svn commit: r436154 - in head/security: . sha1collisiondetection

Joseph Mingrone jrm at FreeBSD.org
Tue Mar 14 14:17:33 UTC 2017


Author: jrm
Date: Tue Mar 14 14:17:31 2017
New Revision: 436154
URL: https://svnweb.freebsd.org/changeset/ports/436154

Log:
  security/sha1collisiondetection: a tool to detect SHA-1 collisions
  
  https://github.com/cr-marcstevens/sha1collisiondetection
  
  PR:		217733
  Submitted by:	jharris at widomaker.com (maintainer)
  Reviewed by:	mat
  Approved by:	swills (mentor, implicit)
  Differential Revision:	https://reviews.freebsd.org/D9998

Added:
  head/security/sha1collisiondetection/
  head/security/sha1collisiondetection/Makefile   (contents, props changed)
  head/security/sha1collisiondetection/distinfo   (contents, props changed)
  head/security/sha1collisiondetection/pkg-descr   (contents, props changed)
Modified:
  head/security/Makefile

Modified: head/security/Makefile
==============================================================================
--- head/security/Makefile	Tue Mar 14 13:46:14 2017	(r436153)
+++ head/security/Makefile	Tue Mar 14 14:17:31 2017	(r436154)
@@ -1083,6 +1083,7 @@
     SUBDIR += secure_delete
     SUBDIR += sguil
     SUBDIR += sha
+    SUBDIR += sha1collisiondetection
     SUBDIR += shibboleth2-sp
     SUBDIR += shimmer
     SUBDIR += shishi

Added: head/security/sha1collisiondetection/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/sha1collisiondetection/Makefile	Tue Mar 14 14:17:31 2017	(r436154)
@@ -0,0 +1,36 @@
+# $FreeBSD$
+
+PORTNAME=	sha1collisiondetection
+PORTVERSION=	1.0.2
+DISTVERSIONPREFIX=	stable-v
+CATEGORIES=	security
+
+MAINTAINER=	jharris at widomaker.com
+COMMENT=	Library and command line tool to detect SHA-1 collisions
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE.txt
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	cr-marcstevens
+
+USE_LDCONFIG=	yes
+ALL_TARGET=	library tools
+
+USES=		gmake libtool:build
+
+PLIST_FILES=	bin/sha1dcsum \
+		bin/sha1dcsum_partialcoll \
+		include/sha1dc/sha1.h \
+		lib/libsha1detectcoll.so \
+		lib/libsha1detectcoll.so.0 \
+		lib/libsha1detectcoll.so.0.0.0
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/bin/.libs/sha1dcsum* ${STAGEDIR}${PREFIX}/bin
+	@${MKDIR} ${STAGEDIR}${PREFIX}/include/sha1dc
+	${INSTALL_DATA} ${WRKSRC}/lib/sha1.h ${STAGEDIR}${PREFIX}/include/sha1dc
+	${INSTALL_LIB} ${WRKSRC}/bin/.libs/libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib
+	${LN} -sf ./libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib/libsha1detectcoll.so
+	${LN} -sf ./libsha1detectcoll.so.0.0.0 ${STAGEDIR}${PREFIX}/lib/libsha1detectcoll.so.0
+
+.include <bsd.port.mk>

Added: head/security/sha1collisiondetection/distinfo
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/sha1collisiondetection/distinfo	Tue Mar 14 14:17:31 2017	(r436154)
@@ -0,0 +1,3 @@
+TIMESTAMP = 1489459273
+SHA256 (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = ab1a5624d12417b5af9ffe6662546b6932c39c0e4c4bef822851a2d0e53df790
+SIZE (cr-marcstevens-sha1collisiondetection-stable-v1.0.2_GH0.tar.gz) = 778302

Added: head/security/sha1collisiondetection/pkg-descr
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/sha1collisiondetection/pkg-descr	Tue Mar 14 14:17:31 2017	(r436154)
@@ -0,0 +1,16 @@
+This library and command line tool were designed as near drop-in
+replacements for common SHA-1 libraries and sha1sum. They will compute
+the SHA-1 hash of any given file and additionally will detect
+cryptanalytic collision attacks against SHA-1 present in each file.
+It is very fast and takes less than twice the amount of time as
+regular SHA-1.
+
+There are two programs:  sha1dcsum and sha1dcsum_partialcoll.
+The first program, sha1dcsum, will detect and warn for files that were
+generated with a cryptanalytic SHA-1 collision attack like the one
+documented at https://shattered.io/. The second program,
+sha1dcsum_partialcoll, will detect and warn for files that were
+generated with a cryptanalytic collision attack against reduced-
+round SHA-1 (of which there are a few examples so far).
+
+WWW: https://github.com/cr-marcstevens/sha1collisiondetection


More information about the svn-ports-head mailing list