summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authoragc <agc@pkgsrc.org>2019-01-21 06:59:58 +0000
committeragc <agc@pkgsrc.org>2019-01-21 06:59:58 +0000
commit97231f742dc1ee7430a70b75794ba403732f4743 (patch)
tree6c4ae01823747c036b2f38584e775604c140a935 /security
parentbd6f75a4e1ce9a51c530ceeea9f5c2493961cf27 (diff)
downloadpkgsrc-97231f742dc1ee7430a70b75794ba403732f4743.tar.gz
Update security/bearssl from 0.5 to 0.6
Changes since previous version: + Added general-purpose implementations of EAX and CCM modes (including shared precomputation support for EAX). + Added general-purpose RSA/OAEP implementation. + Added general-purpose HKDF implementation. + Added support for CCM and CCM_8 TLS cipher suites (RFC 6655 and RFC 7251). + Added RSA and EC key generation. + Added private key encoding support ("raw" and PKCS#8 formats, both in DER and PEM, for RSA and EC key pairs). + Made Base64 encoding/decoding constant-time (with regards to the encoded data bytes). + Added a generic API for random seed providers. + Added an extra DRBG based on AES/CTR + Hirose construction for reseeding. + Some cosmetic fixes to avoid warnings with picky compilers. + Makefile fix to achieve compatibility with OpenBSD. + Fixed a bug in bit length computation for big integers (this was breaking RSA signatures with some specific implementations and key lengths). + Made SSL/TLS client stricter in cipher suite selection (to align with server behaviour).
Diffstat (limited to 'security')
-rw-r--r--security/bearssl/Makefile4
-rw-r--r--security/bearssl/PLIST3
-rw-r--r--security/bearssl/distinfo12
-rw-r--r--security/bearssl/patches/patch-conf_Unix.mk11
4 files changed, 16 insertions, 14 deletions
diff --git a/security/bearssl/Makefile b/security/bearssl/Makefile
index 63a4c2f5a07..8b22e097973 100644
--- a/security/bearssl/Makefile
+++ b/security/bearssl/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.5 2018/02/07 11:52:56 maya Exp $
+# $NetBSD: Makefile,v 1.6 2019/01/21 06:59:58 agc Exp $
-DISTNAME= bearssl-0.5
+DISTNAME= bearssl-0.6
CATEGORIES= security
MASTER_SITES= https://bearssl.org/
diff --git a/security/bearssl/PLIST b/security/bearssl/PLIST
index 7695f905a4a..55c24f3304c 100644
--- a/security/bearssl/PLIST
+++ b/security/bearssl/PLIST
@@ -1,10 +1,11 @@
-@comment $NetBSD: PLIST,v 1.2 2018/02/07 11:52:56 maya Exp $
+@comment $NetBSD: PLIST,v 1.3 2019/01/21 06:59:58 agc Exp $
bin/brssl
include/bearssl.h
include/bearssl_aead.h
include/bearssl_block.h
include/bearssl_ec.h
include/bearssl_hash.h
+include/bearssl_kdf.h
include/bearssl_hmac.h
include/bearssl_pem.h
include/bearssl_prf.h
diff --git a/security/bearssl/distinfo b/security/bearssl/distinfo
index 83a4fd7649d..fa3cf8d0e43 100644
--- a/security/bearssl/distinfo
+++ b/security/bearssl/distinfo
@@ -1,7 +1,7 @@
-$NetBSD: distinfo,v 1.4 2018/02/07 11:52:56 maya Exp $
+$NetBSD: distinfo,v 1.5 2019/01/21 06:59:58 agc Exp $
-SHA1 (bearssl-0.5.tar.gz) = c2c202803454c35a4a271d9f5e518295b8d76e01
-RMD160 (bearssl-0.5.tar.gz) = 5974baced77d83aace5a5eea31a3810d93a26e28
-SHA512 (bearssl-0.5.tar.gz) = 1bd510f62f36620cda5317509e72bd0c6f3538c30aca2695e80c26d1ea7270d174ed3fbb6d690b3ced5d51ce3f6bfc776d78a196492900296a452bc4c8185e45
-Size (bearssl-0.5.tar.gz) = 666905 bytes
-SHA1 (patch-conf_Unix.mk) = 452629d96619ddd63a726b2ae933610187d31a68
+SHA1 (bearssl-0.6.tar.gz) = 443761821576544cd539206b1aba99a647b3137a
+RMD160 (bearssl-0.6.tar.gz) = 15cbb065fcccfac434e097a98e054d3b0498e2ea
+SHA512 (bearssl-0.6.tar.gz) = f9ed25683cfc6c4abe7f1203a2b82ed101ee4c9e0f9ab60755b6a09c8d1e8e4f64d413624e7bb9c4b0033f909a2e4568a1d916cc6ce4736222900691e1f8359a
+Size (bearssl-0.6.tar.gz) = 765094 bytes
+SHA1 (patch-conf_Unix.mk) = 5f85f1803b1e631a6011e3f8fc70aea2c1305d7a
diff --git a/security/bearssl/patches/patch-conf_Unix.mk b/security/bearssl/patches/patch-conf_Unix.mk
index 9e703dab78d..16ce1107a4f 100644
--- a/security/bearssl/patches/patch-conf_Unix.mk
+++ b/security/bearssl/patches/patch-conf_Unix.mk
@@ -1,12 +1,13 @@
-$NetBSD: patch-conf_Unix.mk,v 1.1 2017/09/22 22:00:57 wiedi Exp $
+$NetBSD: patch-conf_Unix.mk,v 1.2 2019/01/21 06:59:58 agc Exp $
Don't overwrite LDFLAGS
---- conf/Unix.mk.orig 2017-04-03 19:42:14.000000000 +0000
-+++ conf/Unix.mk
-@@ -53,7 +53,7 @@ LDDLLOUT = -o
+
+--- conf/Unix.mk.orig 2018-08-14 13:41:54.000000000 -0700
++++ conf/Unix.mk 2019-01-20 22:50:36.191161113 -0800
+@@ -53,7 +53,7 @@
# Static linker.
- LD = gcc
+ LD = cc
-LDFLAGS =
+#LDFLAGS =
LDOUT = -o