í«îÛ    libykcs11-1-1.5.0-lp150.2.3.1                                                       Ž­è         <   >     ,     è            ê          ì          .‰ \Èuñ¸‹/Ô=½Â„­ƒþ o ç(³ƒ¶¸0rf¼öe>÷zÑ<ï/xzZß'tÆLýÃÇØØ„4B>Ó=D0¬ p;ò=€×¨]#šÀ¿µg"Zï	ª—’K½€épvÕßÅh‹OÁ–W‚d}ÐN˜“êÜBåïÂïàå·#ä-ærÄÐl¼<[BÍhâzåö£±aòvñŸöúæû-V¼Ž¯¨Æx(/_"ˆ˜¾f}3À»d­]úZWY‰’V,;ôÌÙû{#!EûúÉq©î_ŒGIœ@(+±í#Käõ Ïîa¶Þ£E¦âGËØ`ãN’kö_ÕÔžÿ6G'.JÑ’†’ëy*¨­ŸÔžñZFÅ~Ö=YÎ—CO)Â@å[   >   ÿÿÿÀ       Ž­è       @  $@   ?     $0      d            è           é           ê           ì   	         í   	   C     î      ¨     ï      ¬     ñ      ¸     ò      ¼     ó      Ï     ö      Ø     ÷      å     ø   	   þ     ü          ý     >     þ     D          L          T     	     X     
     \          d          ¦          ¼          Ä          Î          Ø                              h          ¼          í     (          8     $     9     x     :          >      Õ     @      ä     F      ó     G     !     H     !     I     !     X     !     Y     !,     \     !T     ]     !\     ^     !~     b     !Š     c     "3     d     "Ì     e     "Ñ     f     "Ô     l     "Ö     u     "è     v     "ð     w     #€     x     #ˆ     y     #     z     #Ð     “     #à     Æ     #ä     ä     #ê     å     $,   C libykcs11-1 1.5.0 lp150.2.3.1 Yubikey NEO PKCS#11 applet library This is a PKCS#11 module that allows to communicate with the PIV application running on a YubiKey    \Èuñcloud127     @PopenSUSE Leap 15.0 openSUSE BSD-2-Clause http://bugs.opensuse.org Productivity/Networking/Security https://developers.yubico.com/ linux x86_64      @P¡ÿí    \Èuï\Èuï d3e74bba9fe4ccc44870d96297e35d998dc630a897041aaaf5224ca6153a0cf4 libykcs11.so.1.4.0            root root root root yubico-piv-tool-1.5.0-lp150.2.3.1.src.rpm   ÿÿÿÿÿÿÿÿlibykcs11-1 libykcs11-1(x86-64) libykcs11.so.1()(64bit) libykcs11.so.1(YKCS11_0.1.0)(64bit)         @   @   @   @   @   @   @   @   @   @   @   @   @   @       
  
  
  
/sbin/ldconfig /sbin/ldconfig libc.so.6()(64bit) libc.so.6(GLIBC_2.14)(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libc.so.6(GLIBC_2.7)(64bit) libcrypto.so.1.1()(64bit) libcrypto.so.1.1(OPENSSL_1_1_0)(64bit) libykpiv.so.1()(64bit) libykpiv.so.1(YKPIV_0.1.0)(64bit) libykpiv.so.1(YKPIV_1.1.0)(64bit) libykpiv.so.1(YKPIV_1.2.0)(64bit) libykpiv.so.1(YKPIV_1.3.0)(64bit) libykpiv.so.1(YKPIV_1.5.0)(64bit) pcsc-ccid rpmlib(CompressedFileNames) rpmlib(FileDigests) rpmlib(PayloadFilesHavePrefix) rpmlib(PayloadIsXz)                  3.0.4-1 4.6.0-1 4.0-1 5.2-1 4.14.1    […9@ZòÀZ,@Y,@W´QÀW;ÀWÀVjºÀVLh@VD@V<–@Vò@V @Uø@U¡@UÀU>$ÀUôÀTØ¡@TÐ¸@TÂ7Àkbabioch@suse.com t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de cdenicolo@suse.com t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de t.gruner@katodev.de - Added CVE-2018-14779.patch: Fixed an buffer overflow and an out of bounds
  memory read in ykpiv_transfer_data(), which could be triggered by a malicious
  token. (CVE-2018-14779, bsc#1104809, YSA-2018-03)
- Added CVE-2018-14780.patch: Fixed an buffer overflow and an out of bounds
  memory read in _ykpiv_fetch_object(), which could be triggered by a malicious
  token. (CVE-2018-14780, bsc#1104811, YSA-2018-03)
- Used %license macro for COPYING (rather than %doc)
- Applied spec-cleaner - Version 1.5.0 (released 2017-11-29)
  - API additions: Higher-level "util" API added to libykpiv.
