Index: security/Makefile =================================================================== --- security/Makefile +++ security/Makefile @@ -1082,6 +1082,7 @@ SUBDIR += secure_delete SUBDIR += sguil SUBDIR += sha + SUBDIR += sha1collisiondetection SUBDIR += shibboleth2-sp SUBDIR += shimmer SUBDIR += shishi Index: security/sha1collisiondetection/Makefile =================================================================== --- /dev/null +++ security/sha1collisiondetection/Makefile @@ -0,0 +1,40 @@ +# Created by: Jason Harris +# $FreeBSD$ + +PORTNAME= sha1collisiondetection +PORTVERSION= 1.0.2 +DISTVERSIONPREFIX= stable-v +CATEGORIES= security + +MAINTAINER= jharris@widomaker.com +COMMENT= Library and command line tool to detect SHA-1 collisions + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +USE_GITHUB= yes +GH_ACCOUNT= cr-marcstevens + +USE_LDCONFIG= yes +#ALL_TARGET= library tools + +USES= gmake libtool:build +MAKE_ARGS+= PREFIX=${STAGEDIR}${PREFIX} + +PLIST_FILES= bin/sha1dcsum \ + bin/sha1dcsum_partialcoll \ + include/sha1dc/sha1.h \ + lib/libsha1detectcoll.a \ + lib/libsha1detectcoll.so \ + lib/libsha1detectcoll.so.0 \ + lib/libsha1detectcoll.so.0.0.0 +#do-install: +# ${INSTALL_PROGRAM} ${WRKSRC}/bin/sha1dcsum* ${STAGEDIR}${PREFIX}/bin +# ${INSTALL_LIB} ${WRKSRC}/lib/..... + +#post-install: +# @${STRIP_CMD} ${STAGEDIR}${PREFIX}/bin/* +# @${RMDIR} ${STAGEDIR}${PREFIX}/include/sha1dc/bin \ +# ${STAGEDIR}${PREFIX}/include/sha1dc/lib + +.include Index: security/sha1collisiondetection/distinfo =================================================================== --- /dev/null +++ security/sha1collisiondetection/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1489459273 +SHA256 (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = ab1a5624d12417b5af9ffe6662546b6932c39c0e4c4bef822851a2d0e53df790 +SIZE (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = 778302 Index: security/sha1collisiondetection/pkg-descr =================================================================== --- /dev/null +++ security/sha1collisiondetection/pkg-descr @@ -0,0 +1,16 @@ +This library and command line tool were designed as near drop-in +replacements for common SHA-1 libraries and sha1sum. They will compute +the SHA-1 hash of any given file and additionally will detect +cryptanalytic collision attacks against SHA-1 present in each file. +It is very fast and takes less than twice the amount of time as +regular SHA-1. + +There are two programs: sha1dcsum and sha1dcsum_partialcoll. +The first program, sha1dcsum, will detect and warn for files that were +generated with a cryptanalytic SHA-1 collision attack like the one +documented at https://shattered.io/. The second program, +sha1dcsum_partialcoll, will detect and warn for files that were +generated with a cryptanalytic collision attack against reduced- +round SHA-1 (of which there are a few examples so far). + +WWW: https://github.com/cr-marcstevens/sha1collisiondetection