í«îÛ    openssl-ibmca-engine-2.4.1-150600.6.3.2                                             Ž­è         <   >     ,     è            ê          ì          HÐ‰ f—p¯ž9Û|‚ï ¹ª´ÚÛÉŠ22¶A	x‹-teZaÍµ­ 8Ê=8à½ƒï­ßÆ§–Á(%ßV,ì°<´i½Ÿªˆ
¦Ë›;ÎÒuLÔäÙ7'ƒû¬·T÷p:ÒRÉÄ•>®¢U„4û'Ï+ŸÊZ@¸#;cÝ%t[“ÝÁS6d#séhÉŒ#ø6£LËÍþ•jVq4nÜÌkœÜ¬¦W1M¨¹xäØÁ† Š/!ðŽÌ¢ã—Ü&Íi$ªÎ¤ãEm×è£Ú±FÊ7O¶¯²¶%ä!&»#Æ}WMyÓýØ)ÿH¡ž%®øÉò%õÙJ`Iê'¡ñÌ•½.àêh‘vwY2@'^)g®ÿe¢»Œ	'D>ø½Öp   >   ÿÿÿÀ       Ž­è       B  ?Ø   ?     ?È      d            è           é           ê           ì   	   *     í   	   K     î      ä     ï      è     ñ      ô     ò      ø     ó          ö     2     ÷     =     ø   	  S     ü     b     ý          þ     –           œ                    ˜          È     	     à     
     ø          (          t          €          °          ì          (          X          ˆ          ¼          ø          	B     (     	n     8     	x   %  9     
   %  :        %  >     9¨     @     9°     F     9¸     G     9Ì     H     9ü     I     :,     X     :8     Y     :@     \     :h     ]     :˜     ^     ;n     b     <L     c     <õ     d     =„     e     =‰     f     =Œ     l     =Ž     u     =      v     =Ð     w     >ì     x     ?     y     ?L     z     ?h     “     ?x     Æ     ?|     ä     ?‚     å     ?Ä   C openssl-ibmca-engine 2.4.1 150600.6.3.2 The IBMCA OpenSSL dynamic engine This package contains a shared object OpenSSL dynamic engine which interfaces
to libica, a library enabling the IBM s390/x CPACF crypto instructions.    f—s390zp3a     ÈSUSE Linux Enterprise 15 SUSE LLC <https://www.suse.com/> Apache-2.0 https://www.suse.com/ Hardware/Other https://github.com/opencryptoki/openssl-ibmca linux s390x #Original fix for bsc#942839 was to update on first install
#For bsc#966139 update if openssl_def not found

mkdir -p /etc/ssl/engines3.d
mkdir -p /etc/ssl/engdef3.d
cp -p /usr/share/openssl-ibmca-engine/openssl-ibmca.sectiondef.txt /etc/ssl/engines3.d/openssl-ibmca.cnf
cp -p /usr/share/openssl-ibmca-engine/openssl-ibmca.enginedef.cnf /etc/ssl/engdef3.d/openssl-ibmca.cnf if [ $1 -eq 0 ]; then # last uninstall
  rm -f /etc/ssl/engines3.d/openssl-ibmca.cnf
  rm -f /etc/ssl/engdef3.d/openssl-ibmca.cnf
fi   \      )  þ  §  ”      $            íAí¤¤í¤Aí¤¤Aí¤¤                        f—f—eè;eè;f—f—f—eè;f—f—f—b2'gd5d1362801b0f50872de54ad668e205f97583c9c19265eae5d65aebfd1ad57db  54f51a5f6d9b3064fa033c3bf36e3faa7d574eba20351b4e75a3f85072d89e69 b15ca0996b5cce68d6d3623ef6f1afb97d619a8c4d33aae01f6b773c99cef4aa 0d40c236e384fb57542ea314cd671ba2f6d1bcedaa9932c4c160952e87eb664b 827900c632630b44065023a1033d4f8c450cb813fc8220e5ea601287a3eeb451  f943b5c7aee57ec8d33f5baabf638230e0d5c3c4404eb21ecfc2ba93567257a9 985506f2b0ae896e2bd3287acd7be6688baaaed82083162d3f430a9f020b574d  d21758b0834f572123eb4ea706e9e444586146d134789e7a8973a0677c900bb3 dbd9c040f032510a5a2af3f4f0088794f79b19f28be2e0d557d081f763b78512                                        €               root root root root root root root root root root root root root root root root root root root root root root root root openssl-ibmca-engine-2.4.1-150600.6.3.2.src.rpm ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿopenssl-ibmca-engine openssl-ibmca-engine(s390-64)          @   @   @   @   @   @   @          
  
  
  
/bin/sh /bin/sh libc.so.6()(64bit) libc.so.6(GLIBC_2.2)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.34)(64bit) libc.so.6(GLIBC_2.4)(64bit) libcrypto.so.3()(64bit) libcrypto.so.3(OPENSSL_3.0.0)(64bit) libica4 libopenssl3 rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz)          4.0.0  3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.3    f•@f¹Àf¹Àf-Àf–@eø,Àe)1@eöÀdkY@dPû@dGÀÀdFo@d?×Àd.´@daÀc< @b0ÀaDƒ@_aþ@]w@]flÀ]@[ý1À[í_À[ì@[‰-ÀYÄû@YÄû@XìÅ@Wÿw@Wú@Vý@Vïâ@V/g@V/g@Tü9ÀT~û@nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com nikolay.gueorguiev@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com mpost@suse.com meissner@suse.com mpluskal@suse.com mpost@suse.com jjolly@suse.com jjolly@suse.com jjolly@suse.com p.drouand@gmail.com meissner@suse.com - Amended the .spec file (bsc#1227537)
  * 'rpm.install.excludedocs = yes' in zypp.conf excludes the /usr/share/doc/..
