libp11-kit0-0.23.22-150500.8.3.1<>,dԉe:;'p9|0>}C1L%VTIE?m%** Eb!L |Y{G Sr,dQ(Lw Ǵܫ< pH3U| 2d`"zE-ۑc(_eC+Tn>KUw[4pPd71$\ +;CDx%bd[f#|&)RZ ;?5bP ·8 r@9?9d # H %FS iz       T  !  T    0 d0 ( Q8 X 9 : ) >3\@3kF3zG3 H3 I3 X4Y4\4D ]4x ^5b5c6Jd6e6f6l6u6 v7w7 x8 y8Hz88889Clibp11-kit00.23.22150500.8.3.1Library to work with PKCS#11 modulesp11-kit provides a way to load and enumerate PKCS#11 modules, as well as a standard configuration setup for installing PKCS#11 modules in such a way that they're discoverable.e:;'h01-ch3aMSUSE Linux Enterprise 15SUSE LLC BSD-3-Clausehttps://www.suse.com/System/Librarieshttps://p11-glue.freedesktop.org/p11-kit.htmllinuxx86_64p$=C}AAA큤A큤e:;e:;e:;e:;e:;e:;&Z,_Ӳ_Ӳ_ӆe::e:;&Z,05ab554871fe3372b3d522ccf66aefe1e7465489736a30d658794d756cb13fbfcde5ccbf5083e28d1b38333b5817be06c158fb3218f21ee5594b6125a9372591e417cfeb3a1a95e61629c698ab873807b6bd3c73b71481b3f528abbea16299ed6c8884340b8e39cacb7b009eb4a99c045315dfd753e3badcc28fddaff193308099cd35701a2a0579a1c8f08cc13c9cc00dda25f14751c0ec4fbd951ce7568e395f8fb09ce1ecb5aac84612a6d8255111ade9cbf9ad972cad61858f4678a146df2e1ba993904df807a10c3eda1e5c272338edc35674b679773a8b3ad460731054libp11-kit.so.0.3.0libp11-kit.so.0.3.0rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootp11-kit-0.23.22-150500.8.3.1.src.rpmlibp11-kit.so.0()(64bit)libp11-kit.so.0(LIBP11_KIT_1.0)(64bit)libp11-kit0libp11-kit0(x86-64)@@@@@@@@@@@@@@@@@@@@@    /sbin/ldconfig/sbin/ldconfigld-linux-x86-64.so.2()(64bit)ld-linux-x86-64.so.2(GLIBC_2.3)(64bit)libc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.16)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.26)(64bit)libc.so.6(GLIBC_2.3)(64bit)libc.so.6(GLIBC_2.3.2)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.6)(64bit)libc.so.6(GLIBC_2.8)(64bit)libdl.so.2()(64bit)libdl.so.2(GLIBC_2.2.5)(64bit)libffi.so.7()(64bit)libffi.so.7(LIBFFI_BASE_7.0)(64bit)libffi.so.7(LIBFFI_CLOSURE_7.0)(64bit)libpthread.so.0()(64bit)libpthread.so.0(GLIBC_2.2.5)(64bit)libpthread.so.0(GLIBC_2.3.2)(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3e7ca^@]Γ@ZX43@V@T9T;pmonreal@suse.comlnussel@suse.comscabrero@suse.delnussel@suse.delnussel@suse.dekukuk@suse.desbrabec@suse.commpluskal@suse.comp.drouand@gmail.comlnussel@suse.de- Ensure that programs using can be compiled with CRYPTOKI_GNU. Fixes GnuTLS builds. [jsc#PED-6705] * Add p11-kit-pkcs11-gnu-Enable-testing-with-p11-kit-pkcs11x.h.patch- Backport IBM specific mechanism and attributes (Jira#PED-584) 0001-Add-IBM-specific-mechanism-and-attributes.patch 0002-Add-support-for-serializing-CK_ECDH1_DERIVE_PARAMS-m.patch 0003-client-Allow-zero-part-length-at-C_SignUpdate.patch 