Commit graph

16 commits

Author SHA1 Message Date
wiz
bb579283d0 *: bump PKGREVISION for egg.mk users
They now have a tool dependency on py-setuptools instead of a DEPENDS
2022-01-04 20:53:26 +00:00
nia
3df0f20e22 security: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
2021-10-26 11:16:56 +00:00
nia
fa4b2904a6 security: Remove SHA1 hashes for distfiles 2021-10-07 14:53:40 +00:00
wiz
f339f153e3 py-asn1-modules: update to 0.2.8.
Use github distfile because pypi one is missing.

Revision 0.2.8, released 16-11-2019
-----------------------------------

- Improve test routines for modules that use certificate extensions
- Improve test for RFC3709 with a real world certificate
- Added RFC7633 providing TLS Features Certificate Extension
- Added RFC7229 providing OIDs for Test Certificate Policies
- Added tests for RFC3280, RFC3281, RFC3852, and RFC4211
- Added RFC6960 providing Online Certificate Status Protocol (OCSP)
- Added RFC6955 providing Diffie-Hellman Proof-of-Possession Algorithms
- Updated the handling of maps for use with openType for RFC 3279
- Added RFC6486 providing RPKI Manifests
- Added RFC6487 providing Profile for X.509 PKIX Resource Certificates
- Added RFC6170 providing Certificate Image in the Internet X.509 Public
  Key Infrastructure, and import the object identifier into RFC3709.
- Added RFC6187 providing Certificates for Secure Shell Authentication
- Added RFC6482 providing RPKI Route Origin Authorizations (ROAs)
- Added RFC6664 providing S/MIME Capabilities for Public Keys
- Added RFC6120 providing Extensible Messaging and Presence Protocol
  names in certificates
- Added RFC4985 providing Subject Alternative Name for expression of
  service names in certificates
- Added RFC5924 providing Extended Key Usage for Session Initiation
  Protocol (SIP) in X.509 certificates
- Added RFC5916 providing Device Owner Attribute
- Added RFC7508 providing Securing Header Fields with S/MIME
- Update RFC8226 to use ComponentPresentConstraint() instead of the
  previous work around
- Add RFC2631 providing OtherInfo for Diffie-Hellman Key Agreement
- Add RFC3114 providing test values for the S/MIME Security Label
- Add RFC5755 providing Attribute Certificate Profile for Authorization
- Add RFC5913 providing Clearance Attribute and Authority Clearance
  Constraints Certificate Extension
- Add RFC5917 providing Clearance Sponsor Attribute
- Add RFC4043 providing Internet X.509 PKI Permanent Identifier
- Add RFC7585 providing Network Access Identifier (NAI) Realm Name
  for Certificates
- Update RFC3770 to support openType for attributes and reported errata
- Add RFC4334 providing Certificate Extensions and Attributes for
  Authentication in PPP and Wireless LAN Networks
2019-11-26 13:10:44 +00:00
adam
9ce1493c8f py-asn1-modules: updated to 0.2.7
Revision 0.2.7:
- Added maps for use with openType to RFC 3565
- Added RFC2985 providing PKCS#9 Attributes
- Added RFC3770 providing Certificate Extensions and Attributes for
  Authentication in PPP and Wireless LAN Networks
- Added RFC5914 providing Trust Anchor Format
- Added RFC6010 providing CMS Content Constraints (CCC) Extension
- Added RFC6031 providing CMS Symmetric Key Package Content Type
- Added RFC6032 providing CMS Encrypted Key Package Content Type
- Added RFC7030 providing Enrollment over Secure Transport (EST)
- Added RFC7292 providing PKCS #12, which is the Personal Information
  Exchange Syntax v1.1
- Added RFC8018 providing PKCS #5, which is the Password-Based
  Cryptography Specification, Version 2.1
- Automatically update the maps for use with openType for RFC3709,
  RFC6402, RFC7191, and RFC8226 when the module is imported
- Added RFC6211 providing CMS Algorithm Identifier Protection Attribute
- Added RFC8449 providing Certificate Extension for Hash Of Root Key
- Updated RFC2459 and RFC5280 for TODO in the certificate extension map
- Added RFC7906 providing NSA's CMS Key Management Attributes
- Added RFC7894 providing EST Alternative Challenge Password Attributes
- Updated the handling of maps for use with openType so that just doing
  an import of the modules is enough in most situations; updates to
  RFC 2634, RFC 3274, RFC 3779, RFC 4073, RFC 4108, RFC 5035, RFC 5083,
  RFC 5084, RFC 5480, RFC 5940, RFC 5958, RFC 6019, and RFC 8520
- Updated the handling of attribute maps for use with openType in
  RFC 5958 to use the rfc5652.cmsAttributesMap
- Added RFC5990 providing RSA-KEM Key Transport Algorithm in the CMS
- Fixed malformed `rfc4210.RevRepContent` data structure layout
- Added RFC5934 providing Trust Anchor Management Protocol (TAMP)
- Added RFC6210 providing Experiment for Hash Functions with Parameters
