diff options
Diffstat (limited to 'misc/ssss')
| -rw-r--r-- | misc/ssss/patches/0004-Remove-the-direct-PayPal-link.patch | 22 | ||||
| -rw-r--r-- | misc/ssss/patches/series | 1 | ||||
| -rw-r--r-- | misc/ssss/slack-desc | 2 | ||||
| -rw-r--r-- | misc/ssss/ssss.1 | 16 | ||||
| -rw-r--r-- | misc/ssss/ssss.1.html | 177 | ||||
| -rw-r--r-- | misc/ssss/ssss.SlackBuild | 92 | ||||
| -rw-r--r-- | misc/ssss/ssss.info | 12 |
7 files changed, 104 insertions, 218 deletions
diff --git a/misc/ssss/patches/0004-Remove-the-direct-PayPal-link.patch b/misc/ssss/patches/0004-Remove-the-direct-PayPal-link.patch new file mode 100644 index 0000000000..c208e18a71 --- /dev/null +++ b/misc/ssss/patches/0004-Remove-the-direct-PayPal-link.patch @@ -0,0 +1,22 @@ +From: Tomasz Buchert <tomasz@debian.org> +Date: Wed, 2 Sep 2015 20:29:18 +0200 +Subject: Remove the direct PayPal link + +--- + doc.html | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/doc.html b/doc.html +index 4c79856..d2d3102 100644 +--- a/doc.html ++++ b/doc.html +@@ -162,8 +162,7 @@ + <input name="no_note" value="1" type="hidden"> + <input name="currency_code" value="EUR" type="hidden"> + <p> +-If you like this software, think about donating some money via +- <input src="https://www.paypal.com/en_US/i/btn/x-click-but7.gif" name="submit" alt="PayPal" type="image">. ++If you like this software, think about donating some money (<a href="http://point-at-infinity.org/ssss/">information</a>). + </p> + </form> + <hr> diff --git a/misc/ssss/patches/series b/misc/ssss/patches/series new file mode 100644 index 0000000000..cf26d42e4c --- /dev/null +++ b/misc/ssss/patches/series @@ -0,0 +1 @@ +0004-Remove-the-direct-PayPal-link.patch diff --git a/misc/ssss/slack-desc b/misc/ssss/slack-desc index d80db2ad98..33bf2bcfc9 100644 --- a/misc/ssss/slack-desc +++ b/misc/ssss/slack-desc @@ -13,7 +13,7 @@ ssss: participants, each of which is allocated a share of the secret. ssss: The secret can only be reconstructed when the shares are combined ssss: together; individual shares are of no use on their own. ssss: -ssss: Homepage: http://point-at-infinity.org/ssss/ +ssss: ssss: ssss: ssss: diff --git a/misc/ssss/ssss.1 b/misc/ssss/ssss.1 index a429c634e9..3268f57ba3 100644 --- a/misc/ssss/ssss.1 +++ b/misc/ssss/ssss.1 @@ -1,10 +1,10 @@ -.TH ssss 1 User Manuals +.TH SSSS "1" "September 2023" "0.5" "SlackBuilds.org" .SH NAME ssss \- Split and Combine Secrets using Shamir's Secret Sharing Scheme. .SH SYNOPSIS -\fBssss-split -t \fIthreshold\fB -n \fIshares\fB [-w \fItoken\fB] [-s \fIlevel\fB] [-x] [-q] [-Q] [-D] [-v] +\fBssss-split -t \fIthreshold\fB -n \fIshares\fB [-w \fItoken\fB] [-s \fIlevel\fB] [-M] [-r] [-x] [-q] [-Q] [-D] [-v] -ssss-combine -t \fIthreshold\fB [-x] [-q] [-Q] [-D] [-v] +ssss-combine -t \fIthreshold\fB [-M] [-r -n \fIshares\fB] [-x] [-q] [-Q] [-D] [-v] \f1 .SH DESCRIPTION ssss is an implementation of Shamir's Secret Sharing Scheme. The program suite does both: the generation of shares for a known secret, and the reconstruction of a secret using user-provided shares. @@ -20,12 +20,18 @@ Specify the number of shares necessary to reconstruct the secret. \fB-n \fIshares\fB\f1 Specify the number of shares to be generated. .TP +\fB-M\f1 +Require a successful memory lock in order to proceed, and terminate if one was not obtained. Option is not available if the code was compiled with NOMLOCK. +.TP \fB-w \fItoken\fB\f1 Text token to name shares in order to avoid confusion in case one utilizes secret sharing to protect several independent secrets. The generated shares are prefixed by these tokens. .TP \fB-s \fIlevel\fB\f1 Enforce the scheme's security level (in bits). This option implies an upper bound for the length of the shared secret (shorter secrets