  * Added a check, if there is is /usr/share/doc file to be editted.
  * Replaced hard-coded '/usr/share' with %{_datadir} - Amended the .spec file
- Changed the package names
  +-------------+---------------------------------+--------------------------+
  |  Flavor     | Package name                    | Note                     |
  +-------------+---------------------------------+--------------------------+
  |  ''         | openssl-ibmca                   | Both engine and provider |
  |  openssl1_1 | openssl1_1-ibmca                | openssl1 flavor          |
  |  engine     | openssl-ibmca-engine            | Only engine              |
  |  provider   | openssl-ibmca-provider          | Only provider            |
  +-------------+---------------------------------+--------------------------+ - Applied a patch for openssl1_1 (bsc#1221627)
  * openssl1-rename-libica-files.patch - Re-implemented flavors (openssl3, engine, provider) (bsc#1221627)
  +------------+---------------------------------+--------------------------+
  |  Flavor    | Package name                    | Note                     |
  +------------+---------------------------------+--------------------------+
  |  ''        | openssl-ibmca                   | openssl1 flavor          |
  |  engine    | openssl3-ibmca-engine           | Only engine              |
  |  provider  | openssl3-ibmca-provider         | Only provider            |
  |  openssl3  | openssl3-ibmca                  | Both engine and provider |
  +------------+---------------------------------+--------------------------+
- Changing/editing 'dynamic_path' after the installation on the target system
  * From /usr/lib64/ossl-modules to /usr/lib64/engines-3 in
    /usr/share/doc/packages/openssl3-ibmca/ibmca-engine-opensslconfig
    for openssl3 flavor - Amended the .spec file (bsc#1221627)
  * Removed the flavors
  * Removed 'muiltibuild' environment
  * Removed the 'provider' logic - Updated the .spec file (bsc#1218933, bsc#1221627)
  * Amended the .spec file to use modulesdir variable
- Implemented _multibuild environment (openssl1, engine, provider)
- Added a flag and logic for provider in the .spec file
  * When provider is set to 1, it 'configures' the provider
  * When provider is set to 0, it 'configures' the engine - Removed an obsolete patch (implemented in the version 2.4.1)
  * openssl-ibmca-engine-noregister.patch - Upgrade to version 2.4.1 (jsc#PED-5422)
  * Provider: Change the default log directory to /tmp
  * Bug fixes - Updated the .spec file, amended to use libica4 instead of libica
  * Requires:  libica4 >= 4 - Updated the .spec file
  * uses a flag openssl3 (1 or 0) to include or not the openssl3 libraries - Updated the .spec file as follow:
  * BuildRequires:  libica-devel >= 4.0.0
  * BuildRequires:  libica-tools >= 4.0.0 - Added dependency on libica4 (bsc#1209038)
  * BuildRequires and Requires statements in .spec file for libica4 - Applies a patch (bsc#1210359)
  * openssl-ibmca-engine-noregister.patch
- Updated the '#dynamic_path' line, as it was before, with the comment '#'. - Upgraded openssl-ibmca to version 2.4.0 (bsc#1210059)
  * openssl-ibmca 2.4.0
  - Provider: Adjustments for OpenSSL versions 3.1 and 3.2
  - Provider: Support RSA blinding
  - Provider: Constant-time fixes for RSA PKCS#1 v1.5 and OAEP padding
  - Provider: Support "implicit rejection" option for RSA PKCS#1 v1.5 padding
  - Provider: Adjustments in OpenSSL config generator and example configs
  - Engine: EC: Cache ICA key in EC_KEY object (performance improvement)
  - Engine: Enable RSA blinding - Updated .spec file removed '#' from the line containing
  'sed -e 's/^dynamic_path/#dynamic_path/' (bsc#1209038)
- Added in %files
  * /usr/lib64/engines-3/ibmca-provider.la
  * /usr/lib64/engines-3/ibmca-provider.so - Upgraded to version 2.3.1 (jsc#PED-597)
  * openssl-ibmca 2.3.1
  - Adjustments for libica 4.1.0
  * openssl-ibmca 2.3.0
  - First version including the provider
  - Fix for engine build without OpenSSL 3.0 sources
  * openssl-ibmca 2.2.3
  - Fix PKEY segfault with OpenSSL 3.0
  * openssl-ibmca 2.2.2
  - Fix tests with OpenSSL 3.0
  - Build against libica 4.0
- Removed a Requires for libica from the specfile.
