libica-tools-4.2.3-1.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

This package contains command-line utilities to inspect the IBM
eServer Cryptographic Accelerator (ICA).

Provides

• libica-tools
• libica
• libica-2_3_0
• libica-plugin
• libica-tools(s390-64)
• libica2
• libica3

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• /bin/sh
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.2)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libica-cex.so.4()(64bit)
• libica-cex.so.4(LIBICA_3.0.0)(64bit)
• libica-cex.so.4(LIBICA_3.0.0_FIPS)(64bit)
• libica-cex.so.4(LIBICA_4.0.2)(64bit)
• libica-cex.so.4(LIBICA_4.1.2)(64bit)
• libica.so.4()(64bit)
• libica.so.4(LIBICA_3.0.0)(64bit)
• libica.so.4(LIBICA_3.0.0_FIPS)(64bit)
• libica.so.4(LIBICA_4.0.2)(64bit)
• libica.so.4(LIBICA_4.1.2)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

CPL-1.0

Changelog

* Fri Oct 06 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
  - Upgrade to version 4.2.3 (jsc#PED-5446)
    * Add OPENSSL_init_crypto in libica constructor
    * Remove deprecated ioctl Z90STAT_STATUS_MASK
    * Bug fixes
* Tue May 23 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
  - Upgrade to version 4.2.2 (jsc#PED-3277, jsc#PED-3276)
    - [UPDATE] syslog msgs only in error cases
    - [UPDATE] don't count statistics in fips power-on self tests
    - [PATCH] various fixes and some new tests
* Fri Apr 28 2023 Otto Hollmann <otto.hollmann@suse.com>
  - Remove file /etc/libica/openssl3-fips.cnf - we don't support FIPS yet
* Thu Apr 27 2023 Dominique Leuenberger <dimstar@opensuse.org>
  - Prefix /etc/libica with %dir to ensure we don't package
    unversioned files in libica4, as otherwise we violate SLPP.
* Thu Apr 27 2023 Otto Hollmann <otto.hollmann@suse.com>
  - Add /etc/libica directory into %files section.
* Fri Feb 17 2023 Nikolay Gueorguiev <nikolay.gueorguiev@suse.com>
  - Upgrade to version 4.2.1 (jsc#PED-2872)
    - [PATCH] fix regression opening shared memory
* Mon Jan 16 2023 Marcus Meissner <meissner@suse.com>
  - Upgrade to version 4.2.0 (jsc#PED-581, bsc#1202365).
    - [FEATURE] Display build info via icainfo -v
    - [FEATURE] New API function ica_get_build_version()
    - [FEATURE] Display fips indication via icainfo -f
    - [FEATURE] New API function ica_get_fips_indicator()
    - [FEATURE] New API function ica_aes_gcm_initialize_fips()
    - [FEATURE] New API function ica_aes_gcm_kma_get_iv()
    - [FEATURE] New API function ica_get_msa_level()
    - [PATCH] icainfo: check for malloc error when getting functionlist
* Tue Oct 11 2022 Mark Post <mpost@suse.com>
  - Upgrade to version 4.1.1 (jsc#PED-581, bsc#1202365).
    v4.1.1
    - [PATCH] Fix aes-xts multi-part operations
      [PATCH] Fix make dist
    v4.1.0
    - [FEATURE] FIPS: make libica FIPS 140-3 compliant
      [FEATURE] New API function ica_ecdsa_sign_ex()
      [FEATURE] New icainfo output option -r
    - [PATCH] Various bug fixes
  - Removed the following obsolete files:
    baselibs.conf
    icaioctl.h
* Mon Sep 12 2022 Mark Post <mpost@suse.com>
  - Upgraded to version 4.0.3 (jsc#PED-581, jsc#PED-621, jsc#PED-629)
    v4.0.3
    - [PATCH] Reduce the number of open file descriptors
    - [PATCH] Various bug fixes
    v4.0.2
    - [PATCH] Various bug fixes
    v4.0.1
    - [PATCH] Various bug fixes
    - [PATCH] Compute HMAC from installed library
    v4.0.0
    - [UPDATE] NO_SW_FALLBACKS is now the default for libica.so
      [UPDATE] Removed deprecated API functions including tests
      [UPDATE] Introduced 'const' for some API function parameters
      [FEATURE] icastats: new parm -k to display detailed counters
  - Replaced libica-sles15sp2-FIPS-hmac-key.patch with an updated
    version named libica-sles15sp5-FIPS-hmac-key.patch.
  - Updated the libica-rpmlintrc file to suppress warnings about the
    libica-cex hmac files being hidden.
  - Updated the spec file to properly both obsolete and provide two
    older versions of the package.
* Tue Oct 19 2021 Mark Post <mpost@suse.com>
  - Upgrade to version 3.9.0 (jsc#SLE-18454, jsc#SLE-18564)
    - [FEATURE] Add support for OpenSSL 3.0
    - [FEATURE] icainfo: new parm -c to display available EC curves
  - Replaced the obsolete PreReq: %fillup_prereq
    with                  Requires(post): %fillup_prereq
    in the spec file.
* Mon Jun 07 2021 Michal Suchanek <msuchanek@suse.com>
  - Update to version 3.8.0 (jsc#SLE-18334)
    - [FEATURE] provide libica-cex module to satisfy special security requirements
    - [FEATURE] FIPS: enforce the HMAC check
  - Remove upstreamed patches:
    - libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
    - libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