  - Added ykpiv_attest(), ykpiv_get_pin_retries(), ykpiv_set_pin_retries()
  - Added functions for using existing PCSC card handle.
  - Support using custom memory allocator.
  - Documentation updates. make doxygen for HTML format.
  - Expanded automated tests for hardware devices, moved to make hwcheck.
  - OpenSSL 1.1 support
  - Moderate internal refactoring. Many small bugs fixed. - Version 1.4.4 (released 2017-10-17)
  - Documentation updates.
  - Add pin caching to work around disconnect problems.
  - Disable RSA key generation on YubiKey 4 before 4.3.5. See https://yubi.co/ysa201701/ for details. - Version 1.4.3 (released 2017-04-18)
  - Encode RSA x509 certificates correctly.
  - Documentation updates.
  - In ykcs11 return CKA_MODULUS correctly for private keys.
  - In ykcs11 fix for signature size approximation.
  - Fix PSS signatures in ykcs11.
  - Add a CLI flag --stdin-input to make batch execution easier. - Version 1.4.2 (released 2016-08-12)
  - Clarify license headers and clean up YKCS11 licensing. Now uses pkcs11.h from the Scute project.
  - Donâ€™t install ykcs11-version.h.
  - No cflags in ykcs11.pc.
  - Unimplemented YKCS11 functions now return CKR_FUNCTION_FAILED.
- Version 1.4.1 (released 2016-08-11)
  - Documentation updates
  - Add possibility to export certificates in SSH format.
  - Make certificate serial number random by default. - Version 1.4.0 (released 2016-05-03)
  - Add attest action When used on a slot with a generated key,
    outputs a signed x509 certificate for that slot showing that
    the key was generated in hardware. Available in firmware 4.3.0 and newer.
  - Add cached parameter for touch-policy With cached, the touch is valid
    for an additional 15s. Available in firmware 4.3.0 and newer.
  - Enforce a minimum PIN length of 6 characters.
  - Fix a bug with list-readers action where it fell through processing into write-object. - Version 1.3.1 (released 2016-04-19)
  - Fix a bug where unblock pin would instead change puk, introduced in 1.3.0.
  - Clarifications with help texts.
- Version 1.3.0 (released 2016-02-19)
  - Fixed extraction of RSA modulus and exponent for pkcs11.
  - Implemented C_SetPIN for pkcs11.
  - Add generic write and read object actions for the tool. Supports hex/binary/base64 formats
  - Add ykpiv_change_pin(), ykpiv_change_puk() and ykpiv_unblock_pin()
  - Print CCC with status action.
  - Address bugs with pkcs11 on windows.
  - Add --valid-days and --serial to tool for selfsign-certificate action.
  - Ask for password for pkcs12 if none is given. - Version 1.2.2 (released 2015-12-08)
  - Fix old buffer overflow in change-pin functionality.
- Version 1.2.1 (released 2015-12-08)
  - Fix issue with big certificates and status.
- Version 1.2.0 (released 2015-12-07)
  - On OSX use @loader_path instead of @executable_path for ykcs11.
  - Add ykpiv_import_private_key to libykpiv.
  - Raise buffer sizes to support bigger objects.
  - Change behavior of action status, only list populated slots.
  - Add retired keys to ykcs11.
  - In ykcs11 support login with non null terminated pin.
