Page MenuHomeFreeBSD
Differential D42000

security/clevis: NEW PORT a pluggable framework for automated decryption
Needs ReviewPublic
Actions

Authored by dch on Sep 27 2023, 3:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, May 16, 6:23 AM
Unknown Object (File)
Fri, Apr 26, 2:03 AM
Unknown Object (File)
Fri, Apr 26, 2:03 AM
Unknown Object (File)
Thu, Apr 25, 7:41 PM
Unknown Object (File)
Apr 20 2024, 4:06 AM
Unknown Object (File)
Apr 19 2024, 2:44 PM
Unknown Object (File)
Apr 8 2024, 9:55 PM
Unknown Object (File)
Feb 28 2024, 5:29 AM
View All 13 Files
Subscribers
mat
This revision needs review, but there are no reviewers specified.

Details

Reviewers
None
Summary

Using security/tang as an example, it is possible for clevis to retrieve
a previously encrypted secret from the stateless tang server, without
the server having any knowledge of the secret.

Plugins, called pins, can be nested and combined in various ways,
from network presence, to Shamir secret sharing, and TPM2 hardware.

WIP - requires changes upstream.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 53745
Build 50636: arc lint + arc unit

Revision Contents
Changeset List

PathSize
security/
1 line
clevis/
26 lines
3 lines
20 lines

Diff 127867

View Options

security/Makefile

Loading...
View Options

security/clevis/Makefile

Loading...
View Options

security/clevis/distinfo

Loading...
View Options

security/clevis/pkg-descr

Loading...