Index: head/security/Makefile =================================================================== --- head/security/Makefile +++ head/security/Makefile @@ -1083,6 +1083,7 @@ SUBDIR += secure_delete SUBDIR += sguil SUBDIR += sha + SUBDIR += sha1collisiondetection SUBDIR += shibboleth2-sp SUBDIR += shimmer SUBDIR += shishi Index: head/security/sha1collisiondetection/Makefile =================================================================== --- head/security/sha1collisiondetection/Makefile +++ head/security/sha1collisiondetection/Makefile @@ -0,0 +1,36 @@ +# $FreeBSD$ + +PORTNAME= sha1collisiondetection +PORTVERSION= 1.0.2 +DISTVERSIONPREFIX= stable-v +CATEGORIES= security + +MAINTAINER= jharris@widomaker.com +COMMENT= Library and command line tool to detect SHA-1 collisions + +LICENSE= MIT +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +USE_GITHUB= yes +GH_ACCOUNT= cr-marcstevens + +USE_LDCONFIG= yes +ALL_TARGET= library tools + +USES= gmake libtool:build + +PLIST_FILES= bin/sha1dcsum \ + bin/sha1dcsum_partialcoll \ + include/sha1dc/sha1.h \ + lib/libsha1detectcoll.so \ + lib/libsha1detectcoll.so.0 \ + lib/libsha1detectcoll.so.0.0.0 +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/bin/.libs/sha1dcsum* ${STAGEDIR}${PREFIX}/bin + @${MKDIR} ${STAGEDIR}${PREFIX}/include/sha1dc + ${INSTALL_DATA} ${WRKSRC}/lib/sha1.h ${STAGEDIR}${PREFIX}/include/sha1dc + ${INSTALL_LIB} ${WRKSRC}/bin/.libs/libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib + ${LN} -sf ./libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib/libsha1detectcoll.so + ${LN} -sf ./libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib/libsha1detectcoll.so.0 + +.include Index: head/security/sha1collisiondetection/distinfo =================================================================== --- head/security/sha1collisiondetection/distinfo +++ head/security/sha1collisiondetection/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1489459273 +SHA256 (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = ab1a5624d12417b5af9ffe6662546b6932c39c0e4c4bef822851a2d0e53df790 +SIZE (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = 778302 Index: head/security/sha1collisiondetection/pkg-descr =================================================================== --- head/security/sha1collisiondetection/pkg-descr +++ head/security/sha1collisiondetection/pkg-descr @@ -0,0 +1,16 @@ +This library and command line tool were designed as near drop-in +replacements for common SHA-1 libraries and sha1sum. They will compute +the SHA-1 hash of any given file and additionally will detect +cryptanalytic collision attacks against SHA-1 present in each file. +It is very fast and takes less than twice the amount of time as +regular SHA-1. + +There are two programs: sha1dcsum and sha1dcsum_partialcoll. +The first program, sha1dcsum, will detect and warn for files that were +generated with a cryptanalytic SHA-1 collision attack like the one +documented at https://shattered.io/. The second program, +sha1dcsum_partialcoll, will detect and warn for files that were +generated with a cryptanalytic collision attack against reduced- +round SHA-1 (of which there are a few examples so far). + +WWW: https://github.com/cr-marcstevens/sha1collisiondetection