- Removed the obsolete baselibs.conf file - Completely revamped the postinstall scriptlet so that it doesn't
  need to know or care about how many lines are in either
  /etc/ssl/openssl.cnf, or the sample file at
  /usr/share/doc/packages/openssl-ibmca/openssl.cnf.sample
  We're now using the ".include" directive for the openssl.cnf
  file, and only modifying that file the minimum necessary to
  implement the change. (bsc#1004463) - Upgraded to version 2.2.1 (jsc#SLE-18333)
  * openssl-ibmca 2.2.1
    Bug fixes
  * openssl-ibmca 2.2.0
    Implement fallbacks based on OpenSSL
    Disable software fallbacks from libica
    Allow to specify default library (libica vs. libica-cex) to use
    Provide "libica" engine ctrl to switch library at load time
    Update README.md
    Remove libica link dependency
    Generate sample configuration files from system configuration
    Restructure registration global data
  * openssl-ibmca 2.1.3
    Bug fix
  * openssl-ibmca 2.1.2
    Bug fixes
- Modified spec file to
  * Define a global variable enginesdir the same was as IBM does
    instead of _ENGINE_DIR as we had been doing.
  * Implemented %make_build macro according to spec-cleaner
  * Changed the package description to match IBM's.
  * Removed the redundant "autoreconf --force --install" - Upgrade to version 2.1.1 (jsc#SLE-13709)
  * Bug fixes - Upgrade to version 2.1.0 (jsc#SLE-7852, jsc#SLE-7882)
  Add MSA9 CPACF support for X25519, X448, Ed25519 and Ed448 - Upgraded to version 2.0.3 (jsc#SLE-6123, jsc#SLE-6424)
  * openssl-ibmca 2.0.3
    Add MSA9 CPACF support for ECDSA sign/verify
- Dropped obsolete openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
- Changed the ExclusiveArch directive to include s390x only.
- The code in e_ibmca.c does a dlopen for libica.so.3, instead of
  linking against the shared library. As a result, if the package
  containing libica.so.3 isn't installed, problems occur. Added
  a "Requires: libica3" to the spec file to fix this. (bsc#1142286)
- Made a couple of changes to the spec file based on the output
  from spec-cleaner. - Added openssl-ibmca-sles15sp1-Move-ERR_load-unload-to-bind_helper-resp-destroy-fun.patch
  An Apache HTTP Server was set up with mod_ssl and the openssl
  ibmca engine using libica and a CEX6A card. Whenever a worker
  process is cleaned up a segmentation fault occurs.
  (bsc#1138517) - Upgraded to version 2.0.2 (Fate#325688)
  * openssl-ibmca 2.0.2
    Fix doing rsa-me, altough rsa-crt would be possible. - Upgraded to version 2.0.1 (Fate#325688)
  * openssl-ibmca 2.0.1
    Dont fail when a libica symbol cannot be resolved.
- Made multiple changes to the spec file based on spec-cleaner output. - Upgraded to version 2.0.0 (Fate#325688)
  * openssl-ibmca 2.0.0
    Add ECC support.
    Add check and distcheck make-targets.
    Project cleanup, code was broken into multiple files and coding style cleanup.
    Improvements to compat macros for openssl.
    Don't disable libica sw fallbacks.
    Fix dlclose logic.
