Name: aws-lc-devel	Distribution: openSUSE Tumbleweed
Version: 1.62.0	Vendor: openSUSE
Release: 1.1	Build date: Sun Oct 19 15:24:28 2025
Group: Unspecified	Build host: reproducible
Size: 1887831	Source RPM: aws-lc-1.62.0-1.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://github.com/aws/aws-lc
Summary: AWS-LC development headers

AWS-LC is a general-purpose cryptographic library maintained by the AWS
Cryptography team for AWS and their customers. It іs based on code from the
Google BoringSSL project and the OpenSSL project.

Provides

Requires

License

Apache-2.0

Changelog

* Sun Oct 19 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.62.0:
    * nginx now supports AWS-LC
    * Fix tests that assume X25519 will be negotiated
    * Fixing a bug in ML-DSA poly_uniform function
    * Migrate integration omnibus
    * Delete util/bot directory
    * Type fix in mldsa
    * Centralize password handling tool-openssl
    * crypto/pem: replace strncmp with CRYPTO_memcmp to fix -Wstring-compare error
    * Implement dgst CLI command
    * Add ASN.1 decoding for ML-KEM private keys as seeds
    * Implement genrsa command
    * Move udiv and sencond tweak calculations to when needed
    * Add null check on RSA key checks
    * Implement workaround for FORTIFY_SOURCE warning with jitterentropy
    * Implement coverity suggestions
    * Add minimal EC CLI tool implementation
    * Adding pkeyutl tool to the CLI
    * Add option ENABLE_SOURCE_MODIFICATION
    * Simple script to build/run tests
    * Add build-time option to opt-out of CPU Jitter Entropy
* Tue Oct 07 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.61.4:
    * Pin PyCA version in python integration tests
    * Check compiler for 'linux/random.h'
  - update to version 1.61.3:
    * Remove jitter entropy tests folder
* Sat Sep 20 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.61.2:
    * Fix build when path has spaces
    * Fix test issues with run_minimal_tests
  - update to version 1.61.1:
    * Fix duplicate test names in CodeBuild integration tests
* Tue Sep 16 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.61.0:
    * Apply additional X509 validation checks on certificates sourced from trust store
    * Reorganizing compatibility tests, rework certificates for better groking
    * Additional X.509 Behavior Compatibility Tests
    * Add Support for IPv4 and IPv6 X.509 Certificate Name Constraints
    * Merge main to x509
    * Reintroduce support for validating DNS commonName subjects when name constraints are present.
    * Support client-side hostname checks with leading .
    * Verify leaf certificate public key rather then leaving it to the caller
    * Support for explicit curve parameter on EC public keys where parameters match supported curves
    * Add x86 Keccak implementation
    * Gate EC explicit curve parameters for X.509 behind flag
    * Update CPU Jitter Entropy dependency to version 3.6.3
    * Fix benchmarking issues with FIPS main
    * Add standalone MLKEM supported groups
    * Document and statically assert counters can't overflow
    * TLS Transfer Serialization Improvements
    * Fix ternary operator in github workflow
    * Merge x509 branch into main
    * Address clang-ci comments on new x509 code
    * Implement snapsafe fallback entropy source
    * Rand small fixes
    * Import s2n-bignum 2025-09-05-04
    * Refactor iOS CI script
    * Re-import mlkem-native for addition of CFI directives
    * Fix typo in ssl_transfer_asn1
    * Fix for zig build
    * Update SSLProxy patch
    * ML-DSA service indicator
