D42000.diff
No OneTemporary
Actions

Size

2 KB

Referenced Files

None

Subscribers

None

D42000.diff
View Options

	Index: security/Makefile
	===================================================================
	--- security/Makefile
	+++ security/Makefile
	@@ -94,6 +94,7 @@
	SUBDIR += clamfs
	SUBDIR += clamsmtp
	SUBDIR += clamtk
	+ SUBDIR += clevis
	SUBDIR += cloak
	SUBDIR += clusterssh
	SUBDIR += cops
	Index: security/clevis/Makefile
	===================================================================
	--- /dev/null
	+++ security/clevis/Makefile
	@@ -0,0 +1,26 @@
	+PORTNAME= clevis
	+DISTVERSION= 19
	+CATEGORIES= security
	+MASTER_SITES= https://github.com/latchset/${PORTNAME}/releases/download/v${DISTVERSION}/
	+
	+MAINTAINER= hdholm@alumni.iastate.edu
	+COMMENT= Tang is a small daemon for binding data to the presence of a network
	+WWW= https://github.com/latchset/clevis
	+
	+LICENSE= GPLv3
	+LICENSE_FILE= ${WRKSRC}/COPYING
	+
	+LIB_DEPENDS= libhttp_parser.so:www/http-parser \
	+ libjansson.so:devel/jansson \
	+ libjose.so:net/jose
	+BUILD_DEPENDS= a2x:textproc/asciidoc \
	+ ${LOCALBASE}/libdata/pkgconfig/jose.pc:net/jose \
	+ tang-show-keys:security/tang \
	+ tpm2:security/tpm2-tools \
	+ curl:ftp/curl
	+
	+USES= compiler:c11 cpe meson pkgconfig ssl tar:xz
	+
	+CPE_VENDOR= tang_project
	+
	+.include <bsd.port.mk>
	Index: security/clevis/distinfo
	===================================================================
	--- /dev/null
	+++ security/clevis/distinfo
	@@ -0,0 +1,3 @@
	+TIMESTAMP = 1695803760
	+SHA256 (clevis-19.tar.xz) = b34e97d72cf59feb56875bfccd6732d8b3d2751714da799a6a6a388cfe234b55
	+SIZE (clevis-19.tar.xz) = 66376
	Index: security/clevis/pkg-descr
	===================================================================
	--- /dev/null
	+++ security/clevis/pkg-descr
	@@ -0,0 +1,20 @@
	+Clevis is a pluggable framework for automated decryption, including supporting
	+security/tang, a server for binding data to network presence.
	+
	+This sounds fancy, but the concept is simple. You have some data, but you only
	+want it to be available when the system containing the data is on a certain,
	+usually secure, network. This is where Tang comes in.
	+
	+First, the client gets a list of the Tang server's advertised asymmetric keys.
	+This can happen online by a simple HTTP GET. Alternatively, since the keys are
	+asymmetric, the public key list can be distributed out of band.
	+
	+Second, the client uses one of these public keys to generate a unique,
	+cryptographically strong encryption key. The data is then encrypted using this
	+key. Once the data is encrypted, the key is discarded. Some small metadata is
	+produced as part of this operation which the client should store in a convenient
	+location. This process of encrypting data is the provisioning step.
	+
	+Third, when the client is ready to access its data, it simply loads the metadata
	+produced in the provisioning step and performs an HTTP POST in order to recover
	+the encryption key. This process is the recovery step.

File Metadata

Mime Type: text/plain
Expires: Thu, Apr 9, 6:44 PM (17 m, 47 s)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 31153613
Default Alt Text: D42000.diff (2 KB)

D42000.diffNo OneTemporaryActions

D42000.diffView Options

File Metadata

Event Timeline

D42000.diff
No OneTemporary
Actions

D42000.diff
View Options