| Name: | opencryptoki-devel |
|---|---|
| Version: | 3.21.0 |
| Release: | 10.el8_9 |
| Architecture: | x86_64 |
| Group: | Development/Libraries |
| Size: | 112815 |
| License: | CPL |
| RPM: | opencryptoki-devel-3.21.0-10.el8_9.x86_64.rpm |
| Source RPM: | opencryptoki-3.21.0-10.el8_9.src.rpm |
| Build Date: | Wed Apr 03 2024 |
| Build Host: | build-ol8-x86_64.oracle.com |
| Vendor: | Oracle America |
| URL: | https://github.com/opencryptoki/opencryptoki |
| Summary: | Development files for openCryptoki |
| Description: | This package contains the development header files for building opencryptoki and PKCS#11 based applications |
- timing side-channel in handling of RSA PKCS#1 v1.5 padded ciphertexts (Marvin) Resolves: RHEL-22791
- Resolves: #2223588, FTBFS
- Related: #2222595, add triggerun to reload daemon
- Resolves: #2222595, p11sak tool: slot option does not accept argument 0 for slot index 0 - Resolves: #2222594, p11sak fails as soon as there reside non-key objects
- add workaround for segfault in PEM_write_bio() on OpenSSL 1.1.1 Related: #2159741
- add requirement on selinux-policy >= 3.14.3-121 for pkcsslotd policy sandboxing Related: #2159697
- add verify attributes for opencryptoki.conf to ignore the verification Related: #2159697
- pkcsstats: Fix handling of user name - p11sak: Fix user confirmation prompt behavior when stdin is closed Related: #2159697
- add missing /var/lib/opencryptoki/HSM_MK_CHANGE - disable unsupported sandbox options and add /run to ReadWritePaths to exclude /run directory from being made read-only on rhel8 Related: #2159697
- Resolves: #1984865, ep11 and cca: support concurrent HSM master key changes - Resolves: #2110500, ep11 token: PKCS #11 3.0 - support AES_XTS - Resolves: #2111011, cca token: protected key support - Resolves: #2159697, update to 3.21.0 - Resolves: #2159740, pkcsslotd hardening - Resolves: #2159741, p11sak support Dilithium and Kyber keys - Resolves: #2159742, ica and soft tokens: PKCS #11 3.0 - support AES_XTS