source-git / opencryptoki

Clone
Source Code
GIT

Blame ChangeLog

c8 c8s master
  1.   c8
  2.   ChangeLog
Blob History Raw
Packit Service 0210bb 
+ Opencryptoki 3.14
Packit Service 0210bb 
- EP11: Dilitium support stage 2
Packit Service 0210bb 
- Common: Rework on process and thread locking
Packit Service 0210bb 
- Common: Rework on btree and object locking
Packit Service 0210bb 
- ICSF: minor fixes
Packit Service 0210bb 
- TPM, ICA, ICSF: support multiple token instances
Packit Service 0210bb 
- new tool p11sak
Packit Service 0210bb
Packit Service 0210bb 
+ openCryptoki 3.13.0
Packit Service 0210bb 
- EP11: Dilithium support
Packit Service 0210bb 
- EP11: EdDSA support
Packit Service 0210bb 
- EP11: support RSA-OAEP with non-SHA1 hash and MGF
Packit Service 0210bb
Packit Service 0210bb 
+ openCryptoki 3.12.1
Packit Service 0210bb 
- Fix pkcsep11_migrate tool
Packit Service 0210bb
Packit Service 0210bb 
+ openCryptoki 3.12.0
Packit Service 0210bb 
- Update token pin and data store encryption for soft,ica,cca and ep11
Packit Service 0210bb 
- EP11: Allow importing of compressed EC public keys
Packit Service 0210bb 
- EP11: Add support for the CMAC mechanisms
Packit Service 0210bb 
- EP11: Add support for the IBM-SHA3 mechanisms
Packit Service 0210bb 
- SOFT: Add AES-CMAC and 3DES-CMAC support to the soft token
Packit Service 0210bb 
- ICA: Add AES-CMAC and 3DES-CMAC support to the ICA token
Packit Service 0210bb 
- EP11: Add config option USE_PRANDOM
Packit Service 0210bb 
- CCA: Use Random Number Generate Long for token_specific_rng()
Packit Service 0210bb 
- Common rng function: Prefer /dev/prandom over /dev/urandom
Packit Service 0210bb 
- ICA: add SHA*_RSA_PKCS_PSS mechanisms
Packit Service 0210bb 
- Bug fixes
Packit Service 0210bb
Packit Service 0210bb 
+ openCryptoki 3.11.1
Packit Service 0210bb 
- Bug fixes
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.11.0
Packit Service 0210bb 
- EP11 enhancements
Packit Service 0210bb 
- A lot of bug fixes
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.10.0
Packit Service 0210bb 
- Add support to ECC on ICA token and to common code.
Packit Service 0210bb 
- Add SHA224 support to SOFT token.
Packit Service 0210bb 
- Improve pkcsslotd logging.
Packit Service 0210bb 
- Fix sha512_hmac_sign and rsa_x509_verify for ICA token.
Packit Service 0210bb 
- Fix tracing of session id.
Packit Service 0210bb 
- Fix and improve testcases.
Packit Service 0210bb 
- Fix spec file permission for log directory.
Packit Service 0210bb 
- Fix build warnings.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.9.0
Packit Service 0210bb 
- Fix token reinitialization
Packit Service 0210bb 
- Fix conditional man pages
Packit Service 0210bb 
- EP11 enhancements
Packit Service 0210bb 
- EP11 EC Key import
Packit Service 0210bb 
- Increase RSA max key length
Packit Service 0210bb 
- Fix broken links on documentation
Packit Service 0210bb 
- Define CK_FALSE and CK_TRUE macros
Packit Service 0210bb 
- Improve build flags
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.8.2
Packit Service 0210bb 
- Update man pages.
Packit Service 0210bb 
- Improve ock_tests for parallel execution.
Packit Service 0210bb 
- Fix FindObjectsInit for hidden HW-feature.
Packit Service 0210bb 
- Fix to allow vendor defined hardware features.
Packit Service 0210bb 
- Fix unresolved symbols.
Packit Service 0210bb 
- Fix tracing.
