Add support for EdDSA (Ed25519) from the upstream master branch

(Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key 0xFED5002857C1ABFA!)
author: Kristian Fiskerstrand <k_f@gentoo.org> 2015-02-02 23:18:26 +0000
committer: Kristian Fiskerstrand <k_f@gentoo.org> 2015-02-02 23:18:26 +0000
commit: 9b598df9f85979337664f61edf0900513d3a4849 (patch)
tree: 034ef8ef7bbfb4aee45ebfd307c7db78b89588eb /net-misc
parent: Fix ChangeLog entry (diff)
download: gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.tar.gz
gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.tar.bz2
gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.zip
3 files changed, 208 insertions, 2 deletions
diff --git a/net-misc/sks/ChangeLog b/net-misc/sks/ChangeLog
index e7819a76bc28..45ee700ffb14 100644
--- a/net-misc/sks/ChangeLog
+++ b/net-misc/sks/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-misc/sks
-# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/sks/ChangeLog,v 1.11 2014/07/28 18:04:07 k_f Exp $
+# Copyright 1999-2015 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/sks/ChangeLog,v 1.12 2015/02/02 23:18:26 k_f Exp $
+
+*sks-1.1.5-r1 (02 Feb 2015)
+
+  02 Feb 2015; Kristian Fiskerstrand <k_f@gentoo.org>
+  +files/sks-1.1.5-eddsa.patch, +sks-1.1.5-r1.ebuild:
+  Add support for EdDSA (Ed25519) from the upstream master branch
 
   28 Jul 2014;  <kristianf@gentoo.org> metadata.xml:
   Taking over full maintainership instead of through proxy-maint
diff --git a/net-misc/sks/files/sks-1.1.5-eddsa.patch b/net-misc/sks/files/sks-1.1.5-eddsa.patch
new file mode 100644
index 000000000000..36359f233c49
--- /dev/null
+++ b/net-misc/sks/files/sks-1.1.5-eddsa.patch
@@ -0,0 +1,84 @@
+diff -r 4d5e4fd7c1c2 CHANGELOG
+--- a/CHANGELOG	Mon Aug 11 20:56:45 2014 -0500
++++ b/CHANGELOG	Tue Feb 03 00:01:20 2015 +0100
+@@ -1,3 +1,7 @@
++Development:
++  - Add support for EdDSA key using Ed25519 signature scheme
++    (http://www.ietf.org/id/draft-koch-eddsa-for-openpgp-00.txt)
++
+ 1.1.5
+   - Fixes for machine-readable indices. Key expiration times are now read
+     from self-signatures on the key's UIDs. In addition, instead of 8-digit
+diff -r 4d5e4fd7c1c2 common.ml
+--- a/common.ml	Mon Aug 11 20:56:45 2014 -0500
++++ b/common.ml	Tue Feb 03 00:01:20 2015 +0100
+@@ -47,7 +47,7 @@
+ (* for Release versions, COMMONCAMLFLAGS in Makefile should include          *)
+ (* '-warn-error a'. Development work should use '-warn-error A' for stricter *)
+ (* language checking. This affects the Ocaml compiler beginning with v4.01.0 *)
+-let version_suffix = "" (* + for development branch *)
++let version_suffix = "+" (* + for development branch *)
+ let compatible_version_tuple = (0,1,5)
+ let version =
+   let (maj_version,min_version,release) = version_tuple in
+diff -r 4d5e4fd7c1c2 packet.ml
+--- a/packet.ml	Mon Aug 11 20:56:45 2014 -0500
++++ b/packet.ml	Tue Feb 03 00:01:20 2015 +0100
+@@ -163,6 +163,7 @@
+   | 19 -> "ECDSA (ECC)" (* RFC 6637 *)
+   | 20 -> "Elgamal (Encrypt or Sign)"
+   | 21 -> "Reserved for Diffie-Hellman (X9.42) as defined for IETF-S/MIME"
++  | 22 -> "EdDSA"
+   | x when x >= 100 && x <= 110 -> "Private/Experimental algorithm."
