Commit Graph

Select branches

Hide Pull Requests

a8

a9

c10s

c10s-private-than

c8

c8-beta

c8s

c8s-private-than

c9

c9-beta

c9s

c9s-private-than

changed/a8/opencryptoki-3.21.0-10.el8_9.alma.1

changed/a9/opencryptoki-3.21.0-9.el9_3.alma.1

imports/c10s/opencryptoki-3.23.0-5.el10

imports/c10s/opencryptoki-3.24.0-1.el10

imports/c10s/opencryptoki-3.24.0-2.el10

imports/c10s/opencryptoki-3.24.0-3.el10

imports/c8-beta/opencryptoki-3.11.1-1.el8

imports/c8-beta/opencryptoki-3.12.1-2.el8

imports/c8-beta/opencryptoki-3.14.0-3.el8

imports/c8-beta/opencryptoki-3.15.1-5.el8

imports/c8-beta/opencryptoki-3.16.0-5.el8

imports/c8-beta/opencryptoki-3.17.0-3.el8

imports/c8-beta/opencryptoki-3.18.0-3.el8

imports/c8-beta/opencryptoki-3.19.0-2.el8

imports/c8-beta/opencryptoki-3.21.0-9.el8

imports/c8-beta/opencryptoki-3.22.0-3.el8

imports/c8/opencryptoki-3.11.1-3.el8_1

imports/c8/opencryptoki-3.12.1-2.el8

imports/c8/opencryptoki-3.14.0-5.el8

imports/c8/opencryptoki-3.15.1-5.el8

imports/c8/opencryptoki-3.15.1-6.el8_4

imports/c8/opencryptoki-3.15.1-7.el8_4

imports/c8/opencryptoki-3.16.0-5.el8

imports/c8/opencryptoki-3.16.0-7.el8_5

imports/c8/opencryptoki-3.17.0-3.el8

imports/c8/opencryptoki-3.17.0-4.el8_6

imports/c8/opencryptoki-3.17.0-5.el8_6

imports/c8/opencryptoki-3.18.0-3.el8

imports/c8/opencryptoki-3.18.0-5.el8_7

imports/c8/opencryptoki-3.19.0-2.el8

imports/c8/opencryptoki-3.21.0-9.el8

imports/c8/opencryptoki-3.22.0-3.el8

imports/c8s/opencryptoki-3.15.1-3.el8

imports/c8s/opencryptoki-3.15.1-5.el8

imports/c8s/opencryptoki-3.16.0-3.el8

imports/c8s/opencryptoki-3.16.0-4.el8

imports/c8s/opencryptoki-3.16.0-5.el8

imports/c8s/opencryptoki-3.16.0-7.el8_5

imports/c8s/opencryptoki-3.17.0-2.el8

imports/c8s/opencryptoki-3.17.0-3.el8

imports/c8s/opencryptoki-3.17.0-4.el8_6

imports/c8s/opencryptoki-3.18.0-1.el8

imports/c8s/opencryptoki-3.18.0-2.el8

imports/c8s/opencryptoki-3.18.0-3.el8

imports/c8s/opencryptoki-3.19.0-1.el8

imports/c8s/opencryptoki-3.19.0-2.el8

imports/c9-beta/opencryptoki-3.16.0-12.el9

imports/c9-beta/opencryptoki-3.17.0-3.el9

imports/c9-beta/opencryptoki-3.17.0-4.el9

imports/c9-beta/opencryptoki-3.17.0-5.el9_0

imports/c9-beta/opencryptoki-3.18.0-4.el9

imports/c9-beta/opencryptoki-3.19.0-2.el9

imports/c9-beta/opencryptoki-3.21.0-8.el9

imports/c9-beta/opencryptoki-3.22.0-3.el9

imports/c9-beta/opencryptoki-3.23.0-1.el9

imports/c9/opencryptoki-3.17.0-5.el9_0

imports/c9/opencryptoki-3.17.0-6.el9_0

imports/c9/opencryptoki-3.17.0-7.el9_0

imports/c9/opencryptoki-3.17.0-8.el9_0

imports/c9/opencryptoki-3.18.0-4.el9

imports/c9/opencryptoki-3.18.0-5.el9_1

imports/c9/opencryptoki-3.19.0-2.el9

imports/c9/opencryptoki-3.22.0-3.el9

Mono Color

• d7abf1aa7d - Fix resource leak c9s-private-than c9s Than Ngo 2024-11-07 15:39:26 +0100
• c3a25e7904 - Fix resource leak imports/c10s/opencryptoki-3.24.0-3.el10 c10s-private-than c10s Than Ngo 2024-11-07 13:00:34 +0100
• a718c72fd8 Bump release for October 2024 mass rebuild: imports/c10s/opencryptoki-3.24.0-2.el10 Troy Dawson 2024-10-29 08:52:38 -0700
• 22ada1251f - Resolves: RHEL-50064, update to 3.24.0 - Resolves: RHEL-50063, opencryptoki CCA Token support for x86_64 and ppc64le - Resolves: RHEL-50058, openCryptoki CCA token support of Dilithium - Resolves: RHEL-50056, openCryptoki cca token SHA3 support - Resolves: RHEL-50057, openCryptoki cca token RSA OAEP v2.1 support Than Ngo 2024-10-22 12:13:04 +0200