  - Add a new action set-ccc to yubico-piv-tool to set the CCC. - Version 1.1.2 (released 2015-11-13)
  - Properly handle DER encoding in ECDSA signatures. - Version 1.1.1 (released 2015-11-11)
  - Make sure SCardContext is properly acquired and released. - Version 1.1.0 (released 2015-11-06)
  - Add support for new YubiKey 4.
  - Add ykcs11. - Add dependencive in .spec file - Version 1.0.3 (released 2015-10-01)
  - Correct wording on unblock-pin action.
  - Show pin retries correctly.
  - Use a bigger buffer for receiving data. - Version 1.0.2 (released 2015-09-04)
  - Query for different passwords/pins on stdin if theyâ€™re not supplied.
  - If a reader fails continue trying matching readers.
  - Authentication failed is supposed to be 0x63cX not 0x630X. - Version 1.0.1 (released 2015-07-10)
  - Project relicensed to 2-clause BSD license
  - Minor fixes found with clang scan-build - Version 1.0.0 (released 2015-06-23)
  - Add a test-decipher action.
  - Check that e is 0x10001 on importing rsa keys
  - Use PCSC transactions when sending and receiving data - license update: GPL-3.0+
  COPYING files says package is under GPL-3.0+. - Version 0.1.6 (released 2015-03-23)
    Add a read-certificate action to the tool.
    Add a status action to the tool.
    Fix a library bug so NULL can be passed to ykpiv_verify()
    Add a test-signature action to the tool. - Version 0.1.5 (released 2015-02-04)
    Revert the check for parity and just set parity before the weak check. - Version 0.1.4 (released 2015-02-02)
    Prompt for input if input is stdin.
    Mark all bits of the signature as used is certs and requests.
    Correct error for unblock-pin.
    Fix hex decode to decode capital letters and return error.
    Check parity of new management keys. - Version 0.1.3 (released 2014-12-18)
    Add format DER for importing certificates.
    Make sure diagnostic feedback ends up on stderr.
    Add positive feedback for a couple of actions.
- Version 0.1.2 (released 2014-11-14)
    Fix an issue where shorter component of RSA keys where not packed correctly.
- Version 0.1.1 (released 2014-11-10)
    Correct broken CHUID that made windows work inconsistently.
    Add support for compressed certificates.
    Fix broken unblock-pin action.
    Donâ€™t try to accept to short keys for mgm key.
    Only do applet authentication if needed.
    Add --hash for selecting what hash to use for signatures.