  * openssl-ibmca 1.4.1
    Fix structure size for aes-256-ecb/cbc/cfb/ofb
    Update man page
    Switch to ibmca.so filename to allow standalone use
    Switch off Libica fallback mode if available
    Make sure ibmca_init only runs once
    Provide simple macro for DEBUG_PRINTF possibility
    Cleanup and slight rework of function set_supported_meths
- Did some cleanup to the spec file, based on spec-cleanup.
- Removed the following obsolete patches:
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch - Added the following patches for bsc#1097463
  * openssl-ibmca-sles15-Switch-to-ibmca.so-filename-to-allow-a-standalone-us.patch
  * openssl-ibmca-sles15-Fix-lib-name-in-test-code.patch
  * openssl-ibmca-sles15-Update-lib-name-in-documentation.patch - Upgraded to version 1.4.0
  * Re-license to Apache License v2.0
  * Fix aes_gcm initialization.
  * Update man page.
  * Add macros for OpenSSL 0.9.8 compat.
  * Remove AC_FUNC_MALLOC from configure.ac
  * Add compat macro for OpenSSL 1.0.1e-fips.
  * Setting 'foreign' strictness for automake.
  * Add AES-GCM support.
  * Rework EVP_aes macros.
  * Remove dependency of old local OpenSSL headers.
  * Fix engine initialization to set function pointers only once.
  * Remove blank COPYING and NEWS files.
  * Remove INSTALL and move its content to README.md
  * Update README.md file to make use of markdown.
  * Rename README file to README.md to use markdown
  * Add CONTRIBUTING guidelines.
  * Adding coding style documentation.
  * Enable EVP_MD_FLAG_FIPS flag for SHA-*.
  * Initialize rsa_keygen in RSA_METHOD for openssl < 1.1.0
  * Fix SHA512 EVP digest struct to use
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE when using OpenSSL 1.0
  * Fix wrong parenthesis
  * convert libica loading to dlopen() and friends
  * Add support to DSO on new API of OpenSSL-1.1.0
- Removed obsolete openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch
- Added BuildRequires for autoconf, automake, and libtool.
- Updated BuildRequires for libica-devel to be >= 3.1.1 - Now that the openSSL engines directory is versioned:
  * Modified the spec file to query the libcrypto package
    for which directory to install the engine into.
  * Removed openssl-ibmca-fix-enginepath.patch. Replaced it
    with a sed command so that it will provide the correct
    versioned engines directory
- Removed openssl-ibmca-configure.patch. It doesn't seem to
  be needed any longer. - Added openssl-ibmca-fix-sha512-evp-digest-to-use-evp_md_flag_pkey_method_signature.patch (bsc#1032113)
- Added libica-tools to the BuildRequires due to repackaging of libica.
- Renamed BuildRequires from libica2-devel to libica-devel for the
  same reason.
- Tweaked a comment to get rid of an rpmlint warning message. - fixed ssl configuration merging (bsc#1004463)
- openssl-ibmca-fix-enginepath.patch: fix the engine path - Use macro for configure (fate#319941)
- Use url for source
- Enable parallel building
- Cleanup spec file with spec-cleaner - Upgraded to version 1.3.0 (fate#319941)
  - Updated openssl-ibmca-configure.patch to apply cleanly
  - Removed obsolete patches
  - openssl-ibmca-README.patch
  - openssl-ibmca-sha256-digest-length.patch
  - openssl-pkey.patch
  - openssl-des-ede.patch
- Did some spec file cleanup. - Fixed %post script to update library path (the only dynamic part
  of the ibmca configuration) every time the package is installed.
