diff options
-rw-r--r-- | system/scrypt/README | 40 | ||||
-rw-r--r-- | system/scrypt/passphrase-environ.patch.gz | bin | 0 -> 2654 bytes | |||
-rw-r--r-- | system/scrypt/scrypt.SlackBuild | 63 | ||||
-rw-r--r-- | system/scrypt/scrypt.info | 10 | ||||
-rw-r--r-- | system/scrypt/slack-desc | 16 |
5 files changed, 77 insertions, 52 deletions
diff --git a/system/scrypt/README b/system/scrypt/README index 90be1eb4e0cda..1e17314d7e373 100644 --- a/system/scrypt/README +++ b/system/scrypt/README @@ -1,11 +1,29 @@ -The scrypt key derivation function was originally developed for use in the -Tarsnap online backup system and is designed to be far more secure against -hardware brute-force attacks than alternative functions such as PBKDF2 or -bcrypt. - -This simple password-based encryption utility is available as a demonstration -of the scrypt key derivation function. On modern hardware and with default -parameters, the cost of cracking the password on a file encrypted by scrypt -enc is approximately 100 billion times more than the cost of cracking the same -password on a file encrypted by openssl enc; this means that a five-character -password using scrypt is stronger than a ten-character password using openssl. +The scrypt key derivation function was originally developed for use in +the Tarsnap online backup system and is designed to be far more secure +against hardware brute-force attacks than alternative functions such as +PBKDF2 or bcrypt. + +A simple password-based encryption utility is available as a +demonstration of the scrypt key derivation function. On modern hardware +and with default parameters, the cost of cracking the password on a file +encrypted by scrypt enc is approximately 100 billion times more than the +cost of cracking the same password on a file encrypted by openssl enc; +this means that a five-character password using scrypt is stronger than +a ten-character password using openssl. + +In addition to the scrypt command-line utility, a development library +libscrypt-kdf can be built and installed by setting the LIB environment +variable: LIB=yes ./scrypt.SlackBuild + +Before version 1.3.0 scrypt was able to read both passphrase and input +file from standard input. This stopped to work in 1.3.0. In future +versions it is planned to add an option to read passphrase using a +variety of methods. This SlackBuild can patch scrypt 1.3.0 to add the +option "--passphrase-env", which allows to read the passphrase from an +environment variable. To this end, set the PASS environment variable: +PASS=yes ./scrypt.SlackBuild + +The patch is taken fron the branch +https://github.com/Tarsnap/scrypt/tree/passphrase-environ + +Warning: using this patch is not officially supported by upstream. diff --git a/system/scrypt/passphrase-environ.patch.gz b/system/scrypt/passphrase-environ.patch.gz Binary files differnew file mode 100644 index 0000000000000..10f623ef05bdf --- /dev/null +++ b/system/scrypt/passphrase-environ.patch.gz diff --git a/system/scrypt/scrypt.SlackBuild b/system/scrypt/scrypt.SlackBuild index a9c388d70715b..bc6f1979fbd75 100644 --- a/system/scrypt/scrypt.SlackBuild +++ b/system/scrypt/scrypt.SlackBuild @@ -1,36 +1,34 @@ #!/bin/sh +# Slackware build script for scrypt + # Copyright (c) 2011-2013 LEVAI Daniel +# Copyright 2020, Alexander Verbovetsky, Moscow, Russia # All rights reserved. +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: # -# * Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# * Redistributions of source code must retain the above copyright notice -# this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. # -# THIS SOFTWARE IS PROVIDED ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -# INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -# AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -# COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -# EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=scrypt -VERSION=${VERSION:-1.2.1} -BUILD=${BUILD:-2} +VERSION=${VERSION:-1.3.0} +BUILD=${BUILD:-1} TAG=${TAG:-_SBo} if [ -z "$ARCH" ]; then case "$( uname -m )" in - i686) ARCH=i686 ;; i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; @@ -58,6 +56,9 @@ fi set -e +libscrypt_kdf="" +[ "${LIB:-no}" != "no" ] && libscrypt_kdf="--enable-libscrypt-kdf" + rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT cd $TMP @@ -67,15 +68,21 @@ cd $PRGNAM-$VERSION chown -R root:root . find -L . \ \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ - -o -perm 511 \) -exec chmod 755 {} \; -o \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ - -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; + +[ "${PASS:-no}" != "no" ] && \ + zcat $CWD/passphrase-environ.patch.gz | patch -p1 --verbose CFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --mandir=/usr/man \ - --docdir=/usr/doc \ + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc \ + --enable-static=no \ + $libscrypt_kdf \ --build=$ARCH-slackware-linux make make install DESTDIR=$PKG @@ -87,7 +94,7 @@ find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp $CWD/README FORMAT $PKG/usr/doc/$PRGNAM-$VERSION/ +cp -a FORMAT tests $PKG/usr/doc/$PRGNAM-$VERSION/ cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild mkdir -p $PKG/install diff --git a/system/scrypt/scrypt.info b/system/scrypt/scrypt.info index 9bbf775555291..20bb94ecf4de7 100644 --- a/system/scrypt/scrypt.info +++ b/system/scrypt/scrypt.info @@ -1,10 +1,10 @@ PRGNAM="scrypt" -VERSION="1.2.1" +VERSION="1.3.0" HOMEPAGE="http://www.tarsnap.com/scrypt.html" -DOWNLOAD="http://www.tarsnap.com/scrypt/scrypt-1.2.1.tgz" -MD5SUM="b33d22cd35032743047d30f1f5a49514" +DOWNLOAD="http://www.tarsnap.com/scrypt/scrypt-1.3.0.tgz" +MD5SUM="62a528a6b73bccb0f8b7665cbcfec0b8" DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" -MAINTAINER="LEVAI Daniel" -EMAIL="leva@ecentrum.hu" +MAINTAINER="Alexander Verbovetsky" +EMAIL="alik@ejik.org" diff --git a/system/scrypt/slack-desc b/system/scrypt/slack-desc index 379ee0fc64f4a..2141b59125a47 100644 --- a/system/scrypt/slack-desc +++ b/system/scrypt/slack-desc @@ -8,12 +8,12 @@ |-----handy-ruler------------------------------------------------------| scrypt: scrypt (scrypt encryption utility) scrypt: -scrypt: A simple password-based encryption utility that is a demonstration of -scrypt: the scrypt key derivation function. -scrypt: -scrypt: -scrypt: Homepage: http://www.tarsnap.com/scrypt.html -scrypt: -scrypt: -scrypt: +scrypt: The scrypt key derivation function was originally developed for use in +scrypt: the Tarsnap online backup system and is designed to be far more secure +scrypt: against hardware brute-force attacks than alternative functions such +scrypt: as PBKDF2 or bcrypt. A simple password-based encryption utility and an +scrypt: optional library are available as a demonstration of the scrypt key +scrypt: derivation function. scrypt: +scrypt: Homepage: https://www.tarsnap.com/scrypt.html +scrypt: Development: https://github.com/Tarsnap/scrypt |