diff options
| author | wiz <wiz@pkgsrc.org> | 2017-04-01 17:01:51 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2017-04-01 17:01:51 +0000 |
| commit | c249822e3081bb7998f4b666e9cbff124e6bf8a3 (patch) | |
| tree | 81a10ef0c8fc44724ba7074c61eb4c88de755c57 /security/bearssl | |
| parent | 7c385bd3aa126992d9fe3bcf9f8b3590741f4383 (diff) | |
| download | pkgsrc-c249822e3081bb7998f4b666e9cbff124e6bf8a3.tar.gz | |
Import bearssl-0.3 as security/bearssl.
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
written in C. It aims at offering the following features:
* Be correct and secure. In particular, insecure protocol versions
and choices of algorithms are not supported, by design;
cryptographic algorithm implementations are constant-time by
default.
* Be small, both in RAM and code footprint. For instance, a minimal
server implementation may fit in about 20 kilobytes of compiled
code and 25 kilobytes of RAM.
* Be highly portable. BearSSL targets not only "big" operating
systems like Linux and Windows, but also small embedded systems
and even special contexts like bootstrap code.
* Be feature-rich and extensible. SSL/TLS has many defined cipher
suites and extensions; BearSSL should implement most of them,
and allow extra algorithm implementations to be added afterwards,
possibly from third parties.
bearssl is considered alpha-quality software, which means that it
runs but it probably has bugs, some of which being certainly
exploitable vulnerabilities.
Diffstat (limited to 'security/bearssl')
| -rw-r--r-- | security/bearssl/DESCR | 24 | ||||
| -rw-r--r-- | security/bearssl/Makefile | 28 | ||||
| -rw-r--r-- | security/bearssl/PLIST | 15 | ||||
| -rw-r--r-- | security/bearssl/distinfo | 6 |
4 files changed, 73 insertions, 0 deletions
diff --git a/security/bearssl/DESCR b/security/bearssl/DESCR new file mode 100644 index 00000000000..58687be05a2 --- /dev/null +++ b/security/bearssl/DESCR @@ -0,0 +1,24 @@ +BearSSL is an implementation of the SSL/TLS protocol (RFC 5246) +written in C. It aims at offering the following features: + +* Be correct and secure. In particular, insecure protocol versions + and choices of algorithms are not supported, by design; + cryptographic algorithm implementations are constant-time by + default. + +* Be small, both in RAM and code footprint. For instance, a minimal + server implementation may fit in about 20 kilobytes of compiled + code and 25 kilobytes of RAM. + +* Be highly portable. BearSSL targets not only "big" operating + systems like Linux and Windows, but also small embedded systems + and even special contexts like bootstrap code. + +* Be feature-rich and extensible. SSL/TLS has many defined cipher + suites and extensions; BearSSL should implement most of them, + and allow extra algorithm implementations to be added afterwards, + possibly from third parties. + +bearssl is considered alpha-quality software, which means that it +runs but it probably has bugs, some of which being certainly +exploitable vulnerabilities. diff --git a/security/bearssl/Makefile b/security/bearssl/Makefile new file mode 100644 index 00000000000..23436826c14 --- /dev/null +++ b/security/bearssl/Makefile @@ -0,0 +1,28 @@ +# $NetBSD: Makefile,v 1.1 2017/04/01 17:01:51 wiz Exp $ + +DISTNAME= bearssl-0.3 +CATEGORIES= security +MASTER_SITES= https://bearssl.org/ + +MAINTAINER= pkgsrc-users@NetBSD.org +HOMEPAGE= https://bearssl.org/ +COMMENT= Implementation of the SSL/TLS protocol (RFC 5246) +LICENSE= mit + +INSTALLATION_DIRS= bin include lib + +do-install: + cd ${WRKSRC}/build && \ + ${INSTALL_DATA} brssl ${DESTDIR}${PREFIX}/bin + cd ${WRKSRC}/inc && \ + ${INSTALL_DATA} *.h ${DESTDIR}${PREFIX}/include + cd ${WRKSRC}/build && \ + ${INSTALL_LIB} libbearssl.* ${DESTDIR}${PREFIX}/lib + +do-test: + cd ${WRKSRC} && \ + ./build/testcrypto all && \ + ./build/testspeed all && \ + ./build/testx509 + +.include "../../mk/bsd.pkg.mk" diff --git a/security/bearssl/PLIST b/security/bearssl/PLIST new file mode 100644 index 00000000000..69b4949d3e5 --- /dev/null +++ b/security/bearssl/PLIST @@ -0,0 +1,15 @@ +@comment $NetBSD: PLIST,v 1.1 2017/04/01 17:01:51 wiz Exp $ +bin/brssl +include/bearssl.h +include/bearssl_block.h +include/bearssl_ec.h +include/bearssl_hash.h +include/bearssl_hmac.h +include/bearssl_pem.h +include/bearssl_prf.h +include/bearssl_rand.h +include/bearssl_rsa.h +include/bearssl_ssl.h +include/bearssl_x509.h +lib/libbearssl.a +lib/libbearssl.so diff --git a/security/bearssl/distinfo b/security/bearssl/distinfo new file mode 100644 index 00000000000..552f7f08114 --- /dev/null +++ b/security/bearssl/distinfo @@ -0,0 +1,6 @@ +$NetBSD: distinfo,v 1.1 2017/04/01 17:01:51 wiz Exp $ + +SHA1 (bearssl-0.3.tar.gz) = 2f16a6b14b0e43cdacaf89aea47836a8da685f7e +RMD160 (bearssl-0.3.tar.gz) = 9c2562eecbdf8c777fd605c32b7d61ebb47c4734 +SHA512 (bearssl-0.3.tar.gz) = 137540dfed9a281e8599c9c74951662733e7e53c7b8556e4b940dea556299ef008ac49c8c499d8439884842d9a07f95de01a323229f882748c64ee9e10ebc691 +Size (bearssl-0.3.tar.gz) = 612642 bytes |