are padded). Only multiples of 8 in the range from 8 to 1024 are allowed. If this option is ommitted (or the value given is 0) the security level is chosen automatically depending on the secret's length. The security level directly determines the length of the shares. .TP +\fB-r\f1 +Recovery mode: \fBssss-combine\f1 reads in a set of \fIt\f1 shares and reconstruct \fIn\f1 shares again. \fBssss-split\f1 doesn't generate shares randomly, but asks the secret and \fIt\f1 - 1 shares (secret is treated here as a share). Usable to recover forgotten shares. +.TP \fB-x\f1 Hex mode: use hexadecimal digits in place of ASCII characters for I/O. This is useful if one wants to protect binary data, like block cipher keys. .TP @@ -36,7 +42,7 @@ Quiet mode: disable all unnecessary output. Useful in scripts. Extra quiet mode: like \fB-q\f1, but also suppress warnings. .TP \fB-D\f1 -Disable the diffusion layer added in version 0.2. This option is needed when shares are combined that where generated with ssss version 0.1. +Disable the diffusion layer added in version 0.2. This option is needed when shares are combined that were generated with ssss version 0.1. .TP \fB-v\f1 Print version information. @@ -57,6 +63,6 @@ gpg -c < file.plain > file.encrypted .SH SECURITY \fBssss\f1 tries to lock its virtual address space into RAM for privacy reasons. But this may fail for two reasons: either the current uid doesn't permit page locking, or the RLIMIT_MEMLOCK is set too low. After printing a warning message \fBssss\f1 will run even without obtaining the desired mlock. .SH AUTHOR -This software (v0.5) was written in 2006 by B. Poettering (ssss AT point-at-infinity.org). Find the newest version of ssss on the project's homepage: \fBhttp://point-at-infinity.org/ssss/\f1. +The original software (v0.5) was written in 2006 by B. Poettering (ssss AT point-at-infinity.org). Find the newest version of ssss on the project's homepage: \fBhttp://point-at-infinity.org/ssss/\f1. The amended versions (v0.5.1+) were written between 2011..2020 by Jon D Frisby (jfrisby AT mrjoy.com). Find the newest version on github: \fBhttps://github.com/MrJoy/ssss\f1. .SH FURTHER READING \fBhttp://en.wikipedia.org/wiki/Secret_sharing\f1 diff --git a/misc/ssss/ssss.1.html b/misc/ssss/ssss.1.html deleted file mode 100644 index cbcee6ee6f..0000000000 --- a/misc/ssss/ssss.1.html +++ /dev/null @@ -1,177 +0,0 @@ -<body text="#000000" link="#0000ff" bgcolor="#ffffff"><center><table width="80%"> -<tr><td><h1>ssss</h1> -<h2>Split and Combine Secrets using Shamir's Secret Sharing Scheme.</h2> - - -<h2>Synopsis</h2> -<b> - ssss-split -t <em>threshold</em> -n <em>shares</em> [-w <em>token</em>] - [-s <em>level</em>] [-x] [-q] [-Q] [-D] [-v]<br> - - ssss-combine -t <em>threshold</em> [-x] [-q] [-Q] [-D] [-v]<br> - -</b> - - -<h2>Description</h2> - -<p>ssss is an implementation of Shamir's Secret Sharing Scheme. The -program suite does both: the generation of shares for a known secret, -and the reconstruction of a secret using user-provided shares.</p> - - - -<h2>Commands</h2> - - <p><b>ssss-split</b>: prompt the user for a secret and generate a set of - corresponding shares.</p> - - <p><b>ssss-combine</b>: read in a set of shares and reconstruct - the secret.</p> - - - -<h2>Options</h2> - - - -<p><b>-t <em>threshold</em></b></p> -<p>Specify the number of - shares necessary to reconstruct the secret.</p> - - - - -<p><b>-n <em>shares</em></b></p> - - <p>Specify the number of shares to be generated.</p> - - - - <p><b>-w <em>token</em></b></p> - - <p>Text token to name shares in order to avoid confusion in case one - utilizes secret sharing to protect several independent secrets. The - generated shares are prefixed by these tokens.