0004-Fix-support-of-CKA_DERIVE_TEMPLATE.patch 0005-Add-other-SHA-variants-also-for-RSA-and-EC-signature.patch 0006-Add-support-for-missing-AES-and-DES-DES3-mechanisms.patch 0007-Add-support-for-MAC-and-HMAC-general-mechanisms.patch 0008-Add-support-for-CKM_DH_PKCS_DERIVE.patch 0009-rpc-Handle-special-cases-for-buffer-and-length.patch 0010-Add-support-for-CKM_AES_CTR.patch 0011-Add-support-for-CKM_AES_GCM.patch 0012-common-pkcs11x.h-Support-CRYPTOKI_GNU-for-IBM-vendor.patch- Update to version 0.23.22 (bsc#1180064, bsc#1180065, bsc#1180066): * Fix memory-safety issues that affect the RPC protocol (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363), discovered and fixed by David Cook * anchor: Prefer persistent format when storing anchor [PR#329] * common: Fix infloop in p11_path_build [PR#326, PR#327] * proxy: C_CloseAllSessions: Make sure that calloc args are non-zero [PR#325] * common: Check for a NULL locale before freeing it [PR#321] * Build and test fixes [PR#313, PR#315, PR#317, PR#318, PR#319, PR#323, PR#330, PR#333, PR#334, PR#335, PR#338, PR#339] - Changes for version 0.23.21 * proxy: Do not assign duplicate slot IDs [PR#282] * common: Get program name based on executable path if possible [PR#307] * anchor: Exit with non-zero code, if any error occurs [PR#304] * Build and test fixes [PR#283, PR#290, PR#291, PR#292, PR#296, PR#299, PR#305, PR#306, PR#309, PR#311] - Changes for version 0.23.20: * Revert "Fix RPC when length-s are 0" changes [PR#276] - Changes for version 0.23.19: * common: add Russian PKCS#11 extensions to pkcs11x.h header [PR#255] * Add simple bash completion for provided commands [PR#258] * Unbreak list matching in enable-in and disable-in [PR#262] * Fix RPC when length-s are 0 [PR#259] * rpc: Add vsock transport support [PR#270] * trust: Support CKA_NSS_{SERVER,EMAIL}_DISTRUST_AFTER [PR#265] * Build fixes [PR#271, PR#272, PR#273, ...] - Changes for version 0.23.18: * rpc: Allow empty CK_DATE value [PR#253] * build: Meson fixes [PR#245] * build: Adjust feature parity between meson and autotools [PR#247] - Changes for version 0.23.17: * common: Fix uClibc-ng compilation [PR#237] * trust: do not allow daylight to invalidate date validation [PR#236] * build: Port to meson build system [PR#231, PR#234] * rpc: On UNIX wait on condition variable instead of FD if header is for a different thread [PR#232] * doc: Add 'server' command in help [PR#229] * Build and test fixes [PR#230] - Changes for version 0.23.16: * proxy: Support C_WaitForSlotEvent() if CKF_DONT_BLOCK is specified [PR#225] * conf: Ignore user configuration if the program is running as root [PR#226] * proxy: Refresh slot list on every