- Added RFC5751 providing S/MIME Version 3.2 Message Specification
- Added RFC8494 providing Multicast Email (MULE) over ACP 142
- Added RFC8398 providing Internationalized Email Addresses in
  X.509 Certificates
- Added RFC8419 providing Edwards-Curve Digital Signature Algorithm
  (EdDSA) Signatures in the CMS
- Added RFC8479 providing Storing Validation Parameters in PKCS#8
- Added RFC8360 providing Resource Public Key Infrastructure (RPKI)
  Validation Reconsidered
- Added RFC8358 providing Digital Signatures on Internet-Draft Documents
- Added RFC8209 providing BGPsec Router PKI Profile
- Added RFC8017 providing PKCS #1 Version 2.2
- Added RFC7914 providing scrypt Password-Based Key Derivation Function
- Added RFC7773 providing Authentication Context Certificate Extension
2019-10-10 07:47:53 +00:00
adam
ed778b35a8 py-asn1-modules: updated to 0.2.6
Revision 0.2.6:
- Added RFC3560 providing RSAES-OAEP Key Transport Algorithm
  in CMS
- Added RFC6019 providing BinaryTime - an alternate format
  for representing Date and Time
- RFC3565 superseded by RFC5649
- Added RFC5480 providng Elliptic Curve Cryptography Subject
  Public Key Information
- Added RFC8520 providing X.509 Extensions for MUD URL and
  MUD Signer
- Added RFC3161 providing Time-Stamp Protocol support
- Added RFC3709 providing Logotypes in X.509 Certificates
- Added RFC3274 providing CMS Compressed Data Content Type
- Added RFC4073 providing Multiple Contents protection with CMS
- Added RFC2634 providing Enhanced Security Services for S/MIME
- Added RFC5915 providing Elliptic Curve Private Key
- Added RFC5940 providing CMS Revocation Information Choices
- Added RFC7296 providing IKEv2 Certificate Bundle
- Added RFC8619 providing HKDF Algorithm Identifiers
- Added RFC7191 providing CMS Key Package Receipt and Error Content
  Types
- Added openType support for ORAddress Extension Attributes and
  Algorithm Identifiers in the RFC5280 module
- Added RFC5035 providing Update to Enhanced Security Services for
  S/MIME
- Added openType support for CMS Content Types and CMS Attributes
  in the RFC5652 module
- Added openType support to RFC 2986 by importing definitions from
  the RFC 5280 module so that the same maps are used.
- Added maps for use with openType to RFC 2634, RFC 3274, RFC 3709,
  RFC 3779, RFC 4055, RFC 4073, RFC 4108, RFC 5035, RFC 5083, RFC 5480,
  RFC 5940, RFC 5958, RFC 6010, RFC 6019, RFC 6402, RFC 7191, RFC 8226,
  and RFC 8520
- Changed `ValueSizeConstraint` erroneously applied to `SequenceOf`
  and `SetOf` objects via `subtypeConstraint` attribute to be applied
  via `sizeSpec` attribute. Although `sizeSpec` takes the same constraint
  objects as `subtypeConstraint`, the former is only verified on
  de/serialization i.e. when the [constructed] object at hand is fully
  populated, while the latter is applied to [scalar] types at the moment
  of instantiation.
2019-08-03 04:38:31 +00:00
adam
006222c66b py-asn1-modules: updated to 0.2.5
Revision 0.2.5:
- Added module RFC5958 providing Asymmetric Key Packages,
  which is essentially version 2 of the PrivateKeyInfo
  structure in PKCS#8 in RFC 5208
- Added module RFC8410 providing algorithm Identifiers for
  Ed25519, Ed448, X25519, and X448
- Added module RFC8418 providing Elliptic Curve Diffie-Hellman
  (ECDH) Key Agreement Algorithm with X25519 and X448
- Added module RFC3565 providing Elliptic Curve Diffie-Hellman
  Key Agreement Algorithm use with X25519 and X448 in the
  Cryptographic Message Syntax (CMS)
- Added module RFC4108 providing CMS Firmware Wrapper
- Added module RFC3779 providing X.509 Extensions for IP
  Addresses and AS Identifiers
- Added module RFC4055 providing additional Algorithms and
  Identifiers for RSA Cryptography for use in Certificates
  and CRLs
2019-04-25 05:08:50 +00:00
adam
7fbbdef9b9 py-asn1-modules: updated to 0.2.4
Revision 0.2.4:
- Added modules for RFC8226 implementing JWT Claim Constraints
  and TN Authorization List for X.509 certificate extensions
- Fixed bug in rfc5280.AlgorithmIdentifier ANY type definition
2019-01-28 09:14:22 +00:00
adam
853c9cd60c py-asn1-modules: updated to 0.2.3
Revision 0.2.3:
- Added modules for RFC5083 and RFC5084 (CMS)
- Copyright notice extended to the year 2019
2018-12-31 11:24:24 +00:00
adam
d76b51319c py-asn1-modules: updated to 0.2.2
Revision 0.2.2:
- Copyright notice extended to the year 2018
- Migrated references from SourceForge
- rfc2986 module added
2018-08-06 19:30:15 +00:00
adam
676d6e7c91 py-asn1-modules: updated to 0.2.1
Revision 0.2.1, released 23-11-2017
- Allow ANY DEFINED BY objects expanding automatically if requested
- Imports PEP8'ed