    * Add aes-xts AArch64 implementation that will eventually be imported from s2n-bignum.
    * Fix Keccak MY_ASSEMBLER_IS_TOO_OLD_FOR_512AVX flag
    * Increase SSLBuffer size to INT_MAX
    * Wrap compiler when FIPS w/ clang v20+
    * Test ACCP in FIPS mode as well as non-FIPS
    * fix: Allow zero-length passwords in PEM key decryption
    * Use CheckCCompilerFlag to test -Wno-cast-function-type
    * Make X509 CodeBuild webhook more resilient
  - update to version 1.60.0:
    * Anchor CodeBuild account-id patterns
    * Implement read/write timeouts for BIO datagram
    * Migrate from CodeBuild account actor filter to pull request comment filter
      based on GitHub permissions
    * Implement ragdoll
    * Add expandedKey ASN.1 encoding for KEM keys
* Fri Aug 29 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.59.0:
    * Support other field for PKCS7
    * Add CFI directives to armv8-mont
    * Add back RC4_options from decrepit
    * Apache httpd integration test
    * Fix clang-21 compile error
    * Fix MariaDB integration test
    * ML-KEM: Re-import mlkem-native
    * ML-KEM: import and enable x86_64 backend from mlkem-native
    * X509_REQ_verify for MLDSA44 and MLDSA87
    * Remove BIT_INTERLEAVE support
    * ML-KEM: Fix mlkem-native importer.sh
    * Add CFI directives in md5-armv8.pl
* Thu Aug 14 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.58.1:
    * Add support for EVP_PKEY_param_check
    * Move check-linkage.sh to util
* Tue Aug 12 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.58.0:
    * Add EVP_PKEY_check and EVP_PKEY_public_check
    * Rewrite 4-fold batched SHAKE to be amenable to batched Keccak-F1600 assembly
    * Fix Win64 unwind info alignment
    * Migrate MSVC tests to CodeBuild
    * Add optimized + verified hybrid AArch64 assembly for batched SHA3/SHAKE
    * target.h: more clearly check for ppc64 endianness
    * Impl SSL_client_hello_get1_extensions_present and friends
    * Implement SSL_set_verify_result
    * ML-DSA constant-time hardening for caddq, poly_chknorm, decompose
* Mon Aug 11 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.57.1:
    * Resolve issue with conflicting pkg-config variables
  - update to version 1.57.0:
    * Preparation for Adopting SONAME and ABI Versioning
    * Offer P521 for signature_algorithms in client Hello
    * ML-KEM: Import AArch64 backend from mlkem-native
    * Add back X509_STORE_get_verify_cb and X509_STORE_set_lookup_crls_cb
    * Explicitly test that input length is as expected for ed25519ph
    * Fix Libwebsocket Build
    * Return NULL when a NULL or empty string is passed to NETSCAPE_SPKI_b64_decode
    * Reimplement SSL_clear_num_renegotiations
    * ABI monitoring GitHub workflow improvements
    * Migrate Openssl-tool parameter parsing
    * Add HMAC SHA3 benchmarks
    * Re-import s2n-bignum after merge of ML-KEM/Keccak functionality
    * Integrate formally verified AArch64 Keccak-x1 assembly
    * Add a couple more no-ops for legacy builds
  - remove soname.patch, as upstream formally introduced a soname
  - adjust the lib names
  - add the crypto lib as a requires to the devel package
* Wed Jul 23 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to version 1.56.0:
    * Export BIO_f_md for consumers
    * Remove obsolete python main patch
    * Remove redundant conditions
    * Implement pkcs8 cli
    * Export BF_cfb64_encrypt
    * Add pkey command to CLI tool
    * Improve OpenSSL compatibility
    * Fix PKCS12 Error Code
    * Use SP 800-56Arev3 Section 5.6.2.1.4.b instead of
      ECDSA PCT method
    * Minimize the nginx patch even further
