From 5fdae90f6a18500b684d72a138590dbd6f9c9f2e Mon Sep 17 00:00:00 2001 From: bentley Date: Wed, 17 Jul 2019 08:24:03 +0000 Subject: [PATCH] Import minisign-0.8. Minisign is a dead simple tool to sign files and verify signatures. It is portable, lightweight, and uses the highly secure Ed25519 public-key signature system. Signatures written by minisign can be verified using OpenBSD's signify tool: public key files and signature files are compatible. However, minisign uses a slightly different format to store secret keys. Minisign signatures include trusted comments in addition to untrusted comments. Trusted comments are signed, thus verified, before being displayed. This adds two lines to the signature files, that signify silently ignores. ok sthen@ --- security/minisign/Makefile | 25 +++++++++++++++++++++++++ security/minisign/distinfo | 2 ++ security/minisign/pkg/DESCR | 13 +++++++++++++ security/minisign/pkg/PLIST | 3 +++ 4 files changed, 43 insertions(+) create mode 100644 security/minisign/Makefile create mode 100644 security/minisign/distinfo create mode 100644 security/minisign/pkg/DESCR create mode 100644 security/minisign/pkg/PLIST diff --git a/security/minisign/Makefile b/security/minisign/Makefile new file mode 100644 index 00000000000..8bcf1e63d45 --- /dev/null +++ b/security/minisign/Makefile @@ -0,0 +1,25 @@ +# $OpenBSD: Makefile,v 1.1.1.1 2019/07/17 08:24:03 bentley Exp $ + +COMMENT = dead simple tool to sign files and verify digital signatures + +GH_ACCOUNT = jedisct1 +GH_PROJECT = minisign +GH_TAGNAME = 0.8 + +CATEGORIES = security sysutils + +HOMEPAGE = https://jedisct1.github.io/minisign/ + +# ISC +PERMIT_PACKAGE = Yes + +WANTLIB += c sodium + +MODULES = devel/cmake +LIB_DEPENDS = security/libsodium + +CONFIGURE_ARGS = -DCMAKE_C_FLAGS="-I${LOCALBASE}/include ${CFLAGS}" + +NO_TEST = Yes + +.include diff --git a/security/minisign/distinfo b/security/minisign/distinfo new file mode 100644 index 00000000000..7c2038f626a --- /dev/null +++ b/security/minisign/distinfo @@ -0,0 +1,2 @@ +SHA256 (minisign-0.8.tar.gz) = Ew61JGB2vH7ELxNJWmATguVmu2czQw1Apo3l5Dp/EII= +SIZE (minisign-0.8.tar.gz) = 14045 diff --git a/security/minisign/pkg/DESCR b/security/minisign/pkg/DESCR new file mode 100644 index 00000000000..62b0978f69e --- /dev/null +++ b/security/minisign/pkg/DESCR @@ -0,0 +1,13 @@ +Minisign is a dead simple tool to sign files and verify signatures. + +It is portable, lightweight, and uses the highly secure Ed25519 public-key +signature system. + +Signatures written by minisign can be verified using OpenBSD's signify tool: +public key files and signature files are compatible. However, minisign uses +a slightly different format to store secret keys. + +Minisign signatures include trusted comments in addition to untrusted +comments. Trusted comments are signed, thus verified, before being +displayed. This adds two lines to the signature files, that signify +silently ignores. diff --git a/security/minisign/pkg/PLIST b/security/minisign/pkg/PLIST new file mode 100644 index 00000000000..fc9ad73fdaa --- /dev/null +++ b/security/minisign/pkg/PLIST @@ -0,0 +1,3 @@ +@comment $OpenBSD: PLIST,v 1.1.1.1 2019/07/17 08:24:03 bentley Exp $ +@bin bin/minisign +@man man/man1/minisign.1