Page MenuHomeFreeBSD
Differential D42000

security/clevis: NEW PORT a pluggable framework for automated decryption
AbandonedPublic
Actions

Authored by dch on Sep 27 2023, 3:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Thu, Aug 7, 4:59 PM
Unknown Object (File)
Fri, Jul 25, 11:58 AM
Unknown Object (File)
Fri, Jul 25, 11:08 AM
Unknown Object (File)
Thu, Jul 24, 6:11 AM
Unknown Object (File)
Jul 9 2025, 8:44 AM
Unknown Object (File)
Jul 8 2025, 2:24 PM
Unknown Object (File)
Jul 5 2025, 9:40 AM
Unknown Object (File)
Jul 4 2025, 9:41 PM
View All 44 Files
Subscribers
mat

Details

Reviewers
None
Summary

Using security/tang as an example, it is possible for clevis to retrieve
a previously encrypted secret from the stateless tang server, without
the server having any knowledge of the secret.

Plugins, called pins, can be nested and combined in various ways,
from network presence, to Shamir secret sharing, and TPM2 hardware.

WIP - requires changes upstream.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 53745
Build 50636: arc lint + arc unit

Revision Contents
Changeset List

PathSize
security/
1 line
clevis/
26 lines
3 lines
20 lines

Diff 127867

View Options

security/Makefile

Loading...
View Options

security/clevis/Makefile

Loading...
View Options

security/clevis/distinfo

Loading...
View Options

security/clevis/pkg-descr

Loading...