    * Add LC contributors to allowlist
    * Align -help return codes in tool-openssl CLI to match Openssl
    * Dynamically link AWS-LC in cpython integration tests
    * Add missing x509 CI to list of tests
    * docs: Add FIPS documentation to BUILDING.md and README.md
    * Implement SSL_CTX_set_client_hello_cb for ClientHello callback
    * tool-openssl: Fix warning 'strnlen' specified bound 4096 exceeds
      source size 128
    * Pull in SSL_get_negotiated_group and TLSEXT_nid_unknown
      from upstream
    * Document non-support of TLS 1.3
  - update to version 1.55.0:
    * Add SSL_CTRL defines for SSL_*_tlsext_status_type
    * Implement HMAC over SHA3 truncated variants
    * Temporarily allowlist the webhook actors to AWS-LC
    * Rework memory BIOs and implement BIO_seek
    * s2n-bignum: Add prefix header to _s2n_bignum_internal.h
* Mon Jun 30 2025 Richard Rahl <rrahl0@opensuse.org>
  - update to 1.54.0:
    * Rename SSL test files to match Scrutinice filter
    * Order tool output
    * Fix Console Test Suite Execution Locally
    * Re-remove afunix.h
    * Note a couple of typoed struct names that we'll leave alone
    * Document that EVP_PKEY_CTX_set_rsa_keygen_pubexp takes ownership
    * Remove sys headers from bio.h
    * rwlock race tests is not a GoogleTest executable
    * Add two new APIs to expose TLS 1.3 traffic secrets for kTLS
    * Intentionally redefine iovec in headers as CI
  - update to 1.53.1:
    * Add timeouts to PQ TLS Integ Tests
    * Split ssl handshake tests
    * Add password prompting support & EVP_read_pw_string
    * Impl BIO_ADDR_xxx functions
    * Update mlkem-native to v1
  - update to 1.53.0:
    * Add build with hardened flag
    * Openssl tool output ordered
    * [SCRUTINICE] Remove redundant condition check
    * Support relro in delocator
    * Explicitly don't allow buffers aliasing in ctr-drbg implementation
    * Remove unused Windows afunix.h
    * Revert "Rework memory BIOs and implement BIO_seek (2nd try) (#2433)"
    * Use max_cert_list for TLSv1.3 NewSessionTicket
    * ML-KEM memory safety
    * Improve support for multilib-style distros in our test scripts
    * Fix Ru
    * Add hardened build back in
    * Fix OCSP integration test failures
    * Fix some theoretical missing earlyclobber markers in inline assembly
    * Simplify sshkdf and kbkdf
    * Run 3p module tests on python 3.13, add patch for 3.14
    * Fix service indicator in HKDF, more paranoid zeroization, and simplify logic
    = make it so that the patch adapts to the version
  - exclude %{arm} as those are not suppported and don't build
* Fri Jun 13 2025 Richard Rahl <rrahl0@opensuse.org>
  - adapt soname.patch to also give a version to libcrypto (fixes boo#1244562)
  - bump soversion to actual aws-lc version
* Wed Jun 11 2025 Richard Rahl <rrahl0@opensuse.org>
  - conflict the correct package
* Wed Jun 04 2025 Richard Rahl <rrahl0@opensuse.org>
  - Update to 1.52.1:
    * Increase default salt from 8 to 16 bytes for PKCS#8 & PKCS#12
    * fix(nix): Make sure bssl is in the PATH; workaround nix build failure…
    * Fix path-has-spaces test
    * Display X509 fingerprint after hash
  - Update to 1.52.0:
    * Set OPENSSL_NO_EXTERNAL_PSK_TLS13 to indicate lack of TLS 1.3 PSK
    * BIO datagram functions
    * Reject NewSessionTicket messages with empty tickets in TLS 1.3
    * Fix socket test issues
    * Remove python CI patch for main
    * Remove xmlsec patch
    * Mark fallible container operations as nodiscard
    * Remove extra va_end in err_add_error_vdata
    * Check for QUIC in SSL_process_quic_post_handshake
