The Yubico PIV tool is used for interacting with the Privilege and
Identification Card (PIV) application on a YubiKey.
With it you may generate keys on the device, importing keys and
certificates, and create certificate requests, and other operations. A
shared library and a command-line tool is included.
ClamFS is a FUSE-based user-space file system for Linux with
on-access anti-virus file scanning through clamd daemon
Features
- User-space file system
- Configuration stored in XML files
- FUSE used as file system back-end
- Scan files using ClamAV
- ScanCache speeds up file access
- Sends mail to administrator when detect virus
WWW: http://clamfs.sourceforge.net/
PR: 201063
Submitted by: Mageirias Anastasios <anastmag@gmail.com>, lightside@gmx.com
Open, free and uncensorable websites, using Bitcoin cryptography
and BitTorrent network.
Features:
* Real-time updated sites
* Namecoin .bit domains support
* Easy to setup: unpack & run
* Clone websites in one click
* Password-less BIP32 based authorization: Your account is protected
by the same cryptography as your Bitcoin wallet
* Built-in SQL server with P2P data synchronization: Allows easier site
development and faster page load times
* Anonymity: Full Tor network support with .onion hidden services instead
of IPv4 addresses
* TLS encrypted connections
* Automatic uPnP port opening
* Plugin for multiuser (openproxy) support
* Works with any browser/OS
WWW: https://zeronet.io/
PR: 209735
Submitted by: Yuri Victorovich <yuri@rawbw.com>
low-level implementation for verifying tokens locally and clients for multiple
versions of the Yubico validation web service. The primary audience is
developers who wish to verify YubiKey tokens in their applications, presumably
as part of a multi-factor authentication scheme.
WWW: https://pypi.python.org/pypi/YubiOTP
letskencrypt is a client for Let's Encrypt users designed for
security written in C. This is the -portable version.
- Use Github not kritaps.bsd.lv for versioned tarball
Differential Revision: D6649
Airbrussh is a concise log formatter for Capistrano and SSHKit. It displays
well-formatted, useful log output that is easy to read. Airbrussh also saves
Capistrano's verbose output to a separate log file just in case you need
additional details for troubleshooting.
WWW: https://github.com/mattbrictson/airbrussh
Curve25519 is a state-of-the-art Diffie-Hellman function suitable for a wide
variety of applications.
Given a user's 32-byte secret key, Curve25519 computes the user's 32-byte public
key. Given the user's 32-byte secret key and another user's 32-byte public key,
Curve25519 computes a 32-byte secret shared by the two users. This secret can
then be used to authenticate and encrypt messages between the two users.
WWW: http://search.cpan.org/dist/Crypt-Curve25519/
This is a crypto library for Ada with a nice API and is written for the
i386 and x86_64 hardware architecture.
Symmetric cryptography supported:
* Blockciphers: AES, Twofish, 3DES, Serpent
* Hash functions: SHA-1, SHA-256, SHA-384, SHA-512, Whirlpool
* MACs: RMAC, HMAC, CMAC
* Modes of operation: BPS, CFB, Ctr, OFB
* Authenticated Encryption Schemes: OCB, SIV, McOE
Assymmetric cryptography supported:
* DSA signature scheme
* OEAP-RSA
* ECDSA, ECDH
Unsigned big number library features:
* Primary cyclic group arithmetic (Z_p)
* Binary Field arithmetic support
* Elliptic Curve arithmetic
Python Social Auth is an easy-to-setup social authentication/registration
mechanism with support for several frameworks and auth providers.
WWW: https://github.com/omab/python-social-auth
Akmos is a cryptographic library with CLI.
It supports:
- symmetric ciphering;
- computing message digests (hashes);
- calculating a message authentication code (MAC);
Depends only on the standard C library.
Primary develop for the x86_64 architecture.
WWW: https://github.com/melanhit/akmos
PR: 206987
Submitted by: Andrew Romanenko <melanhit@gmail.com>
2016-03-15 www/eaccelerator: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70)
2016-03-15 devel/pecl-inclued: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70)
2016-03-15 security/pecl-taint: cannot be installed: doesn't work with lang/php56 port (doesn't support PHP 5.5 5.6 70)
been renamed and rearranged. The graphical user interface provided by
security/openvas-client has been discontinued. Instead there is now a
web interface provided by security/greenbone-security-assistant and a
command-line interface provided by security/openvas-client.
The main feature that makes Cisco-torch different from similar
tools is the extensive use of forking to launch multiple scanning
processes on the background for maximum scanning efficiency. Also,
it uses several methods of application layer fingerprinting simultaneously,
if needed. We wanted something fast to discover remote Cisco hosts running
Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks
against the services discovered.