</p> - - - - <p><b>-s <em>level</em></b></p> - - <p>Enforce the scheme's security level (in bits). This option - implies an upper bound for the length of the shared secret - (shorter secrets are padded). Only multiples of 8 in the range - from 8 to 1024 are allowed. If this option is ommitted (or the - value given is 0) the security level is chosen automatically - depending on the secret's length. The security level directly - determines the length of the shares.</p> - - - - <p><b>-x</b></p> - - <p>Hex mode: use hexadecimal digits in place of ASCII characters for - I/O. This is useful if one wants to protect binary data, like - block cipher keys.</p> - - - - <p><b>-q</b></p> - - <p>Quiet mode: disable all unnecessary output. Useful in scripts. - </p> - - - <p><b>-Q</b></p> - - <p>Extra quiet mode: like <b>-q</b>, but also suppress -warnings.</p> - - - - <p><b>-D</b></p> - - <p>Disable the diffusion layer added in version 0.2. This option - is needed when shares are combined that where generated with - ssss version 0.1.</p> - - - - <p><b>-v</b></p> - - <p>Print version information.</p> - - - - -<h2>Example</h2> - -<p> - In case you want to protect your login password with a set of ten - shares in such a way that any three of them can reconstruct the - password, you simply run the command -</p> - -<p> - ssss-split -t 3 -n 10 -w passwd -</p> - -<p> - To reconstruct the password pass three of the generated shares - (in any order) to -</p> - -<p> - ssss-combine -t 3 -</p> - - - -<h2>Notes</h2> - -<p> -To protect a secret larger than 1024 bits a hybrid technique has to be -applied: encrypt the secret with a block cipher and apply secret -sharing to just the key. Among others openssl and gpg can do the -encryption part: -</p> -<p> -openssl bf -e < file.plain > file.encrypted -</p> -<p> -gpg -c < file.plain > file.encrypted -</p> - - - - -<h2>Security</h2> - -<p> -<b>ssss</b> tries to lock its virtual address space into RAM for -privacy reasons. But this may fail for two reasons: either the current uid -doesn't permit page locking, or the RLIMIT_MEMLOCK is set too -low. After printing a warning message <b>ssss</b> will run even without -obtaining the desired mlock. -</p> - - - - -<h2>Author</h2> - - This software (v0.5) was written in 2006 by B. Poettering - (ssss AT point-at-infinity.org). Find the newest version of - ssss on the project's homepage: <a href = "http://point-at-infinity.org/ssss/">http://point-at-infinity.org/ssss/</a>. - - - -<h2>Further reading</h2> - - <a href = "http://en.wikipedia.org/wiki/Secret_sharing">http://en.wikipedia.org/wiki/Secret_sharing</a> - - - - -</td></tr></table></center> -</body> diff --git a/misc/ssss/ssss.SlackBuild b/misc/ssss/ssss.SlackBuild index 8e97646aa6..27c75fc97f 100644 --- a/misc/ssss/ssss.SlackBuild +++ b/misc/ssss/ssss.SlackBuild @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # Slackware build script for ssss @@ -23,13 +23,29 @@ # OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# markus reichelt, slackbuilds@mareichelt.de, 0xCCEEF115 +# markus reichelt, email removed. # 2011 Apr 07 - initial release +# 20230911 bkw: update for v0.5.7. +# - switch to MrJoy's fork, which has some minor enhancements. +# - get rid of ssss.1.html: the existing one in our repo is outdated, +# and the updated one doesn't build properly. it's the same content +# as the man page, anyway, so redundant. + +# 20230709 bkw: BUILD=2 +# - new maintainer. +# - man page symlinks to the actual command names. +# - borrow patches from Debian to fix a bug (bad use of memset) and +# clean up doc.html so it doesn't load an image from paypal.com every +# time you view it. + +cd $(dirname $0) ; CWD=$(pwd) + PRGNAM=ssss -VERSION=${VERSION:-0.5} -BUILD=${BUILD:-1} +VERSION=${VERSION:-0.5.7} +BUILD=${BUILD:-2} TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -39,23 +55,23 @@ if [ -z "$ARCH" ]; then esac fi -CWD=$(pwd) +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} if [ "$ARCH" = "i586" ]; then SLKCFLAGS="-O2 -march=i586 -mtune=i686" - LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" - LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" - LIBDIRSUFFIX="64" else SLKCFLAGS="-O2" - LIBDIRSUFFIX="" fi set -e @@ -63,37 +79,55 @@ set -e rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP -rm -rf $PRGNAM-$VERSION -tar xvf $CWD/$PRGNAM-$VERSION.tar.gz -cd $PRGNAM-$VERSION +rm -rf $PRGNAM-releases-v$VERSION +# 20230911 bkw: since upstream puts a / in the tag name (releases/v0.5.7), +# the magic github URL includes a "v" in the filename. +tar xvf $CWD/$PRGNAM-releases-v$VERSION.tar.gz +cd $PRGNAM-releases-v$VERSION chown -R root:root . -find -L . \ - \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; +find -L . -perm /111 -a \! -perm 755 -a -exec chmod 755 {} + -o \ + \! -perm /111 -a \! -perm 644 -a -exec chmod 644 {} + -mkdir -p $PKG/usr/bin $PKG/usr/man/man1 $PKG/usr/doc/$PRGNAM-$VERSION +# 20230709 bkw: Some patches taken from Debian's ssss-0.5-5. Don't +# need the Makefile patch, and the "man page" patch really patches the +# XML source to the man page, which doesn't help us because we can't +# rebuild the man page anyway. +# 20230911 bkw: no longer need the memset patch, upstream applied it already. +for i in $( cat $CWD/patches/series ); do + patch -p1 < $CWD/patches/$i +done -sed -i "s/-O2/${SLKCFLAGS}/" Makefile +# 20230709 bkw: No 'make install', so manual install. +PKGDOC=$PKG/usr/doc/$PRGNAM-$VERSION +PKGBIN=$PKG/usr/bin +PKGMAN1=$PKG/usr/man/man1 -make ssss-split -make ssss-combine +mkdir -p $PKGBIN $PKGDOC $PKGMAN1 -cp -a ssss-split ssss-combine $PKG/usr/bin -cp $CWD/ssss.1 $PKG/usr/man/man1/ +sed -i "s/-O2/${SLKCFLAGS}/" Makefile +# 20230709 bkw: 'make ssss.1' is supposed to build the man page, but +# fails. Original script author included the man page with the +# script. We can't do "make" with no argument here... +# 20230911 bkw: MrJoy's fork has a 'make install', but it doesn't do +# what we want. Manual install still works. +make ssss-split -find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ - | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true +# 20230709 bkw: ssss-combine is just a symlink. +cp -a ssss-split $PKGBIN +ln -s ssss-split $PKGBIN/ssss-combine -gzip -9 $PKG/usr/man/man1/ssss.1 +# 20230709 bkw: symlink the man pages to the actual command names, to +# avoid guesswork on the user's part. +gzip -9c < $CWD/ssss.1 > $PKGMAN1/ssss.1.gz +ln -s ssss.1.gz $PKGMAN1/ssss-split.1.gz +ln -s ssss.1.gz $PKGMAN1/ssss-combine.1.gz -cp -a HISTORY LICENSE doc.html $CWD/ssss.1.html $PKG/usr/doc/$PRGNAM-$VERSION -cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cp -a README* HISTORY* LICENSE* THANKS* doc.html $PKGDOC +cat $CWD/$PRGNAM.SlackBuild > $PKGDOC/$PRGNAM.SlackBuild mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/misc/ssss/ssss.info b/misc/ssss/ssss.info index 75cb36a54d..a19e09bb63 100644 --- a/misc/ssss/ssss.info +++ b/misc/ssss/ssss.info @@ -1,10 +1,10 @@ PRGNAM="ssss" -VERSION="0.5" -HOMEPAGE="http://point-at-infinity.org/ssss/" -DOWNLOAD="http://point-at-infinity.org/ssss/ssss-0.5.tar.gz" -MD5SUM="24227252aa195a146d09de1df10357a1" +VERSION="0.5.7" +HOMEPAGE="https://github.com/MrJoy/ssss/" +DOWNLOAD="https://github.com/MrJoy/ssss/archive/releases/v0.5.7/ssss-releases-v0.5.7.tar.gz" +MD5SUM="63c757d7b9a06e074d4a58193401cece" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" -MAINTAINER="markus reichelt" -EMAIL="slackbuilds@mareichelt.de" +MAINTAINER="B. Watson" +EMAIL="urchlay@slackware.uk" |