diff options
Diffstat (limited to 'security/timestamp-authority')
| -rw-r--r-- | security/timestamp-authority/Makefile | 24 | ||||
| -rw-r--r-- | security/timestamp-authority/distinfo | 5 | ||||
| -rw-r--r-- | security/timestamp-authority/files/timestamp-authority.in | 46 | ||||
| -rw-r--r-- | security/timestamp-authority/pkg-descr | 10 | ||||
| -rw-r--r-- | security/timestamp-authority/pkg-plist | 3 |
5 files changed, 88 insertions, 0 deletions
diff --git a/security/timestamp-authority/Makefile b/security/timestamp-authority/Makefile new file mode 100644 index 000000000000..4cd5f0730b71 --- /dev/null +++ b/security/timestamp-authority/Makefile @@ -0,0 +1,24 @@ +PORTNAME= timestamp-authority +DISTVERSIONPREFIX= v +DISTVERSION= 1.2.7 +CATEGORIES= security + +MAINTAINER= bofh@FreeBSD.org +COMMENT= Service for issuing RFC 3161 timestamps +WWW= https://sigstore.dev/ + +LICENSE= APACHE20 +LICENSE_FILE= ${WRKSRC}/LICENSE + +USES= go:1.24,modules +USE_RC_SUBR= ${PORTNAME} + +GO_MODULE= github.com/sigstore/timestamp-authority +GO_TARGET= ./cmd/fetch-tsa-certs \ + ./cmd/timestamp-cli \ + ./cmd/timestamp-server + +USERS= ${PORTNAME} +GROUPS= ${PORTNAME} + +.include <bsd.port.mk> diff --git a/security/timestamp-authority/distinfo b/security/timestamp-authority/distinfo new file mode 100644 index 000000000000..03f2671e11af --- /dev/null +++ b/security/timestamp-authority/distinfo @@ -0,0 +1,5 @@ +TIMESTAMP = 1747046090 +SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.7/v1.2.7.mod) = da0bc96c124c843139cd1cd9230cbd0a574307b8c225cb42a18855ca2b47dd84 +SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.7/v1.2.7.mod) = 7936 +SHA256 (go/security_timestamp-authority/timestamp-authority-v1.2.7/v1.2.7.zip) = e489c5c7fd2c4aceee11db18f2beb3e0e64c149cf60f7a709d7e6bc56930b8c3 +SIZE (go/security_timestamp-authority/timestamp-authority-v1.2.7/v1.2.7.zip) = 195580 diff --git a/security/timestamp-authority/files/timestamp-authority.in b/security/timestamp-authority/files/timestamp-authority.in new file mode 100644 index 000000000000..dc39614451c1 --- /dev/null +++ b/security/timestamp-authority/files/timestamp-authority.in @@ -0,0 +1,46 @@ +#!/bin/sh + +# PROVIDE: timestamp-server +# REQUIRE: DAEMON +# KEYWORD: shutdown +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# timestamp-server_enable (bool): Set it to YES to enable timestamp-server. +# Default is "NO". +# timestamp-server_user (user): Set user to run timestamp-server. +# Default is "timestamp-server". +# timestamp-server_group (group): Set group to run timestamp-server. +# Default is "timestamp-server". +# timestamp-server_config (file): Set timestamp-server config file. +# Default is "%%PREFIX%%/etc/timestamp-server/timestamp-server.yaml". + +. /etc/rc.subr + +name=timestamp-server +rcvar=timestamp-server_enable + +load_rc_config $name + +: ${timestamp-server_enable:="NO"} +: ${timestamp-server_user:="timestamp-authority"} +: ${timestamp-server_group:="timestamp-authority"} +: ${timestamp-server_config:="%%PREFIX%%/etc/timestamp-authority/timestamp-server.yaml"} + +pidfile=/var/run/timestamp-server.pid +procname="%%PREFIX%%/bin/timestamp-server" +command="/usr/sbin/daemon" +command_args="-f -t ${name} -p ${pidfile} ${procname} serve -config=${timestamp-server_config}" + +start_precmd=timestamp-server_startprecmd +required_files="$timestamp-server_config" + +timestamp-server_startprecmd() +{ + if [ ! -e ${pidfile} ]; then + install -o ${timestamp-server_user} -g ${timestamp-server_group} /dev/null ${pidfile}; + fi +} + +run_rc_command "$1" diff --git a/security/timestamp-authority/pkg-descr b/security/timestamp-authority/pkg-descr new file mode 100644 index 000000000000..7160e019b0ea --- /dev/null +++ b/security/timestamp-authority/pkg-descr @@ -0,0 +1,10 @@ +Trusted timestamping is a process that has been around for some time. It +provides a timestamp record of when a document was created or modified. + +A timestamp authority creates signed timestamps using public key +infrastructure. The operator of the timestamp authority must secure the +signing key material to prevent unauthorized timestamp signing. + +A timestamp authority should also verify its own clock. We provide a +configuration to periodically check the current time against well-known +NTP sources. diff --git a/security/timestamp-authority/pkg-plist b/security/timestamp-authority/pkg-plist new file mode 100644 index 000000000000..7462fe7c3956 --- /dev/null +++ b/security/timestamp-authority/pkg-plist @@ -0,0 +1,3 @@ +bin/fetch-tsa-certs +bin/timestamp-cli +bin/timestamp-server |