Revision 0.1.5, released 10-10-2017
- OCSP response blob fixed in test
- Fixed wrong OCSP ResponderID components tagging

Revision 0.1.4, released 07-09-2017
- Typo fixed in the dependency spec

Revision 0.1.3, released 07-09-2017
- Apparently, pip>=1.5.6 is still widely used and it is not PEP440
  compliant. Had to replace the `~=` version dependency spec with a
  sequence of simple comparisons to remain compatible with the aging pip.

Revision 0.1.2, released 07-09-2017
- Pinned to pyasn1 ~0.3.4

Revision 0.1.1, released 27-08-2017
- Tests refactored into proper unit tests
- pem.readBase64fromText() convenience function added
- Pinned to pyasn1 0.3.3
2018-04-18 09:43:27 +00:00
adam
0267f2ef12 Revision 0.0.8
- Wheel distribution format now supported
- Fix to misspelled rfc2459.id_at_sutname variable
- Fix to misspelled rfc2459.NameConstraints component tag ID
- Fix to misspelled rfc2459.GeneralSubtree component default status
2017-04-08 21:25:26 +00:00
agc
5293710fb4 Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
	Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
	Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
	Package libidea: missing distfile libidea-0.8.2b.tar.gz
	Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
	Package uvscan: missing distfile vlp4510e.tar.Z

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
2015-11-04 01:17:40 +00:00
wiz
e308b889c9 Update to 0.0.6:
Revision 0.0.6
--------------

- Typo fix to id_kp_serverAuth object value
- A test case for indefinite length encoding eliminated as it's
  forbidden in DER.
2015-07-01 13:55:20 +00:00
wiz
3ec156f142 Improve EGG_NAME default to work for packages with '-' in their name.
Remove now unnecessary overrides in various packages.
2014-12-31 13:57:25 +00:00
wiz
6446ac6efb Import py34-asn1-modules-0.0.5 as security/py-asn1-modules.
This is a small but growing collection of ASN.1 data structures
expressed in Python terms using the pyasn1 data model.

It's thought to be useful to protocol developers and testers.
2014-11-24 14:21:01 +00:00