Packit Service 0210bb 
- Code/project cleanup.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.8.1
Packit Service 0210bb 
- Fix TPM data-structure reset function.
Packit Service 0210bb 
- Fix error message when dlsym fails.
Packit Service 0210bb 
- Update configure.ac
Packit Service 0210bb 
- Update travis.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.8.0
Packit Service 0210bb 
- Multi token instance feature.
Packit Service 0210bb 
- Added possibility to run opencryptoki with transactional memory or locks
Packit Service 0210bb 
(--enable-locks on configure step).
Packit Service 0210bb 
- Updated documentation.
Packit Service 0210bb 
- Fix segfault on ec_test.
Packit Service 0210bb 
- Bunch of small fixes.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.7.0
Packit Service 0210bb 
- Update example spec file
Packit Service 0210bb 
- Performance improvement. Moving from mutexes to transactional memory.
Packit Service 0210bb 
- Add ECDSA SHA2 support for EP11 and CCA.
Packit Service 0210bb 
- Fix declaration of inline functions.
Packit Service 0210bb 
- Fix wrong testcase and ber en/decoding for integers.
Packit Service 0210bb 
- Check for 'flex' and 'YACC' on configure.
Packit Service 0210bb 
- EP11 config file rework.
Packit Service 0210bb 
- Add enable-debug on travis build.
Packit Service 0210bb 
- Add testcase for C_GetOperationState/C_SetOperationState.
Packit Service 0210bb 
- Upgrade License to CPL-1.0
Packit Service 0210bb 
- Ica token: fix openssh/ibmpkcs11 engine/libica crash.
Packit Service 0210bb 
- Fix segfault and logic in hardware feature test.
Packit Service 0210bb 
- Fix spelling of documentation and manuals.
Packit Service 0210bb 
- Fix the retrieval of p from a generated rsa key.
Packit Service 0210bb 
- Coverity scan fixes - incompatible pointer type and unused variables.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.6.2
Packit Service 0210bb 
- Support OpenSSL-1.1.
Packit Service 0210bb 
- Add Travis CI support.
Packit Service 0210bb 
- Update autotools scripts and documentation.
Packit Service 0210bb 
- Fix SegFault when a invalid session handle is passed in SC_EncryptUpdate and
Packit Service 0210bb 
SC_DecryptUpdate.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.6.1
Packit Service 0210bb 
- Fix SOFT token implementation of digest functions.
Packit Service 0210bb 
- Replace deprecated OpenSSL interfaces.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.6
Packit Service 0210bb 
- Replace deprecated libica interfaces.
Packit Service 0210bb 
- Performance improvement for ICA.
Packit Service 0210bb 
- Improvement in documentation on system resources.
Packit Service 0210bb 
- Improvement in testcases.
Packit Service 0210bb 
- Added support for rc=8, reasoncode=2028 in icsf token.
Packit Service 0210bb 
- Fix for session handle not set in session issue.
Packit Service 0210bb 
- Multiple fixes for lock and log directories.
Packit Service 0210bb 
- Downgraded a syslog error to warning.
Packit Service 0210bb 
- Multiple fixes based on coverity scan results.
Packit Service 0210bb 
- Added pkcs11 mapping for icsf reason code 72 for return code 8.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.5.1
Packit Service 0210bb 
- Fix Illegal Intruction on pkcscca tool.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.5
Packit Service 0210bb 
- Full Coverity scan fixes.
Packit Service 0210bb 
- Fixes for compiler warnings.
Packit Service 0210bb 
- Added support for C_GetObjectSize in icsf token.
Packit Service 0210bb 
- Various bug fixes and memory leak fixes.
Packit Service 0210bb 
- Removed global read permissions from token files.
Packit Service 0210bb 
- Added missing PKCS#11v2.2 constants.
Packit Service 0210bb 
- Fix for symbol resolution issue seen in Fedora 22 and 23 for
Packit Service 0210bb 
  ep11 and cca tokens.
Packit Service 0210bb 
- Improvements in socket read operation when a token comes up.