    Add hidden --sign command. Should probably not be used.
    Fix for signature algorithm in selfsigned cert.
- Version 0.1.0 (released 2014-08-25)
    Break out functionality into a library.
    More testing.
- Version 0.0.3 (released 2014-05-26)
  Add delete-certificate action.
  Fix minor bugs.
- Version 0.0.2 (released 2014-02-19)
    Fix an offset bug with CHUID.
    Do full mutual auth with the applet.
- Version 0.0.1 (released 2014-02-11)
    Initial release. /sbin/ldconfig /sbin/ldconfig cloud127 1556641265                          €   € 1.5.0-lp150.2.3.1 1.5.0-lp150.2.3.1             libykcs11.so.1 libykcs11.so.1.4.0 /usr/lib64/ -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -g obs://build.opensuse.org/openSUSE:Maintenance:10139/openSUSE_Leap_15.0_Update/91e41b38aeb9a7eece08a2f9a4e1fb28-yubico-piv-tool.openSUSE_Leap_15.0_Update drpm xz 5 x86_64-suse-linux         ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=86a4376cb9814c121e29fe34c8f389605e038fe5, stripped                  P  P  R  R  R  R  R  R  R  R  R  R  R  	R  
R  R  Ì~ã¨qš„ô°Õ½W   utf-8 8a98d3e48438dc628cc24024b224c2aa47e317ffc1e1808bda0f4c2786cf06bd        ?   ÿÿü    ý7zXZ  
áû¡ !   t/å£àŸa] "ÌkÀ%{U}dè¨õ\á;ÓaÈký”6aÂ‚‰™ˆ)mFœÞâÜŠ¥>WV…aõG½³Ø X|Â'2xÈBn©ÄÛºwÒP?ÃðœŒ¢6.åîóþr*Ì:éOâ€¹¶÷h4<T9åðMÁ4`§Öd› ~€8Ù ÕÛ8bwù¹fgZ\EÀ˜ou„³æÓÐÅÚî1´yÔJ¨ÒÏ{0û #N¶Žåè¡é-ò¡lAá…$Ù%à7*ÏãšþbB\3µ•Ô.9>óm‚é4Ä~¨JãTgx !ýòi7D®WÐ=’iÀhÉ‚»®ò›Î½5Ë]!2¾»ÍØQü;&°\”¸õ#ªõ}î<ònþn¹Ô3Èû½,{Ý©de×' ©¶€†—Îøõì-ÆDìÒ“¤º|*Nä?ÿ„ÿä¾CzÆÕF³/ðo†°ÁÓ}Ó"Qõ¿}‰ûD»æPÚf.®ê‘æ€ë ”oéXÒ7Ät ‰¦÷5¹t²½…ë|TMãëô°¡ÞŸA€¾vN+‰þ·Õ§lˆq¹Û)sþ9mŸO1ž X^“9‰­´0Ïú„dTh6¤øKÜSðáL'Ù¢fâà6aäáÜˆo{ïd•Gñ@ß_¹hr4æ–º/p=–ã±¤”_^Ðj<Eë›ÕúÞýðÂNPÖwÍ!k|;œâsÚôŽcüÑÏ>.ÃŠ=íÊi×‡I!”9kâ(`öª&‘Þ†€K£æ I¨¨¼mêEMEFe•4M/Î1KbS»…`ˆÙÙgÜ®*2b…÷ã(n:8=œ «A!ýAµÈÀ¦,”ÉclöPv0Ù{®eü`p/ÝÓë²Ô“ÿw{ß«€œM,pÚz¿ÇñýL³ŸZ=Ž \*˜tŽ0l…X·iyÒ[¡ÂÎˆ&C|¢C'ÅÒÎ&íXï‡KS†—,ï-êÀ«kÎãax\~õ~HÍçñ·„Ö9²#Š`ßÕn¯ƒÅÍ<;ÛÇ(È $Ÿ•­ÌaŒòÝ|7§$B‘¡Œj»—¹‡¦¾.¯ ïýÉ	}ýXô=õÖå“Ñ¶ÈÍ°ÏØñvcÙ¼®„u¸³$ËŒ„¢9]ÖS¤Ú=;Í±¡Ó3yiŠ4‡Œî¼¹Ævê&¸ûûN#/¯«q§Àë„ð|àÀ{R>]ìØ£Q@²¹*H°ð^lCIÛãëÒ7nS( ¹*ã®¹.Ê¢b'äw]àÄlïé­O{«—·K‚/@‹°b'•b…{LvÛwü–pì
åU7¼Ø=ÚAü>É0±Š"§QŸw{DBá	ÆXñ:ù‡ü"¢#¥êŠh×à}AÞÌnd—úVÇÚkŸÄ[XV¼_?¯ŒWÃòò¡>ºŠ3êÝBŒŸZ’å'?½Ä¢ É¸W;¤õ[¾zÜàK¸Nf®ÕhTÉöÚ¢8„xg.Aa?}|O»ð³S:cWåáƒ5Ú.S½\Ï©”¶ü˜Ø¦S+äHc^å<JÁâÝ©þ•1Yx)ENË!ñL˜Ä²“4h6	EËì]H`KˆòŠÈÑ™ö;e,­©AWÉlÙ€ö*2F°†’¼º+Ã˜~`]ÇÙéNëPå¸Ý³¤,OÓóAØ¨Ý$o`÷¿xØDú¬º0û¥œ=çZá~s¡çuÑ³”õµI¯ÿœ7¸÷'3ÍSy;þ">ˆ?ÂÊV;‘“GTAÉã%„5Ê]éï¹¦²›¨ð]z’:’ÚçšýŸÙJ2Òº6S™.ð    L!×ÊQ©c*XR†QEOÍBY9b™ÆlíÓ • 1  žôì‘¶éß    
YZ