WWW: http://www.hackingciscoexposed.com/?link=tools
PR: 207221
Submitted by: Rihaz Jerrin <rihaz.jerrin@gmail.com>
- Repo-copy of security/openssl
- Remove unneeded USE_OPENSSL check
- Add and normalize CONFLICTS
- Put OPTIONS into GROUPS for ciphers, hashes, protocols and optimizations
- Add more configurable ciphers, hashes and protocols
- Sort <OPT>_DESC alphabetically
- Reword <OPT>_DESC after grouping, add (comment)
- Rewrite ${PORT_OPTIONS:M<OPT>} to <OPT>_<FEATURE>_* where possible
- Rewrite ${PORT_OPTIONS:M<OPT>} to target-<OPT>-on where possible
- Rewrite do-configure target to HAS_CONFIGURE/CONFIGURE_SCRIPT
- Rewrite (regression-)test target to TEST_TARGET
- Add NPN support patch from [1]
- Remove 1.0.2 specific patches (Padlock and EVP_MD_CTX_FLAG_ONESHOT)
- Disable obsolete, broken and obscure features
[1] https://github.com/openssl/openssl/pull/757
Reviewed by: koobs (mentor)
Approved by: koobs (mentor)
Differential Revision: D5484
- While I'm here:
- Remove LOCALBASE/bin from RUN_DEPENDS
- Use USES=shebangfix
- Use ETCDIR
- Add 000.letsencrypt.sh to SUB_FILES
- Remove GH_PROJECT
- Simplify Makefile
Letencrypt.sh is a pure BASH implementation of the ACME
protocol used by Lets Encrypt.
WWW: https://github.com/lukas2511/letsencrypt.sh
PR: 206375
Submitted by: Sascha Holzleiter <sascha@root-login.org>
stud is a network proxy that terminates TLS/SSL connections
and forwards the unencrypted traffic to some backend. It's
designed to handle 10s of thousands of connections
efficiently on multicore machines.
WWW: https://github.com/bumptech/stud
PR: 206134
Submitted by: Franz Bettag <franz bett ag>
Bindings to OpenSSL libssl and libcrypto, plus custom SSH pubkey
parsers. Supports RSA, DSA and NIST curves P-256, P-384 and P-521.
Cryptographic signatures can either be created and verified manually
or via x509 certificates. AES block cipher is used in CBC mode for
symmetric encryption; RSA for asymmetric (public key) encryption.
High-level envelope functions combine RSA and AES for encrypting
arbitrary sized data. Other utilities include key generators, hash
functions (md5, sha1, sha256, etc), base64 encoder, a secure random
number generator, and 'bignum' math methods for manually performing
crypto calculations on large multibyte integers.
WWW: https://cran.r-project.org/web/packages/openssl/
Bytes::Random::Secure provides two interfaces for obtaining crypto-quality
random bytes. The simple interface is built around plain functions. For greater
control over the Random Number Generator's seeding, there is an Object Oriented
interface that provides much more flexibility.
The "functions" interface provides functions that can be used any time you need
a string of a specific number of random bytes. The random bytes are available as
simple strings, or as hex-digits, Quoted Printable, or MIME Base64. There are
equivalent methods available from the OO interface, plus a few others.
This module can be a drop-in replacement for Bytes::Random, with the primary
enhancement of using a cryptographic-quality random number generator to create
the random data. The random_bytes function emulates the user interface of
Bytes::Random's function by the same name. But with Bytes::Random::Secure the
random number generator comes from Math::Random::ISAAC, and is suitable for
cryptographic purposes. The harder problem to solve is how to seed the
generator. This module uses Crypt::Random::Seed to generate the initial seeds
for Math::Random::ISAAC.
WWW: http://search.cpan.org/dist/Bytes-Random-Secure/
Crypt::Random::Seed is a simple mechanism to get strong randomness. The main
purpose of this module is to provide a simple way to generate a seed for a PRNG
such as Math::Random::ISAAC, for use in cryptographic key generation, or as the
seed for an upstream module such as Bytes::Random::Secure. Flags for requiring
non-blocking sources are allowed, as well as a very simple method for plugging
in a source.
WWW: http://search.cpan.org/dist/Crypt-Random-Seed/
Crypt::Random::TESHA2 implements userspace voodoo entropy. You should use a
proper O/S supplied entropy source such as /dev/random or the Win32 Crypt API.
WWW: http://search.cpan.org/dist/Crypt-Random-TESHA2/
- While I'm here, fix *_DEPENDS
This class is an authentication provider designed to authenticate users
against a database, using Dancer2::Plugin::DBIC to access a database.
See Dancer2::Plugin::Auth::Extensible for details on how to use
the authentication framework.
WWW: http://search.cpan.org/dist/Dancer2-Plugin-Auth-Extensible-Provider-DBIC/
PR: 206439
Submitted by: Henk van Oers <hvo.pm@xs4all.nl>
