Date: Mon, 10 May 2021 01:24:00 GMT From: Neel Chauhan <nc@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 996a6909ee6e - main - New port: security/tang: Small daemon for binding data to the presence of a network Message-ID: <202105100124.14A1O0nm042375@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by nc: URL: https://cgit.FreeBSD.org/ports/commit/?id=996a6909ee6ea04ffc6962af5167811629275096 commit 996a6909ee6ea04ffc6962af5167811629275096 Author: Howard Holm <hdholm@alumni.iastate.edu> AuthorDate: 2021-05-10 01:21:25 +0000 Commit: Neel Chauhan <nc@FreeBSD.org> CommitDate: 2021-05-10 01:23:51 +0000 New port: security/tang: Small daemon for binding data to the presence of a network PR: 255694 --- security/Makefile | 1 + security/tang/Makefile | 30 ++++++++++++++++++++++++++++++ security/tang/distinfo | 3 +++ security/tang/pkg-descr | 21 +++++++++++++++++++++ security/tang/pkg-plist | 8 ++++++++ 5 files changed, 63 insertions(+) diff --git a/security/Makefile b/security/Makefile index 3b7a39ce0043..4a9d1a08c053 100644 --- a/security/Makefile +++ b/security/Makefile @@ -1245,6 +1245,7 @@ SUBDIR += swatchdog SUBDIR += symbion-sslproxy SUBDIR += tailscale + SUBDIR += tang SUBDIR += tclsasl SUBDIR += tcpcrypt SUBDIR += teleport diff --git a/security/tang/Makefile b/security/tang/Makefile new file mode 100644 index 000000000000..d916a0645df5 --- /dev/null +++ b/security/tang/Makefile @@ -0,0 +1,30 @@ +PORTNAME= tang +DISTVERSION= 10 +CATEGORIES= security + +MAINTAINER= hdholm@alumni.iastate.edu +COMMENT= Tang is a small daemon for binding data to the presence of a network + +LICENSE= GPLv3 +LICENSE_FILE= ${WRKSRC}/COPYING + +LIB_DEPENDS= libhttp_parser.so:www/http-parser \ + libjansson.so:devel/jansson \ + libjose.so:net/jose +RUN_DEPENDS= socat:net/socat +BUILD_DEPENDS= a2x:textproc/asciidoc \ + ${LOCALBASE}/libdata/pkgconfig/jose.pc:net/jose \ + socat:net/socat + +USES= compiler:c11 meson ninja pkgconfig +USE_GITHUB= yes +GH_ACCOUNT= latchset +GH_TAGNAME= v10 +USE_LDCONFIG= yes + +INSTALL_TARGET= install-strip + +post-install: + ${MKDIR} -m 0700 ${STAGEDIR}/var/db/tang + +.include <bsd.port.mk> diff --git a/security/tang/distinfo b/security/tang/distinfo new file mode 100644 index 000000000000..acc4a39838f3 --- /dev/null +++ b/security/tang/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1620421972 +SHA256 (latchset-tang-10-v10_GH0.tar.gz) = 168ceee00bcf1da3d4e595285947fdcd5822b2e4e5cdb4b0e69b450b2cac2ba6 +SIZE (latchset-tang-10-v10_GH0.tar.gz) = 36469 diff --git a/security/tang/pkg-descr b/security/tang/pkg-descr new file mode 100644 index 000000000000..9e9183b65d76 --- /dev/null +++ b/security/tang/pkg-descr @@ -0,0 +1,21 @@ +Tang is a server for binding data to network presence. + +This sounds fancy, but the concept is simple. You have some data, but you only +want it to be available when the system containing the data is on a certain, +usually secure, network. This is where Tang comes in. + +First, the client gets a list of the Tang server's advertised asymmetric keys. +This can happen online by a simple HTTP GET. Alternatively, since the keys are +asymmetric, the public key list can be distributed out of band. + +Second, the client uses one of these public keys to generate a unique, +cryptographically strong encryption key. The data is then encrypted using this +key. Once the data is encrypted, the key is discarded. Some small metadata is +produced as part of this operation which the client should store in a convenient +location. This process of encrypting data is the provisioning step. + +Third, when the client is ready to access its data, it simply loads the metadata +produced in the provisioning step and performs an HTTP POST in order to recover +the encryption key. This process is the recovery step. + +WWW: https://github.com/latchset/tang diff --git a/security/tang/pkg-plist b/security/tang/pkg-plist new file mode 100644 index 000000000000..746dacbd853c --- /dev/null +++ b/security/tang/pkg-plist @@ -0,0 +1,8 @@ +libexec/tangd +man/man1/tang-show-keys.1.gz +man/man8/tang.8.gz +libexec/tangd-keygen +libexec/tangd-rotate-keys +bin/tang-show-keys +etc/rc.d/tangd +@dir /var/db/tang
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202105100124.14A1O0nm042375>