• 00d5074a2c Related: RHEL-58996, fix gating issue Than Ngo 2024-10-21 20:11:24 +0200
• d536f5aa50 - Resolves: RHEL-58996, update to 3.24.0 - Resolves: RHEL-39004, provide opencryptoki CCA Token also on x86_64 and ppc64le - Resolves: RHEL-43675, openCryptoki cca token RSA OAEP v2.1 support - Resolves: RHEL-43674, openCryptoki CCA token support of Dilithium - Resolves: RHEL-43676, openCryptoki cca token SHA3 support - Resolves: RHEL-24036, support protected keys for extractable keys imports/c10s/opencryptoki-3.24.0-1.el10 Than Ngo 2024-10-16 21:31:55 +0200
• b8fca99ebc import CS opencryptoki-3.23.0-1.el9 imports/c9-beta/opencryptoki-3.23.0-1.el9 c9-beta eabdullin 2024-09-30 16:13:44 +0000
• 9d052daee9 Bump release for June 2024 mass rebuild imports/c10s/opencryptoki-3.23.0-5.el10 Troy Dawson 2024-06-24 09:05:44 -0700
• 2686b4a4a4 Resolves: RHEL-42492, SAST Than Ngo 2024-06-18 13:24:52 +0200
• 11405685c9 Import from AlmaLinux stable repository c8 imports/c8/opencryptoki-3.22.0-3.el8 eabdullin 2024-05-31 16:58:26 +0000
• f632fbe906 - Resolves: RHEL-23671, ep11 token support protected keys for extractable keys - Resolves: RHEL-23672, ep11 token support for FIPS 2021-session bound EP11 keys - Resolves: RHEL-23673, update to 3.23.0 Than Ngo 2024-05-22 12:13:14 +0200
• d1348bb71c Related: RHEL-24038, backport - ep11 token: support protected keys for extractable keys Than Ngo 2024-05-22 09:40:25 +0200
• ca21931cee Import from AlmaLinux stable repository imports/c9/opencryptoki-3.22.0-3.el9 c9 eabdullin 2024-05-15 08:34:21 +0000
• 7eff1ca8de - enabled gating tests - rebuilt Than Ngo 2024-04-16 13:25:57 +0200
• 18d7359daf Add missing .alma dist changed/a8/opencryptoki-3.21.0-10.el8_9.alma.1 a8 Andrew Lukoshko 2024-04-03 17:00:25 +0000
• 65cdd8e512 timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin) (CVE-2024-0914) Andrew Lukoshko 2024-04-03 13:57:29 +0000
• 0ae9516291 Sync with c8-beta imports/c8/opencryptoki-3.21.0-9.el8 Andrew Lukoshko 2024-04-03 13:48:16 +0000
• 782f2d4ee2 import CS opencryptoki-3.22.0-3.el9 imports/c9-beta/opencryptoki-3.22.0-3.el9 eabdullin 2024-03-28 11:17:33 +0000
• 2664da27e9 import CS opencryptoki-3.22.0-3.el8 imports/c8-beta/opencryptoki-3.22.0-3.el8 c8-beta eabdullin 2024-03-27 20:09:37 +0000
• 452cbfb3f0 - A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts changed/a9/opencryptoki-3.21.0-9.el9_3.alma.1 a9 Eduard Abdullin 2024-03-11 10:29:59 +0300
• 0fd47dc915 Sync with stable Eduard Abdullin 2024-03-11 10:24:05 +0300
• d8e7a71882 - Fix implicit rejection with RSA keys with empty CKA_PRIVATE_EXPONENT Related: RHEL-22792 Than Ngo 2024-02-16 13:35:05 +0100
• 5dccb92199 - Fix implicit rejection with RSA keys with empty CKA_PRIVATE_EXPONENT Related: RHEL-22791 c8s-private-than c8s Than Ngo 2024-02-16 12:24:04 +0100
• 39b1da5188 timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin) Than Ngo 2024-02-11 23:43:53 +0100
• 3e961f4d0a - timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin) Resolves: RHEL-22792 Than Ngo 2024-02-11 23:31:51 +0100
• 14c339d15b - update to 3.23.0 * EP11: Add support for FIPS-session mode * Updates to harden against RSA timing attacks * Bug fixes Than Ngo 2024-02-07 11:41:50 +0100
• dfefb523ca - fix all errors and warnings (rhbz#2261419) Dan Horák 2024-01-30 16:31:32 +0100
• 8f1b442c95 Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-25 11:13:25 +0000
• 88cccd47bb Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Fedora Release Engineering 2024-01-21 11:09:23 +0000
• 5f26da258b Resolves: RHEL-11413, update to 3.22.0 Than Ngo 2023-11-23 14:59:01 +0100
• 5229a62455 Resolves: RHEL-11412, rebase to 3.22.0 Resolves: RHEL-10569, openCryptoki for PKCS #11 3.0 Than Ngo 2023-11-21 20:05:54 +0100
• 222e29cf3f import CS opencryptoki-3.21.0-9.el8 imports/c8-beta/opencryptoki-3.21.0-9.el8 eabdullin 2023-09-27 13:47:51 +0000
• d227b6c0fd import CS opencryptoki-3.21.0-8.el9 imports/c9-beta/opencryptoki-3.21.0-8.el9 eabdullin 2023-09-21 19:42:54 +0000
• 4f20e1212b update to 3.22.0 Than Ngo 2023-09-21 17:42:27 +0200
• be77334b0e CI: Add SW token update testplan Karel Srot 2023-07-24 08:28:22 +0200
• a658fde51d CI: Add SW token update plan Karel Srot 2023-07-18 14:09:40 +0200
• 0eba1a05ea Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Fedora Release Engineering 2023-07-20 18:01:09 +0000
• e698005342 Resolves: #2223588, FTBFS Than Ngo 2023-07-18 14:22:24 +0200
• c390af2f87 Related: #2222595, add triggerun to reload daemon Than Ngo 2023-07-18 12:16:24 +0200
• 7ae4b00524 - p11sak tool: slot option does not accept argument 0 for slot index 0 - p11sak fails as soon as there reside non-key objects Than Ngo 2023-07-17 15:51:40 +0200
• 517add43b1 Resolves: #2222595, p11sak tool: slot option does not accept argument 0 for slot index 0 Resolves: #2222594, p11sak fails as soon as there reside non-key objects Than Ngo 2023-07-14 16:51:30 +0200
• e1ae1255d0 Resolves: #2222592, p11sak tool: slot option does not accept argument 0 for slot index 0 Resolves: #2222596, p11sak fails as soon as there reside non-key objects Than Ngo 2023-07-14 15:12:46 +0200
• 19af14b3a5 - add workaround for segfault in PEM_write_bio() on OpenSSL 1.1.1 Related: #2159741 Than Ngo 2023-07-05 10:00:16 +0200
• 0f8dad3102 - fix short description of ep11tok package (fixes #2196750) Holger Dengler 2023-06-19 12:13:06 +0200
• 62e92e9764 - add requirement on selinux-policy >= 38.1.14-1 for pkcsslotd policy sandboxing Related: #2160061 Than Ngo 2023-06-13 13:18:52 +0200
• a4b916ba16 - add requirement on selinux-policy >= 3.14.3-121 for pkcsslotd policy sandboxing Related: #215969 Than Ngo 2023-06-13 12:11:05 +0200
• c89d9c9606 - add requirement on selinux-policy >= 3.14.3-121 for pkcsslotd policy sandboxing Related: #2159697 Than Ngo 2023-06-13 12:10:11 +0200
• 1edbc18df4 - add verify attributes for opencryptoki.conf to ignore the verification Than Ngo 2023-05-26 12:36:35 +0200
• 5bc4f8b724 - add verify attributes for opencryptoki.conf to ignore the verification - drop unnecessary opencryptoki-3.11.0-group.patch Than Ngo 2023-05-25 18:03:03 +0200
• a222ec300d - add verify attributes for opencryptoki.conf to ignore the verification Than Ngo 2023-05-25 14:10:14 +0200