+   | _ -> "Unknown Public Key Algorithm"
+ 
+@@ -252,10 +253,11 @@
+   | 2 -> "r"  (* RSA encrypt *)
+   | 3 -> "s"  (* RSA sign *)
+   | 16 -> "g"  (* ElGamal encrypt *)
+-  | 20 -> "G"  (* ElGamal sign and encrypt *)
+   | 17 -> "D"  (* DSA *)
+   | 18 -> "e"  (* ECDH *)
+   | 19 -> "E"  (* ECDSA *)
++  | 20 -> "G"  (* ElGamal sign and encrypt *)
++  | 22 -> "E"  (* EdDSA *)
+   | _  -> "?"  (* NoClue *)
+ 
+ (** writes out packet, using old-style packets when possible *)
+diff -r 4d5e4fd7c1c2 parsePGP.ml
+--- a/parsePGP.ml	Mon Aug 11 20:56:45 2014 -0500
++++ b/parsePGP.ml	Tue Feb 03 00:01:20 2015 +0100
+@@ -150,6 +150,7 @@
+      | "\x2b\x24\x03\x03\x02\x08\x01\x01\x0b" -> 384 	(* brainpoolP384r1 *)
+      | "\x2b\x24\x03\x03\x02\x08\x01\x01\x0d" -> 512 	(* brainpoolP512r1 *)
+      | "\x2b\x81\x04\x00\x0a" -> 256         		(* secp256k1 *)
++     | "\x2b\x06\x01\x04\x01\xda\x47\x0f\x01" -> 256	(* Ed25519 *)  
+      | _ -> failwith "Unknown OID"
+    in
+    psize
+@@ -168,6 +169,7 @@
+    in
+    (mpi, psize)
+ 
++ (* Algorithm specific fields for ECDSA and EdDSA *)
+  let parse_ecdsa_pubkey cin =
+    let length = cin#read_int_size 1 in
+    let oid = cin#read_string length in
+@@ -185,7 +187,7 @@
+       let algorithm = cin#read_byte in
+       let (tmpmpi, tmpsize) =  match algorithm with
+         | 18 -> parse_ecdh_pubkey cin
+-        | 19 -> ( {mpi_bits = 0; mpi_data = ""}, (parse_ecdsa_pubkey cin))
++        | 19 | 22 -> ( {mpi_bits = 0; mpi_data = ""}, (parse_ecdsa_pubkey cin))
+         | _ -> ( {mpi_bits = 0; mpi_data = ""} , -1 )
+       in
+       let mpis = match algorithm with
+@@ -205,7 +207,7 @@
+     pk_ctime = creation_time;
+     pk_expiration = (match expiration with Some 0 -> None | x -> x);
+     pk_alg = algorithm;
+-    pk_keylen = (match algorithm with |18|19 -> psize | _ -> mpi.mpi_bits);
++    pk_keylen = (match algorithm with |18|19|22 -> psize | _ -> mpi.mpi_bits);
+   }
+ 
+ (********************************************************)
diff --git a/net-misc/sks/sks-1.1.5-r1.ebuild b/net-misc/sks/sks-1.1.5-r1.ebuild
new file mode 100644
index 000000000000..f7cf570930a4
--- /dev/null
+++ b/net-misc/sks/sks-1.1.5-r1.ebuild
@@ -0,0 +1,116 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/sks/sks-1.1.5-r1.ebuild,v 1.1 2015/02/02 23:18:26 k_f Exp $
+
+EAPI=5
+
+inherit multilib user readme.gentoo systemd
+
+DESCRIPTION="An OpenPGP keyserver which is decentralized and provides highly reliable synchronization"
+HOMEPAGE="https://bitbucket.org/skskeyserver/sks-keyserver"
+SRC_URI="http://bitbucket.org/skskeyserver/sks-keyserver/downloads/${P}.tgz"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="optimize test"
+DOC_CONTENTS="To get sks running, first build the database,
+start the databse, import atleast one key, then
+run a cleandb. See the sks man page for more information
+Typical DB_CONFIG file and sksconf has been installed
+in /var/lib/sks and can be used as templates by renaming
+to remove the .typical extension. The DB_CONFIG file has
+to be in place before doing the database build, or the BDB
+environment has to be manually cleared from both KDB and PTree.