C_GetSlotList call [PR#224] * modules: Fix index used in call to p11_dict_remove() [PR#219] * Fix Win32 p11_dl_error crash [PR#218] * modules: check gl.modules before iterates on it when freeing [PR#217] * trust: Ignore unreadable content in anchors [PR#215] * extract-jks: Prefer _p11_extract_jks_timestamp to SOURCE_DATE_EPOCH [PR#213] - Changes for version 0.23.15: * trust: Improve error handling if backed trust file is corrupted [PR#206] * url: Prefer upper-case letters in hex characters when encoding [PR#193] * trust/extract-jks.c: also honor SOURCE_DATE_EPOCH time [PR#202] * virtual: Prefer fixed closures to libffi closures [PR#196] * Fix issues spotted by coverity and cppcheck [PR#194, PR#204] * Build and test fixes [PR#164, PR#191, PR#199, PR#201] - Changes for version 0.23.14: * proxy: Avoid invalid memory access when unloading proxy module [PR#180] * Update pkcs11 header to allow SoftHSMv2 to compile [PR#181] * build: Restore libpthread dependency [PR#183] * Build fixes [PR#188] - Changes for version 0.23.13: * server: Enable socket activation through systemd [PR#173] * rpc-server: p11_kit_remote_serve_tokens: Allow exporting all modules [PR#174] * proxy: Fail early if there is no slot mapping [PR#175] * Remove hard dependency on libpthread [PR#177] * Build fixes [PR#170, PR#176] - Changes for version 0.23.12 * Fix compile error when PKCS#11 GNU calling convention is enabled [PR#160] * Fix getauxval() and secure_getenv() emulation on macOS and FreeBSD [PR#167] * Build and test fixes on macOS [PR#162, PR#168] - Changes for version 0.23.11 * trust: Add extractor for edk2/cacerts.bin [PR#139] * modules: Add option to control module visibility from proxy [PR#140] * trust: Prevent trust module being loaded by proxy module [PR#142] * library: Use dedicated locale object for printing error [PR#148] * Treat CKR_CRYPTOKI_ALREADY_INITIALIZED correctly [PR#134] * Improve const correctness for P11KitUri [PR#152] * PKCS#11 URI scheme comparison is now case insensitive [PR#156] * Build and test fixes [PR#151, PR#149, PR#141, PR#138, PR#135] - Changes for version 0.23.10 * filter: Respect "write-protected" vendor-specific attribute in PKCS#11 URI [PR#129] * server: Improve shell integration and documentation [PR#107, PR#108] * proxy: Reuse existing slot ID mapping in after fork() [PR#120] * trust: Forcibly mark "Default Trust" read-only [PR#123] * New function p11_kit_override_system_files() which can be used for testing [PR#110] * trust: Filter out duplicate extensions [PR#69] * Update translations [PR#128] * Bug fixes [PR#125, PR#126] - Changes for version 0.23.9 * Fix p11-kit server regressions [PR#103, PR#104] * trust: Respect anyExtendedKeyUsage in CA certificates [PR#99] * Build fixes related to reallocarray [PR#96, PR#98, PR#100] - Changes for version 0.23.8 * Improve vendor query attributes handling in PKCS#11 URI [PR#92] * Add OTP and GOST mechanisms to pkcs11.h [PR#90, PR#91] * New envvar P11_KIT_NO_USER_CONFIG to stop looking at user configurations [PR#87] * Build fixes for Solaris and 32-bit big-endian platforms [PR#81, PR#86] - Changes for version 0.23.7 * Fix memory issues with "p11-kit server" [PR#78] * Build fixes [PR#77 ...] - Changes for version 0.23.6 * Port "p11-kit server" to Windows and portability fixes of the RPC protocol [PR#67, PR#72, PR#74] * Recover the old behavior of "trust anchor --remove" [PR#70, PR#71] * Build fixes [PR#63 ...] - Changes for version 0.23.5 * Fix license notice of common/unix-peer.c [PR#58] * Remove systemd unit files for now [PR#60] * Build fixes for FreeBSD [PR#56] - Changes for version 0.23.4 * Recognize query attributes defined in PKCS#11 URI (RFC7512) [PR#31, PR#37, PR#52] * The trust policy module now recognizes CKA_NSS_MOZILLA_CA_POLICY attribute, used by Firefox [#99453, PR#46] * Add 'trust dump' command to dump all PKCS#11 objects in the persistence format [PR#44] * New experimental 'p11-kit server' command that allows PKCS#11 forwarding through a Unix domain socket. A client-side module p11-kit-client.so is also provided [PR#15] * Add systemd unit files for exporting the proxy module through a Unix domain socket [PR#35] * New P11KitIter API to iterate over slots, tokens, and modules in addition to objects [PR#28] * libffi dependency is now optional [PR#9] * Build fixes for FreeBSD, macOS, and Windows [PR#32, PR#39, PR#45] - Changes for version 0.23.3 * Install private executables in libexecdir [fdo#98817] * Fix link error of proxy module on macOS [fdo#98022] * Use new PKCS#11 URI specification for URIs [fdo#97245] * Support x-init-reserved argument of C_Initialize() in remote modules [fdo#80519] * Incorporate changes from PKCS#11 2.40 specification * Bump libtool library version * Documentation fixes * Build fixes [fdo#87192 ...] - Move RPM macros to %_rpmmacrodir. - New server subpackage - Change keyring to new maintainer Daiki Ueno - Avoid bareword to fix build failure - Remove obsolete patches: * p11-kit-biarch.patch * 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch * 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch- Also build documentation (boo#1013125)- support loading NSS attribute CKA_NSS_MOZILLA_CA_POLICY so Firefox detects built in certificates (boo#1154871, 0001-Fix-a-typo-in-x-cetrificate-value-see-also-https-bug.patch, 