERROR([*** libica-2.x library not found]), [-lssl]) + AC_MSG_ERROR([*** libica-2.x library not found]), [-lssl -lrt -lcrypto -lpthread]) LIBS=$save_LIBS # OpenSSL location ++++++ openssl-ibmca-sha256-digest-length.patch ++++++ commit f204aca935dfe45b736e9fb8f822c9e79ec9747c Author: Ingo Tuchscherer <[email protected]> Date: Fri Mar 7 10:35:33 2014 +0100 SHA256: Fixed message digest length definition in sha256 template Signed-off-by: Ingo Tuchscherer <[email protected]> Acked-by: John Jolly <[email protected]> diff --git a/e_ibmca.c b/e_ibmca.c index 94c44a4..f3fad35 100644 --- a/e_ibmca.c +++ b/e_ibmca.c @@ -727,7 +727,7 @@ static const EVP_MD ibmca_sha1 = { static const EVP_MD ibmca_sha256 = { NID_sha256, NID_sha256WithRSAEncryption, - SHA_HASH_LENGTH, + SHA256_HASH_LENGTH, 0, ibmca_sha256_init, ibmca_sha256_update, ++++++ openssl-pkey.patch ++++++ commit 6cdca2c3d655ef19d022fb3d8bcbf63491b79db2 Author: Joy Latten <[email protected]> Date: Wed Mar 19 12:50:14 2014 -0500 Add flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE to EVP_MD so that signing method comes from key type. Signed-off-by: Joy Latten <[email protected]> diff --git a/e_ibmca.c b/e_ibmca.c index f3fad35..9353470 100644 --- a/e_ibmca.c +++ b/e_ibmca.c @@ -711,7 +711,7 @@ static const EVP_MD ibmca_sha1 = { NID_sha1, NID_sha1WithRSAEncryption, SHA_HASH_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, ibmca_sha1_init, ibmca_sha1_update, ibmca_sha1_final, @@ -728,7 +728,7 @@ static const EVP_MD ibmca_sha256 = { NID_sha256, NID_sha256WithRSAEncryption, SHA256_HASH_LENGTH, - 0, + EVP_MD_FLAG_PKEY_METHOD_SIGNATURE, ibmca_sha256_init, ibmca_sha256_update, ibmca_sha256_final, -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