    - libica-sles15sp2-Zeroize-local-variables.patch
  - Remove patches obsoleted by upstrea developent:
    * FIPS: Find libica from phdrs.
    - libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
    * FIPS: enforce the hmac check
    - libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
  - Fix up tests and hmac generation
    + libica-FIPS-make-it-possible-to-specify-fipshmac-binary.patch
  - Remove obsolete attributes from filelists
* Fri Sep 18 2020 Mark Post <mpost@suse.com>
  - Upgraded to version 3.7.0 (jsc#SLE-13708)
    * Version 3.7.0
    - [FEATURE] FIPS: Add HMAC based library integrity check
    - [PATCH] icainfo: bugfix for RSA and EC related info for software column.
    - [PATCH] FIPS: provide output iv in cbc-cs decrypt as required by FIPS tests
    - [PATCH] FIPS: Fix DES and TDES key length
    - [PATCH] icastats: Fix stats counter format
    * Version 3.6.1
    - [PATCH] Fix x25519 and x448 handling of non-canonical values
  - Removed the following obsolete patches
    * libica-sles15sp2-x25519-x448-fix-handling-of-non-canonical-values.patch
    * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
    * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
    * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
    * libica-sles15sp2-Build-with-pthread-flag.patch
    * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
    * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    * libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
* Tue Sep 15 2020 Mark Post <mpost@suse.com>
  - Fix lack of SHA3 KATs in "make check" processing (bsc#1175277)
    * Added libica-sles15sp2-FIPS-add-SHA3-KATs-to-fips_powerup_tests.patch
    * Added libica-sles15sp2-FIPS-skip-SHA3-tests-if-running-on-hardware-without-.patch
  - Fix FIPS hmac check (bsc#1175356).
    * Update FIPS support to upstream
    - Refresh libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
      from upstream.
    - Add libica-sles15sp2-Build-with-pthread-flag.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-addon.patch
    - Add libica-sles15sp2-FIPS-HMAC-based-library-integrity-check-rename-variables.patch
    - Add libica-sles15sp2-FIPS-use-full-library-version-for-hmac-filename.patch
    * FIPS check should fail when hmac is missing
    - Add libica-sles15sp2-FIPS-fix-inconsistent-error-handling.patch
    - Create an hmac for the selftest
    - Check that selftest fails without a hmac
    - Hash libica.so.3 rather than libica.so.3.6.0
    * Fix hmac key format. It should be hexadecimal, not ASCII
    - Refresh libica-sles15sp2-FIPS-hmac-key.patch
  - Fix Some internal variables used to store sensitive information
    (keys) were not zeroized before returning to the calling application.
    (bsc#1175357)
    * Added libica-sles15sp2-Zeroize-local-variables.patch
  - Updated libica-rpmlintrc to eliminate the warning about the HMAC file
    being a hidden file. It is supposed to be hidden.
* Thu May 07 2020 Mark Post <mpost@suse.com>
  - Added the following patches for FIPS certification (bsc#1162533)
    * libica-sles15sp2-FIPS-introduce-HMAC-based-library-integrity-check.patch
    * libica-sles15sp2-FIPS-hmac-key.patch
  - Added a BuildRequires for the fipscheck package.
  - Made a couple of changes to the spec file based upon recommendations
    by spec-cleaner.
* Wed Apr 08 2020 Mark Post <mpost@suse.com>
  - Added the following patches for FIPS certification.
    * libica-sles15sp2-Fix-DES-and-TDES-key-length.patch
      (bsc#1166071) Although a DES key has only 56 effective bits,
      all 64 bits must be considered, because the parity bits are
      spread over all 8 bytes of the key.
    * libica-sles15sp2-FIPS-provide-output-iv-as-required-by-FIPS-tests.patch
      (bsc#1166210) FIPS tests require the output iv to be the iv
      resulting from decrypting the last block with a zero iv as input.
    * libica-sles15sp2-icainfo-bugfix-for-RSA-and-EC-related-info-for-softw.patch
      (bsc#1166224) The output from icainfo never shows 'yes' for
      RSA ME, RSA CRT, ECDH, ECDSA sign, ECDSA verify, and ECKGEN,
      due to the missing ICA_FLAG_SW flag in the icaList.

Files

/usr/bin/icainfo
/usr/bin/icainfo-cex
/usr/bin/icastats
/usr/lib/systemd/scripts
/usr/lib/systemd/scripts/z90crypt
/usr/lib/systemd/system/z90crypt.service
/usr/lib64/libica.so
/usr/sbin/rcz90crypt
/usr/share/doc/packages/libica-tools
/usr/share/doc/packages/libica-tools/README.SUSE
/usr/share/fillup-templates/sysconfig.z90crypt
/usr/share/licenses/libica-tools
/usr/share/licenses/libica-tools/LICENSE
/usr/share/man/man1/icainfo-cex.1.gz
/usr/share/man/man1/icainfo.1.gz
/usr/share/man/man1/icastats.1.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 12:50:11 2024