0001-Support-loading-new-NSS-attribute-CKA_NSS_MOZILLA_CA.patch)- Use %license instead of %doc [bsc#1082318]- 32-bit compatibility fixes: * Add PKCS11 module to p11-kit-32bit (bsc#996047#c39) * Add p11-kit-nss-trust-32bit NSS module * Fix potential bi-arch issue with private binaries (fdo#98817, p11-kit-biarch.patch)- Update to 0.23.2 * Fix forking issues with libffi * Fix various crashes in corner cases * Updated translations * Build fixes - Make building more verbose - Enable tests - Small spec file cleanup with spec-cleaner- Update to version 0.23.1 (stable) * Use new PKCS#11 URI draft fields for URIs [fdo#86474 fdo#87582] * Add pem-directory-hash extract format * Build fixes - Remove 0001-trust-allow-to-also-add-openssl-style-hashes-to-pem-d.diff; fixed on upstream release - Remove autoconf, automake and libtool require; unneeded dependencies - Add gtk-doc require; needed to build html documentation - Remove redundant %clean section- remove patches: * trust-Print-label-of-certificate-when-complaining-.patch * trust-Dont-use-invalid-public-keys-for-looking-up-.patch - new version 0.20.7 (stable) * New public pkcs11x.h header containing extensions [fdo#83495] * Export necessary defines to lookup attached extensions [fdo#83495] * Build fixes - new version 0.20.6 (stable) * Make the p11-kit-proxy.so module respect critical = no [fdo#83651] * Build fix for FreeBSD [fdo#75674] - new version 0.20.5 (stable) * Don't use invalid keys for looking up stapled extensions [fdo#82328] * Better error messages when invalid certificate extensions * Fix parsing of some odd OpenSSL TRUSTED CERTIFICATE files * Fix some leaks, and memory issues * Silence some clang scanner warnings - new version 0.20.4 (stable) * Don't complain about C_Finalize after a fork * Fix typo/sbin/ldconfig/sbin/ldconfigh01-ch3a 1698315047 0.23.22-150500.8.3.10.23.22-150500.8.3.1pkcs11moduleslibp11-kit.so.0libp11-kit.so.0.3.0p11-kit-proxy.solibp11-kit0AUTHORSChangeLogNEWSREADMEpkcs11.conf.examplelibp11-kit0COPYING/etc//etc/pkcs11//usr/lib64//usr/share/doc/packages//usr/share/doc/packages/libp11-kit0//usr/share/licenses//usr/share/licenses/libp11-kit0/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:31290/SUSE_SLE-15-SP5_Update/d2461017bafa557a22e90431a0c28c1a-p11-kit.SUSE_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linuxdirectoryELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=b04920981d44f49643e1783949a2478a81612966, strippedASCII textASCII text, with very long linesPPRRRRRRRR RRR R R RRR RRRRRԥi{X>utf-886042c477fd3e87aa7e2c2e23c86f9aea85bd74e804bf2391fef173e98115314?7zXZ !t/A'V]"k%]dh;SvE<;02$Q#>'6w60\`[F$]PqNq,1H:!ˣzj[?:/bjA8012yլ(d;Nh~ b/Թ,I.qFnzaX~m& !h$($9Dʘ0)P0Z;QAC.ףw 'N*j3rHx$v^Od8|:VgjԔ)xFhOckn>tJhfc"v~4,|z, Uㆺ V0uO\5)R:7K?V'8τ &h* ZxJwPnJuۀ1V3Gm[Q<< e{0#C}|Fn cUMj?RS ZX U]@jd@ C|~hLkڼ,y 22`8pt ɲ u+t~FGGΐսTw.;,̨[e6͈!MK^[6x^{vAӜ.Y ӈM3$XI΅ӽU5_V%x\՘/CaXG0V S+O5't~\Dj0AxV~ެ%t8'?4>kC]Ĭj0Kڱ-_eq@u!L+bʡB I:}?mWpD;Km8:v'}: a߫_Ha֝X.'ڰdb!=Va[w:ލ0`RBc+4L4.D)@{0bsr`S6 9O H#F#ז!EtCQzG-+;JgSȓ%EԫZ:,AH'Rv J5 p+|e( =G{4^mn$**5+1ߩ K5p~ʺT|}"fڹ}W ˭*~^N{VzA 3: 9Kyn[-O#:RKL@-Ivѕ@JmSo 3 BՋ@ ) =Z^R㽀:PoF̏׫ }Av'FioQ8ح3 !h'XJ%h͠lhz@x| tk*% p2SJؔ?*Fȅ+26@]P495q3Q!V< Rdg-89x \}Z5?ɻ~TŢR_Y,kL8G.RY*ƶ*ŷ'7'g=SN}O{ހ:IWJSkը? ^a il $/թž릥iaejPܽq?u{~HG]Ipb~^` $F ^>\&v+ 2MI e"LuP|K j[ ~iyήo 5R:T#ZbwEXV/5ӵᅞu)yw[ᮬ ƿ,sv sq1iG|WLܧ .oX+jS:kojUwt2A+ YCP~67O"⳷>5U ~1~· W: s8sF{ʇM(/n/B^~Նθc٣u6VJ @B4٪PK#ͺD;jfg~J-͎lSFS؍W KK-tkB4jpPMd˾=2#>QoGdls5mZ2'vOf2ܪ])٭KwN{}Fd4Mw6Mj4]v2GB7Ïx;ȴ 4"J }CӃ `˶";^]G1%W~O~h1+*A˙VNJcmkR*;wwXB 9C|VbyQƹ])j+~j49i$/W,E )D}f ͏(1]ENq$q$64%i˦T,T!qqwR416>wEW83Y-6.+{3z0cz]XV#؅!ٱY3 UÞrV!7@!iln0$#%<5o9>QbVGG<1[.%a. /g6}$}Reؠtyƾ/|gߠ ct@|`=kfI.r%<%;ԊUĴY3w(] ՑE gAf(Zu>dT@[:}=J&P~ܧIN{}(t[AYAe.̪!^E1Uϗ7:srbg~)5wm D:,KG:tF6.rTsHoӳ)IoD?u-u2?@?d"JOi2z|,1W5OJqXjO_jܑݳU07{ܭ N 73uê. vPZEaȏ9;+`Z)︗ 9 }l9r*0ow'32쏾=;2ߙGiP]lyexVbWcmiCD15q=x"0V7a8 RyW#>,Yo8r(Y7Wa+Q쑧?X>Q.޽ AS7NZuOr rN\Tq `Q٭nk4Mg78A!d_I{YE*&$4k"Ym*2xD^Fh.͟ wkQ\B_iNx[H5yok ap}G3`sKa{ [#!be$` s ބMU<5(lֿ/\ &F|22L6hvh!*D# h:jTt/ŬkZ,dDqѽ (&U9w-R3}tбc7~ek^8W}$BVQp/ǘzb^iȮ0W(p! %j%FK'nt&lz;US<@IR븺vLyz]V3#t+9>\PkeR$C > ptca|k#[QweЎ7SVxȝzӖxhTB; lfN\v:ưx%HRg A`{WރJwuɱ(_\wKvإ_:qW]WhGŒk@H-k N{iuB[4KZCfE&$o#AZnyw> '97I fckXo2z%*ɥdЄ;evƠ)B*B aFئb?l?i8~Z$X -ˁtqz-'#1Q97AY!֮ r*_y2AqeY׮t Ŀl5sߌ\= ҶԢ~4| 5RBHٵ~T75o)/RE.:zewcJN^ h.1 px:%n1FP)eZgLگ9ܫe]‰U FpC#_m#bӹw+ ×5Ҿ_:=Pv5yL |noi*o[kPPZ1G;,1q($=WTZ |ڰ";gmDM7M%Fz <Ž7b{w ХQwZ%z@gtV-qOɶٷiNcXhrTXEk}VLE>STRqs|l^edW/F/>"Vlds0bq3.7K%+jк0 |c75(?ފK.iY(HMԽ`jgdPWu 2ke$VԹ@r N@ o+Óo3>rwX1Z7h$0Ek7"'Ixp~T{tm~/μ'Ӡa O .?4`U"%7>k.Ojc ZMW_̳_EaMǐ8UJ$TWxc>41gw?0+fE&I0N .(bI}C(6Ca$yEyUј̵h~شaod=H&Ubr]?V,Y>r_]eQ$tu}4tUi({1Jzp@OwN؅o [F_wt)y&]ۖUև"Ab*zϺ4ЮsCx_0>7mCX|#0؅'/sNTngh'-p[\K¨_XQ)d!iY|:#V Wo Z~Z^"@oߖ4Epz_LzS 2/R 1$$ꁽ2fkxIӯF>VFi#q]k"PfBÈ^w ,Ƽ5 yoȋj/(@9 c yL' O'tj9 ڑ8f^O1yBS}gNTM;7R]ԳQ.u ֭j& ,$c 0+̀ ;n_)< >{i@ͯ@\I)<ز3ԭSFoxg 5|<Ň7Hw&"TQִhTN8㽮^\£ 0\$vc[ a5sZ.>[-}Ӑ@QtM&|TxzRM!JGazƦ&%LmS'{1 꽥Z.San j;JV n`ϿI;M!|&Dwe9 d+$Jn!P ,u*o}cM;"yFmT[ V.6Of|]{#8?7] FuG״jv g] e $˸׸\]g=`}/bHYDyޓ#Lklv ฯxhAش4WUS-F[^Sݛ)9Eeӊ=+!7jxNƣ DSܞ3<@e_Ŀ[p{Lĭ~yb2i &,>(Fʻ;TJc>xN{^h*ޭ.i@9kx Hˑ(DSw-Fi H:FNhnV Qvᮦo 'h40 5КZ: ?"\\t2~SBSgP\锷掩o!]<[b݃lNtմ!J?z,'{UsZ0[^LZ)1ΔiԻ@,#Oac o ƂvCIg<(ͧŐ`j Q 7 BHt[)y˝4*vE2[-t8fб'KՌoܒWr hRѻ/3R# p"ZU{T}-?تNItJNAr:fBa}72Xltx@[1~ V|s}zLhFue(%1R&CmZ:'gۃ(Kz>:% Y]mIXqt4ȥ,sFw/ |me1?6 94͝YƂy(7l0rqbBaWi7*KhQUU!A