Packit Service 0210bb 
- Replaced 32 bit CCA API declarations with latest header from
Packit Service 0210bb 
  version 5.0 libsculcca rpm.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.4.1
Packit Service 0210bb 
- fix 32-bit compiler error for ep11
Packit Service 0210bb 
- fix buffer overflow for cca token
Packit Service 0210bb 
- fix a testcase
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.4
Packit Service 0210bb 
- CCA master key migration added to the pkcscca tool. When the masterkey on
Packit Service 0210bb 
  the CCA adapter changes, this allows the token key objects containing
Packit Service 0210bb 
  keys wrapped with the card's former masterkey to be wrapped under the
Packit Service 0210bb 
  card's new masterkey. And thus "migrated".
Packit Service 0210bb 
- AES GCM support added to ica token.
Packit Service 0210bb 
- Ability to generate generic secret keys for CKM_GENERIC_SECRET_KEY_GEN
Packit Service 0210bb 
  added to opencryptoki.
Packit Service 0210bb 
- The soft, cca, ep11, and icsf tokens support HMAC single and multipart for
Packit Service 0210bb 
  SHA1, SHA256, SHA384, and SHA512.
Packit Service 0210bb 
- CCA token, a secure key token, can now import AES, DES3 and
Packit Service 0210bb 
  Generic Secret keys.
Packit Service 0210bb 
- Add -Wall and fix various compiler warnings.
Packit Service 0210bb 
- Coverity scan cleanup.
Packit Service 0210bb 
- Additional test vectors and various testcase improvements made.
Packit Service 0210bb 
- Various bugfixes
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.3
Packit Service 0210bb 
- Dynamic tracing introduced via the new environment variable,
Packit Service 0210bb 
  OPENCRYPTOKI_TRACE_LEVEL=<level>. The opencryptoki base as well as all
Packit Service 0210bb 
  tokens changed to use the new tracing.
Packit Service 0210bb 
- Allow root to run pkcs11 commands without being in pkcs11 group.
Packit Service 0210bb 
- EncryptUpdate, DecryptUpdate, DigestUpdate, SignUpdate, VerifyUpdate
Packit Service 0210bb 
  now allow zero length data.
Packit Service 0210bb 
- Refactored ICA token's SHA .
Packit Service 0210bb 
- Various testcase improvements.
Packit Service 0210bb 
- Various bugfixes.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki 3.2
Packit Service 0210bb 
- New pkcscca tool. Currently it assists in migrating cca private token
Packit Service 0210bb 
  objects from opencryptoki version 2 to the clear key encryption method
Packit Service 0210bb 
  used in opencryptoki version 3. Includes a manpage for pkcscca tool.
Packit Service 0210bb 
  Changes to README.cca_stdll to assist in using the CCA token and
Packit Service 0210bb 
  migrating the private token objects.
Packit Service 0210bb 
- Support for CKM_RSA_PKCS_OAEP and CKM_RSA_PKCS_PSS algorithms.
Packit Service 0210bb 
- Various bugfixes.
Packit Service 0210bb 
- New testcases for various crypto algorithms.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-3.1
Packit Service 0210bb 
- New ep11 token to support IBM Crypto Express adpaters (starting with
Packit Service 0210bb 
  Crypto Express 4S adapters) configured with Enterprise PKCS#11(EP11)
Packit Service 0210bb 
  firmware.
Packit Service 0210bb 
- New pkcsep11_migrate utility (and manpage) to migrate token objects
Packit Service 0210bb 
  when card's masterkey changes.
Packit Service 0210bb 
- Various bugfixes.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-3.0
Packit Service 0210bb 
- Aggregated source files in common, tpm, and cca directories.
Packit Service 0210bb 
- Re-factored shared memory functions in the stdlls.
Packit Service 0210bb 
- New opencryptoki.conf file to replace pk_config_data and pkcs11_starup.
Packit Service 0210bb 
  The opencryptoki.conf contains slot entry information for tokens.