• 2b264aa21a - Resolves: #2110497, concurrent MK rotation for cca token - Resolves: #2110498, concurrent MK rotation for ep11 token - Resolves: #2110499, ep11 token: PKCS #11 3.0 - support AES_XTS - Resolves: #2111010, cca token: protected key support - Resolves: #2160061, rebase to 3.21.0 - Resolves: #2160105, pkcsslotd hardening - Resolves: #2160107, p11sak support Dilithium and Kyber keys - Resolves: #2160109, ica and soft tokens: PKCS #11 3.0 - support AES_XTS Than Ngo 2023-05-22 21:01:35 +0200
• e6fc48bed6 - drop p11_kit_support - fix handling of user name - fix user confirmation prompt behavior when stdin is closed Than Ngo 2023-05-22 20:57:47 +0200
• 4c8aef5468 - pkcsstats: Fix handling of user name - p11sak: Fix user confirmation prompt behavior when stdin is closed Related: #2159697 Than Ngo 2023-05-22 16:04:07 +0200
• 5ddc3c6763 Enable CI testing for c8s branch. Karel Srot 2023-05-19 09:26:13 +0200
• 25187255f5 add missing /var/lib/opencryptoki/HSM_MK_CHANGE disable unsupported sandbox options and add /run to ReadWritePaths to exclude /run directory from being made read-only on rhel8 Related: #2159697 Than Ngo 2023-05-17 13:41:18 +0200
• 056d16af13 Enable CI testing for c9s branch. Karel Srot 2023-05-17 12:23:48 +0200
• 04eca45980 import opencryptoki-3.19.0-2.el8 imports/c8/opencryptoki-3.19.0-2.el8 CentOS Sources 2023-05-16 06:13:57 +0000
• a36c8e96e9 add missing /var/lib/opencryptoki/HSM_MK_CHANGE Than Ngo 2023-05-16 13:24:22 +0200
• 9e22d31c4b Resolves: #1984865, ep11 and cca: support concurrent HSM master key changes Resolves: #2110500, ep11 token: PKCS #11 3.0 - support AES_XTS Resolves: #2111011, cca token: protected key support Resolves: #2159697, update to 3.21.0 Resolves: #2159740, pkcsslotd hardening Resolves: #2159741, p11sak support Dilithium and Kyber keys Resolves: #2159742, ica and soft tokens: PKCS #11 3.0 - support AES_XTS Than Ngo 2023-05-16 10:15:14 +0200
• fbb90ce0e4 update to 3.21.0 Than Ngo 2023-05-15 20:13:20 +0200
• f405c3b8fc update to 3.21.0 Than Ngo 2023-05-15 17:22:05 +0200
• da019f55f2 import opencryptoki-3.19.0-2.el9 imports/c9/opencryptoki-3.19.0-2.el9 CentOS Sources 2023-05-09 05:36:45 +0000
• fac920af3d import opencryptoki-3.19.0-2.el9 imports/c9-beta/opencryptoki-3.19.0-2.el9 CentOS Sources 2023-03-28 09:20:22 +0000
• a91cf4774a import opencryptoki-3.19.0-2.el8 imports/c8-beta/opencryptoki-3.19.0-2.el8 CentOS Sources 2023-03-28 08:57:20 +0000
• 1232683448 Bring gating.yaml over from Brew dist-git Troy Dawson 2023-03-10 11:09:33 -0800
• 4d2f097f20 Import rpm: c8s James Antill 2023-02-27 14:37:06 -0500
• e211a280d5 migrated to SPDX license Than Ngo 2023-02-14 19:59:38 +0100
• 4d69833004 drop unnecessary opencryptoki-3.11.0-group.patch, problem with root run all the pkcs11 commands without the need to be a member of the pkcs11 group was fixed long ago Than Ngo 2023-02-13 18:36:55 +0100
• bca00e7abd update to 3.20.0 Than Ngo 2023-02-13 14:24:17 +0100
• 544e1b5cb2 import opencryptoki-3.19.0-2.el8 imports/c8s/opencryptoki-3.19.0-2.el8 CentOS Sources 2023-02-01 08:09:52 +0000
• c8a0d12ced add missing opencryptoki-3.19.0-fix-memory-leak.patch Than Ngo 2023-02-08 11:57:27 +0100
• aa8a7709a0 Add support of ep11 token for new IBM Z Hardware (IBM z16) Than Ngo 2023-02-08 11:45:10 +0100
• fc8d8dc654 Auto sync2gitlab import of opencryptoki-3.19.0-2.el8.src.rpm CentOS Sources 2023-02-01 08:10:05 +0000
• 928b101293 Resolves: #2044182, Support of ep11 token for new IBM Z Hardware (IBM z16) Than Ngo 2023-01-30 15:31:53 +0100
• 00f0dd5dda import opencryptoki-3.18.0-5.el9_1 imports/c9/opencryptoki-3.18.0-5.el9_1 CentOS Sources 2023-01-23 09:33:34 -0500
• 550ad4e7a8 add missing BR Dan Horák 2023-01-20 14:07:51 +0000
• e435fa6c8a Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Fedora Release Engineering 2023-01-19 22:47:03 +0000
• 5353acefcb import opencryptoki-3.18.0-5.el8_7 imports/c8/opencryptoki-3.18.0-5.el8_7 CentOS Sources 2023-01-12 03:26:42 -0500
• 2975f2ed08 import opencryptoki-3.18.0-4.el9 imports/c9/opencryptoki-3.18.0-4.el9 CentOS Sources 2022-11-15 01:50:52 -0500
• df75c2c4bc import opencryptoki-3.19.0-1.el8 imports/c8s/opencryptoki-3.19.0-1.el8 CentOS Sources 2022-11-09 04:14:27 +0000
• b3ee30c50c Auto sync2gitlab import of opencryptoki-3.19.0-1.el8.src.rpm CentOS Sources 2022-11-09 04:14:42 +0000
• 2e1694e46b import opencryptoki-3.18.0-3.el8 imports/c8/opencryptoki-3.18.0-3.el8 CentOS Sources 2022-11-08 01:57:23 -0500
• 1356859811 import opencryptoki-3.17.0-8.el9_0 imports/c9/opencryptoki-3.17.0-8.el9_0 CentOS Sources 2022-11-02 10:02:32 -0400
• 15b0b2fb5c Resolves: #2126294, opencryptoki fails after generating > 500 RSA keys Resolves: #2110314, rebase to 3.19.0 Resolves: #2110989, openCryptoki key generation with expected MKVP only on CCA and EP11 tokens Resolves: #2110476, openCryptoki ep11 token: master key consistency Resolves: #2018458, openCryptoki ep11 token: vendor specific key derivation Than Ngo 2022-10-11 20:27:20 +0200
• c1bf4511d4 add missing config files ccatok.conf Than Ngo 2022-10-11 18:05:26 +0200
• ff9dd41b50 update to 3.19.0 Than Ngo 2022-10-11 17:49:32 +0200
• 9087810c0e import opencryptoki-3.18.0-4.el9 imports/c9-beta/opencryptoki-3.18.0-4.el9 CentOS Sources 2022-09-27 10:54:41 -0400
• e3b379290b import opencryptoki-3.18.0-3.el8 imports/c8-beta/opencryptoki-3.18.0-3.el8 CentOS Sources 2022-09-27 15:56:21 -0400
• fb5fa6c899 import opencryptoki-3.17.0-7.el9_0 imports/c9/opencryptoki-3.17.0-7.el9_0 CentOS Sources 2022-09-20 07:47:58 -0400
• 9e7f39d2d6 remove unused BR: systemd-devel Dan Horák 2022-09-19 09:20:06 +0200
• e82e62e75d Add missing build dependency on systemd-rpm-macros Florian Weimer 2022-09-14 13:28:57 +0200
• 094ff8f62a import opencryptoki-3.17.0-5.el8_6 imports/c8/opencryptoki-3.17.0-5.el8_6 CentOS Sources 2022-09-13 03:40:08 -0400
• ad8244536e Auto sync2gitlab import of opencryptoki-3.18.0-3.el8.src.rpm CentOS Sources 2022-08-03 10:14:45 +0000
• ece263e5ac import opencryptoki-3.18.0-3.el8 imports/c8s/opencryptoki-3.18.0-3.el8 CentOS Sources 2022-08-03 10:14:30 +0000
• 190ffcb6e9 fix json output do not touch opencryptoki.conf if it is in place already and even if it is unchanged Than Ngo 2022-08-01 18:18:30 +0200
• a7bba15de6 Related: #2044179, do not touch opencryptoki.conf if it is in place already and even if it is unchanged Than Ngo 2022-08-01 14:53:46 +0200
• a7176edf2b Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Fedora Release Engineering 2022-07-22 02:02:49 +0000
• a7c2acab30 import opencryptoki-3.17.0-4.el8_6 imports/c8/opencryptoki-3.17.0-4.el8_6 CentOS Sources 2022-06-28 06:58:36 -0400
• f06d9f7578 import opencryptoki-3.17.0-6.el9_0 imports/c9/opencryptoki-3.17.0-6.el9_0 CentOS Sources 2022-06-28 04:28:22 -0400
• 08f86ef6ef Auto sync2gitlab import of opencryptoki-3.18.0-2.el8.src.rpm CentOS Sources 2022-06-08 08:16:32 +0000