+The same applies if you are upgrading to this version with an existing KDB/Ptree,
+using another version of BDB than 4.8; you need to clear the environment
+using e.g. db4.6_recover -h . and db4.6_checkpoint -1h . in both KDB and PTree
+Additionally a sample web interface has been installed as
+web.typical in /var/lib/sks that can be used by renaming it to web
+Important: It is strongly recommended to set up SKS behind a
+reverse proxy. Instructions on properly configuring SKS can be
+found at https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering"
+
+DEPEND="dev-lang/ocaml
+	dev-ml/cryptokit
+	sys-libs/db:4.8"
+RDEPEND="${DEPEND}"
+
+pkg_setup() {
+	ebegin "Creating named group and user"
+	enewgroup sks
+	enewuser sks -1 -1 /var/lib/sks sks
+}
+
+src_prepare() {
+	cp Makefile.local.unused Makefile.local || die
+	sed -i \
+		-e "s:^BDBLIB=.*$:BDBLIB=-L/usr/$(get_libdir):g" \
+		-e "s:^BDBINCLUDE=.*$:BDBINCLUDE=-I/usr/include/db4.8/:g" \
+		-e "s:^LIBDB=.*$:LIBDB=-ldb-4.8:g" \
+		-e "s:^PREFIX=.*$:PREFIX=${D}/usr:g" \
+		-e "s:^MANDIR=.*$:MANDIR=${D}/usr/share/man:g" \
+		Makefile.local || die
+	sed -i \
+		-e 's:^CAMLINCLUDE= -I lib -I bdb$:CAMLINCLUDE= -I lib -I bdb -I +cryptokit:g' \
+		-e 's:-Werror-implicit-function-declaration::g' \
+		Makefile bdb/Makefile || die
+	sed -i \
+		-e 's:/usr/sbin/sks:/usr/bin/sks:g' \
+		sks_build.sh || die
+
+	epatch "${FILESDIR}/${P}-eddsa.patch"
+}
+
+src_compile() {
+	emake dep
+	# sks build fails with paralell build in module Bdb
+	emake -j1 all
+	if use optimize; then
+		emake all.bc
+	fi
+}
+
+src_test() {
+	./sks unit_test || die
+}
+
+src_install() {
+	if use optimize; then
+		emake install.bc
+		dosym /usr/bin/sks.bc usr/bin/sks
+		dosym /usr/bin/sks_add_mail.bc usr/bin/sks_add_mail
+	else
+		emake install
+	fi
+
+	dodoc README.md
+
+	newinitd "${FILESDIR}/sks-db.initd" sks-db
+	newinitd "${FILESDIR}/sks-recon.initd" sks-recon
+	newconfd "${FILESDIR}/sks.confd" sks
+	systemd_dounit "${FILESDIR}"/sks-db.service
+	systemd_dounit "${FILESDIR}"/sks-recon.service
+
+	dodir "/var/lib/sks/web.typical"
+	insinto /var/lib/sks
+	newins sampleConfig/DB_CONFIG DB_CONFIG.typical
+	newins sampleConfig/sksconf.typical sksconf.typical
+	insinto /var/lib/sks/web.typical
+	doins sampleWeb/HTML5/*
+
+	keepdir /var/lib/sks
+	readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+	readme.gentoo_print_elog
+
+	if [[ -n ${REPLACING_VERSIONS} ]]; then
+		einfo "Note when upgrading from versions of SKS earlier than 1.1.4"
+		einfo "The default values for pagesize settings have changed. To continue"
+		einfo "using an existing DB without rebuilding, explicit settings have to be"
+		einfo "added to the sksconf file."
+		einfo "pagesize:       4"
+		einfo "ptree_pagesize: 1"
+	fi;
+}
author	Kristian Fiskerstrand <k_f@gentoo.org>	2015-02-02 23:18:26 +0000
committer	Kristian Fiskerstrand <k_f@gentoo.org>	2015-02-02 23:18:26 +0000
commit	9b598df9f85979337664f61edf0900513d3a4849 (patch)
tree	034ef8ef7bbfb4aee45ebfd307c7db78b89588eb /net-misc
parent	Fix ChangeLog entry (diff)
download	gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.tar.gz gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.tar.bz2 gentoo-2-9b598df9f85979337664f61edf0900513d3a4849.zip