Packit Service 0210bb 
- New manpage for opencryptoki.conf
Packit Service 0210bb 
- Removed pkcs_slot and pkcs11_startup shell scripts.
Packit Service 0210bb 
- New ICSF token to do remote crypto.
Packit Service 0210bb 
- New pkcsicsf utility to setup the ICSF token.
Packit Service 0210bb 
- New manpage for pkcsicsf utility.
Packit Service 0210bb 
- ICA token supports CKM_DES_OFB64, CKM_DES_CFB8, CKM_DES_CFB6 mechanisms
Packit Service 0210bb 
  using 3DES keys.
Packit Service 0210bb 
- ICA token supports CKM_DES3_MAC and CKM_DES3_MAC_GENERAL mechanisms.
Packit Service 0210bb 
- ICA token supports CKM_AES_OFB, CKM_AES_CFB8, CKM_AES_CFB64, CKM_AES_CFB128,
Packit Service 0210bb 
  CKM_AES_MAC, and CKM_AES_MAC_GENERAL mechanisms.
Packit Service 0210bb 
- Some code cleanup in pkcsslotd.
Packit Service 0210bb 
- pkcsslotd daemon uses a socket rather than shared memory to pass
Packit Service 0210bb 
  slot information to the opencryptoki library.
Packit Service 0210bb 
- New testcases added for various crypto algorithms and pkcs#11 api calls.
Packit Service 0210bb 
- Add README to docs directory for how to setup ICSF token.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.4.3.1 (May 17, 2013)
Packit Service 0210bb 
- Allow imported rsa private keys in cca to also decrypt.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.4.3 (April 29, 2013)
Packit Service 0210bb 
- CKM_SHA256_RSA_PKCS,CKM_SHA384_RSA_PKCS,CKM_SHA512_RSA_PKCS support
Packit Service 0210bb 
  for ICA token.
Packit Service 0210bb 
- Allow import of RSA public and private keys into CCA token.
Packit Service 0210bb 
- Systemd support added.
Packit Service 0210bb 
- Various bugfixes and additional testcases.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.4.2 (April 27, 2012)
Packit Service 0210bb 
- Re-factored spinlocks, such that each token has its own spinlock
Packit Service 0210bb 
  in its own directory relative to /var/locks/opencryptoki.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.4.1 (February 21, 2012)
Packit Service 0210bb 
- SHA256 support added for CCA token
Packit Service 0210bb 
- Several crypto algorithm testcases refactored to include published
Packit Service 0210bb 
  test vectors.
Packit Service 0210bb 
- Testcase directory restructured for future improvements.
Packit Service 0210bb 
- Allow tpm stdll to get SRK passwd and mode from new env variables.
Packit Service 0210bb 
  See [1] for info on how to use this feature and please report any bugs.
Packit Service 0210bb 
- Renamed spinlocks for shared memory to /var/lock dir and did
Packit Service 0210bb 
  some cleanup of unused locking schemes.
Packit Service 0210bb 
- Various bugfixes and cleanup.
Packit Service 0210bb
Packit Service 0210bb 
[1] http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=blob;f=doc/README.tpm_stdll;h=dda0d2263cfbb3df8c65ebc64b8006e3242f6321;hb=HEAD#l58
Packit Service 0210bb
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.4
Packit Service 0210bb 
- Support for Elliptic Curve Support in CCA token.
Packit Service 0210bb 
- Support for AES CTR in ICA token.
Packit Service 0210bb 
- Session handling refactored from using a reference to memory to
Packit Service 0210bb 
  using a handle that references a binray tree node.
Packit Service 0210bb 
- Cleanup logging. Debug messages now go to a file referenced in
Packit Service 0210bb 
  OPENCRYPTOKI_DEBUG_FILE env variable.
Packit Service 0210bb 
- Various bugfixes and cleanup.