  (bsc#966139) - Updated AUTHORS, INSTALL, and README (bsc#942839)
- %post and %postun added to properly update openssl.cnf (bsc#942839) - Updated to used libica2 == v2.4.2 for SLE12-SP1 (bsc#951138) - Remove dependency on fillup anf insserv; the package provides
  neither sysconfig file nor sysvinit script
- Remove depreciated AUTHORS section
- Use %configure macro
- Add openssl-ibmca-configure.patch - the openssl engines moved to /%_lib/engines bnc#905480 /bin/sh /bin/sh s390zp3a 1721212165                                                                	   
                        2.4.1-150600.6.3.2 2.4.1-150600.6.3.2                                        ibmca.so openssl-ibmca-engine ChangeLog README.md ibmca-engine-opensslconfig openssl.cnf.sample openssl-ibmca-engine LICENSE ibmca.5.gz openssl-ibmca-engine openssl-ibmca.enginedef.cnf openssl-ibmca.sectiondef.txt /usr/lib64/engines-3/ /usr/share/doc/packages/ /usr/share/doc/packages/openssl-ibmca-engine/ /usr/share/licenses/ /usr/share/licenses/openssl-ibmca-engine/ /usr/share/man/man5/ /usr/share/ /usr/share/openssl-ibmca-engine/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.suse.de/SUSE:Maintenance:34809/SUSE_SLE-15-SP6_Update/1a8a337f1f019bc2ac4e961f7321f55b-openssl-ibmca.SUSE_SLE-15-SP6_Update:engine drpm xz 5 s390x-suse-linux                                       ELF 64-bit MSB shared object, IBM S/390, version 1 (SYSV), dynamically linked, BuildID[sha1]=de1784ad8ee156917f65c0c615dde0f76b1eb01b, stripped directory ASCII text Perl script text executable troff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)                                                                                                R  R  R  R  R  R  R  M2ùvà¸=S†õ„otºœ   utf-8 1f1cd7540f938545884d24872287614eeb09b0765731de80517fa7ba9f8fe08e        ?   ÿÿûà   ý7zXZ  
áû¡ !   t/å£àn] "ÌkÀ%¥§i¹N6 ÏîeÆ¦62¤h€ 5pµqg:üÔ9Iÿ‘fÈ¼2iY]2×fÌ;ŽÒR\»M1Õ¯þ/•¤”¯Rë;í˜¿üã”²Ü*ºO80´–®;ôÌ}Tþú‘½Îyj|0ß¡—ÃCÊ„ŽDB‚3@º›†Œ"µ*<ÔÑ€í„£Æ[¿àgÁgöðTŠmR„\•ÁWgXº¡jøŠ*ð@†»Âæ\ÿH?¯Àßà6Ñ1C”-n]1V9Cu ^ÅV¿Èiq“S Ù¾/ö“(¥^T4©(&©ëlŽ¿X ·RšúàÁ**{ŸWnÎ€O w)&[„¥~ÍF•MöôÈ@ëÜOvqA.qÓ:ëãECpGçTOßao>oÖ—\®Øy!Á,¯W[çÂbÊkcÁ–/oæŸÀ\Î®7‰KaX¡jÖúUáþê[zÉý•/1Äé«yÿòÂVT§ º-(å-p"ã¢<ÄÇdã55ÍÜêM¦]Äs.ÿÏÐpþÈT¢­\®ˆ<gþP£Ž†ýÍRL
É‰T¹Ò¬dñ*=ÃÖF\ÀLn9ßÐJª½ï\òïÛ^ÛœjÅäƒçç{j~.*Á–lþ–3G8‰"n¹UM,ý­XÍÃÖÖ¾ŒSÒÐèË¾Þ&-MFf5ˆ.bCo¨ZÜŸ˜èjº—1::”yaëõAõã ¬‰î…ž"UîšH“ènã°ÙÉÞ’,Ë›õT«_CþÇzìÒ‡¸aÞZÍÞv-U`é¯Ó[€4Iµ2Í¸8k¨sþ²†5×?C‚˜ÓÔ~õÏ$"-!ß#N	ñÊ,mÃíÈã kÍÂà¥±‚ß ç.LäžýgQhÖfƒ1žUêòªÁ(ü¢‡*ágÉ÷~4È5Ë)=„Øüñ =ËßÎh8MžÕ¾ä@àÇfXo,“!êõŽíÖÙœáƒeºýiÛIc´‘ŽéÈž)
Ùn6eIDæoÊ×@›ŒÌÿ‡PP6«û!c¨ÒÎÕòNÂÅñNÕ”?Ë–âSIÄÃ¾x{éiÒŸ_ù©]w½mÓ&m{ø‚ -™¶)%#þŸXv*ðµê;¡Z®[ªJ»bŒV¥•‘òzlã;9B©ôCAøø²Z5y¤ÿmŸ*4Ù!Ý—CŠ“ÊgP?¹¹öämk®§=öÛºqj‚ïa‘SƒÀ`¯=“ÑÜpM³f¼í3º"$Á}©‘]Ì-ÜZÛrI@îâsžh' ÞÂRhf‘ÅAhÊ<ªhd°ÿ]øHž¦õo~ù¶	óJ;ú:DÝ,“PxÄ¡ç»™ìò_žŠw5¨þøŽÓT'D¥XP¨~>§³oÇóøÙë‘Ø½e·]<+<„wÉÿ«ÀÙû\7~P	)³ò™Ô¦Ä ^Ë»-¯jÌåuÑ{s?éÈ…Q¹û`ñ%ëP.C&«„à   Ï¹^Þ[ºx~º´çßÅ‘¥uoY?Gd'PÖ:.ïKªy ¢	™&  5’f¶éß    
YZ