    * Add missing symbols for Unbound
    * Update mlkem-native
    * Squelch clang-tidy
    * Clang-tidy is still noisy
    * Add back two rules for clang-tidy
    * Implement BIO_dump
    * Make ASN1_get_object a direct call
    * Rework memory BIOs and implement BIO_seek
    * ML-DSA: ASN.1 Module - add parsing of BOTH private key format
    * Detection of unused results
    * Fix gtest_util.sh failure detection
    * Remove unused docs/configs
    * ML-DSA: Add ML-DSA keyGen to break-kat.go
    * Bump AWSLC_API_VERSION for X509_STORE_CTX_set_verify_crit_oids
    * Revert "Rework memory BIOs and implement BIO_seek
    * Resolve SSL_PRIVATE_METHOD and certificate slots functionality
  - Update to 1.51.2:
    * Fix prefix build when path has spaces
  - Update to 1.51.1:
    * nothing of relevance
  - Update to 1.51.0:
    * Fix ImplDispatchTest for 32-bit x86 build
    * Revert "Update patch for Postgres
    * Fix socat test
    * Remove special s2n-bignum source code processing at buid-time
    * Correct typo in malloc debug environment variable
    * Fix PQ Integration tests
    * Remove patch for IbmTpm
    * Support allowing specific unknown critical extensions
  - Update to 1.50.1:
    * Expand .clang-tidy configuration
    * nginx-1.28.0 aws-lc-nginx.patch
    * s2n bignum import method change
    * Fix a theoretical overflow in BIO_printf
    * Fix tpm2-tss integration tes
  - Update to 1.50.0:
    * Remove FFDHE and SECLEVEL python test patches
    * Remove unused ENABLE_DILITHIUM CMake option
    * SSL_in_*_init macros
    * Fix link to bcm.c in FIPS.md
    * Make sure it builds with CMake v4.0
    * Update formal verification section in README.md
    * Implement legacy callback with BIO_set_callback
    * Import mlkem-native
    * Split out socket BIO tests
    * Run clang tidy
    * Reinstate indefinite length and [UNIVERSAL 0] support in crypto/asn1
    * Implemented no-op CRYPTO_mem_ctrl
    * SCRUTINICE Fixes
    * Fix clang-tidy lints
    * Reinstate support for constructed strings in crypto/asn1
    * Add SecP384r1MLKEM1024
    * Fix CMake (< v3.20) warning
    * Add MLDSA44 and MLDSA87 to OBJ_find_sigid_algs
    * Bump AWSLC_API_VERSION to account for OBJ_find_sigid_algs bug
    * Add AES CBC cipher to speed.cc
    * Add X509_VERIFY_PARAM_get_hostflags
    * Enable IPv6 for curl integ
    * Add null check for EVP_get_digestbyobj
  - Update to 1.49.1:
    * FIPS Integrity Hash Tooling
    * Add more build options to match callback build
    * Add req to OpenSSL CLI tool
  - Update to 1.49.0:
    * Revert "Allow constructed strings in BER parsing
    * Add the rehash utility to the openssl CLI tool
    * Documentation on service indicator
    * Reject DSA trailing garbage in EVP layer, add test cases
    * Add support for verifying PKCS7 signed attributes
    * Add support for more SSL BIO functions
    * Adding detection of out-of-bound pre-bound memory read to AES-XTS tests
    * AES: Add function pointer trampoline to avoid delocator issue
    * Cherrypick hardening DSA param checks from BoringSSL
  - move services from disabled to manual
  - add patches disable-integrationtest.patch (needs internet), vendor-fix.patch (go mod tidy)
    and soname.patch (changes soname, so we can co-install the lib)
  - rework the packages we create
* Thu Mar 27 2025 Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
  - Update to version 1.48.5
  - Package OpenSSL files
  - Move bssl out of devel subpackage
  - Switch to obs_scm
  - Cleanup
* Wed Oct 12 2022 John Vandenberg <jayvdb@gmail.com>
  - Initial spec for v1.3.0

Files

/usr/include/openssl
/usr/include/openssl/aead.h
/usr/include/openssl/aes.h
/usr/include/openssl/arm_arch.h
/usr/include/openssl/asm_base.h
/usr/include/openssl/asn1.h
/usr/include/openssl/asn1_mac.h
/usr/include/openssl/asn1t.h
/usr/include/openssl/base.h
/usr/include/openssl/base64.h
/usr/include/openssl/bio.h
/usr/include/openssl/blake2.h
/usr/include/openssl/blowfish.h
/usr/include/openssl/bn.h
/usr/include/openssl/boringssl_prefix_symbols.h
/usr/include/openssl/boringssl_prefix_symbols_asm.h
/usr/include/openssl/boringssl_prefix_symbols_nasm.inc
/usr/include/openssl/buf.h
/usr/include/openssl/buffer.h
/usr/include/openssl/bytestring.h
/usr/include/openssl/chacha.h
/usr/include/openssl/cipher.h
/usr/include/openssl/cmac.h
/usr/include/openssl/conf.h
/usr/include/openssl/cpu.h
/usr/include/openssl/crypto.h
/usr/include/openssl/ctrdrbg.h
/usr/include/openssl/curve25519.h
/usr/include/openssl/des.h
/usr/include/openssl/dh.h
/usr/include/openssl/digest.h
/usr/include/openssl/dsa.h
/usr/include/openssl/dtls1.h
/usr/include/openssl/e_os2.h
/usr/include/openssl/ec.h
/usr/include/openssl/ec_key.h
/usr/include/openssl/ecdh.h
/usr/include/openssl/ecdsa.h
/usr/include/openssl/engine.h
/usr/include/openssl/err.h
/usr/include/openssl/evp.h
/usr/include/openssl/evp_errors.h
/usr/include/openssl/ex_data.h
/usr/include/openssl/experimental
/usr/include/openssl/experimental/kem_deterministic_api.h
/usr/include/openssl/hkdf.h
/usr/include/openssl/hmac.h
/usr/include/openssl/hpke.h
/usr/include/openssl/hrss.h
/usr/include/openssl/is_awslc.h
/usr/include/openssl/kdf.h
/usr/include/openssl/lhash.h
/usr/include/openssl/md4.h
/usr/include/openssl/md5.h
/usr/include/openssl/mem.h
/usr/include/openssl/nid.h
/usr/include/openssl/obj.h
/usr/include/openssl/obj_mac.h
/usr/include/openssl/objects.h
/usr/include/openssl/ocsp.h
/usr/include/openssl/opensslconf.h
/usr/include/openssl/opensslv.h
/usr/include/openssl/ossl_typ.h
/usr/include/openssl/pem.h
/usr/include/openssl/pkcs12.h
/usr/include/openssl/pkcs7.h
/usr/include/openssl/pkcs8.h
/usr/include/openssl/poly1305.h
/usr/include/openssl/pool.h
/usr/include/openssl/posix_time.h
/usr/include/openssl/rand.h
/usr/include/openssl/rc4.h
/usr/include/openssl/ripemd.h
/usr/include/openssl/rsa.h
/usr/include/openssl/safestack.h
/usr/include/openssl/service_indicator.h
/usr/include/openssl/sha.h
/usr/include/openssl/siphash.h
/usr/include/openssl/span.h
/usr/include/openssl/sshkdf.h
/usr/include/openssl/ssl.h
/usr/include/openssl/ssl3.h
/usr/include/openssl/stack.h
/usr/include/openssl/target.h
/usr/include/openssl/thread.h
/usr/include/openssl/time.h
/usr/include/openssl/tls1.h
/usr/include/openssl/trust_token.h
/usr/include/openssl/type_check.h
/usr/include/openssl/ui.h
/usr/include/openssl/x509.h
/usr/include/openssl/x509_vfy.h
/usr/include/openssl/x509v3.h
/usr/include/openssl/x509v3_errors.h
/usr/lib64/crypto
/usr/lib64/crypto/cmake
/usr/lib64/crypto/cmake/crypto-config.cmake
/usr/lib64/crypto/cmake/shared
/usr/lib64/crypto/cmake/shared/crypto-targets-relwithdebinfo.cmake
/usr/lib64/crypto/cmake/shared/crypto-targets.cmake
/usr/lib64/libcrypto.so
/usr/lib64/libssl.so
/usr/lib64/pkgconfig/libcrypto.pc
/usr/lib64/pkgconfig/libssl.pc
/usr/lib64/pkgconfig/openssl.pc
/usr/lib64/ssl
/usr/lib64/ssl/cmake
/usr/lib64/ssl/cmake/shared
/usr/lib64/ssl/cmake/shared/ssl-targets-relwithdebinfo.cmake
/usr/lib64/ssl/cmake/shared/ssl-targets.cmake
/usr/lib64/ssl/cmake/ssl-config.cmake

Generated by rpm2html 1.8.1

Fabrice Bellet, Wed Oct 22 22:37:11 2025

aws-lc-devel-1.62.0-1.1 RPM for x86_64

From OpenSuSE Tumbleweed for x86_64

Provides

Requires

License

Changelog

Files