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.3.3 (Jan 13 2011)
Packit Service 0210bb 
- Moderate fixes and clean-ups to key unwrapping mechanisms
Packit Service 0210bb 
- several pkcsconf fixes, some minor changes
Packit Service 0210bb 
- Important fix to CCA library name in pkcs11_startup
Packit Service 0210bb 
- PKCS padding length fix for symmetric ciphers
Packit Service 0210bb 
- Better RSA public exponent validations in all supported tokens
Packit Service 0210bb 
- Huge testsuite refactor
Packit Service 0210bb 
- Several other minor fixes and cleanups
Packit Service 0210bb
Packit Service 0210bb 
* opencryptoki-2.3.2 (Jul 29 2010)
Packit Service 0210bb 
- Significant clean-ups to the building and packaging systems and many
Packit Service 0210bb 
  small fixes by Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>
Packit Service 0210bb 
- Various minor fixes to slot daemon and init script by Dan HorĂ¡k
Packit Service 0210bb 
  <dan@danny.cz>
Packit Service 0210bb 
- Some RSA PKCS#1 v1.5 padding clean-ups by Ramon de Carvalho Valle
Packit Service 0210bb 
  <rcvalle@linux.vnet.ibm.com>
Packit Service 0210bb 
- Human-readable flags output to pkcsconf, some minor soft-token
Packit Service 0210bb 
  fixes by Kent Yoder <key@linux.vnet.ibm.com>
Packit Service 0210bb 
- Improved overall session/object look-up performance. Note that this
Packit Service 0210bb 
  change might crash buggy callers with badly-written session/object
Packit Service 0210bb 
  handle tracking - Klaus Heinrich Kiwi <klausk@linux.vnet.ibm.com>
Packit Service 0210bb
Packit Service 0210bb 
* openCryptoki-2.3.1
Packit Service 0210bb 
- Moved ICA token to use libica-2.0, supporting newer hardware and 4K
Packit Service 0210bb 
  RSA modulus. Libica-2.x is now *required* to build the ICA token.
Packit Service 0210bb 
- Moved CCA token to use CCA-4.0, supporting AES, SHA-2 and 4K RSA
Packit Service 0210bb 
  keys in newer hardware. Although not required for building, CCA-4.0
Packit Service 0210bb 
  is *required* for running the CCA token.
Packit Service 0210bb
Packit Service 0210bb 
* openCryptoki-2.2.5
Packit Service 0210bb
Packit Service 0210bb 
- Fixed bug in comparison of PINs in pkcsconf.
Packit Service 0210bb 
- Added code to set the encryption and signature schemes of keys imported
Packit Service 0210bb 
into the TPM token.
Packit Service 0210bb 
- Added tpm token message to warn when only owner can read the pub SRK.
Packit Service 0210bb 
- Fixed return code of function failed when it should be buffer too small in
Packit Service 0210bb 
various mech_des.c mech_des3.c and mech_aes.c files.
Packit Service 0210bb 
- Moved doc/*.txt to manpage format and integrated them into the build/install
Packit Service 0210bb 
- Updated testcases to query env vars for PINs and call a set of common
Packit Service 0210bb 
routines for common operations
Packit Service 0210bb 
- Added SHA256 support for all tokens
Packit Service 0210bb 
- Fixed object cleanup when max number of token objects is hit
Packit Service 0210bb 
- Fixed fd exhaustion bug with spin lock fd
Packit Service 0210bb 
- Updated TPM stdll for TSS policy handling changes. Trousers 0.2.9+ now
Packit Service 0210bb 
required with openCryptoki 2.2.5
Packit Service 0210bb 
- Updated TPM stdll to use TSS_TSPATTRIB_KEYINFO_RSA_MODULUS when retrieving
Packit Service 0210bb 
the public modulus
Packit Service 0210bb 
- pkcs11_startup fix for use with s/w fallback support in libica on s390
Packit Service 0210bb 
- Added the CCA secure key token and migration utility
Packit Service 0210bb 
- Replaced bcopy/bzero with memcpy/memset throughout the code
Packit Service 0210bb 
- Removed unused variables throughout the code
Packit Service 0210bb
Packit Service 0210bb 
* openCryptoki-2.2.4

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation