kr enables SSH to authenticate with a key stored in a Krypton (iOS or

Android) mobile app. kr runs as an SSH agent, called krd. When a Krypton private key operation is needed for authentication, krd routes this request to the paired mobile phone, where the user decides whether to allow the operation or not. The private key never leaves the phone. WWW: https://krypt.co
svn path=/head/; revision=465973
2024-12-04 01:48:54 +00:00 · 2018-03-30 14:19:23 +00:00 · 2018-03-30 14:19:23 +00:00 · acf68e36e0 · 2021-03-31 03:12:20 +00:00
commit acf68e36e0
parent 57420b14cd
6 changed files with 121 additions and 0 deletions
--- a/security/Makefile
+++ b/security/Makefile
@ -310,6 +310,7 @@
    SUBDIR += knocker
    SUBDIR += kpcli
    SUBDIR += kqoauth
+    SUBDIR += kr
    SUBDIR += krb5
    SUBDIR += krb5-114
    SUBDIR += krb5-115
--- a/security/kr/Makefile
+++ b/security/kr/Makefile
@ -0,0 +1,50 @@
+# Created by: Mark Felder <feld@FreeBSD.org>
+# $FreeBSD$
+
+PORTNAME=	kr
+PORTVERSION=	2.3.1
+CATEGORIES=	security
+
+MAINTAINER=	feld@FreeBSD.org
+COMMENT=	SSH and Git commit/tag signing using a key stored in Krypton
+
+BUILD_DEPENDS=	rust>=1.19.0_2:lang/rust \
+		bash>0:shells/bash
+
+USES=		gmake go shebangfix
+GO_PKGNAME=	github.com/${GH_ACCOUNT}/${GH_PROJECT}
+SHEBANG_FILES=	install/os.sh
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	kryptco
+
+GH_TUPLE+=	atotto:clipboard:bb272b8:clipboard/../src/github.com/atotto/clipboard
+GH_TUPLE+=	kryptco:qr:eb334d7:qr/../src/github.com/kryptco/qr
+GH_TUPLE+=	kryptco:gf256:bbd714a:gf256/../src/github.com/kryptco/gf256
+GH_TUPLE+=	urfave:cli:b438abf:cli/../src/github.com/urfave/cli
+
+PLIST_FILES=	bin/kr \
+		bin/krd \
+		bin/krgpg \
+		bin/krssh \
+		lib/kr-pkcs11.so
+
+post-patch:
+	${CP} -r ${WRKSRC}/vendor/ ${WRKDIR}/src/
+	# Duplicate copy found in vendor dir breaks the build
+	${RM} -r ${WRKSRC}/vendor/github.com/op
+	# Hack because the build process is losing PREFIX somewhere
+	${REINPLACE_CMD} 's|const DEFAULT_PREFIX = "/usr"|const DEFAULT_PREFIX = "${PREFIX}"|' ${WRKSRC}/kr/kr_unix.go
+
+do-build:
+	(cd ${WRKSRC} && \
+	${SETENV} ${MAKE_ENV} ${GO_ENV} ${GMAKE})
+
+do-install:
+	${INSTALL_PROGRAM} ${WRKSRC}/bin/kr ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_PROGRAM} ${WRKSRC}/bin/krd ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_PROGRAM} ${WRKSRC}/bin/krssh ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_PROGRAM} ${WRKSRC}/bin/krgpg ${STAGEDIR}${PREFIX}/bin
+	${INSTALL_LIB} ${WRKSRC}/lib/kr-pkcs11.so ${STAGEDIR}${PREFIX}/lib
+
+.include <bsd.port.mk>
--- a/security/kr/distinfo
+++ b/security/kr/distinfo
@ -0,0 +1,13 @@
+TIMESTAMP = 1522346317
+SHA256 (kryptco-kr-2.3.1_GH0.tar.gz) = 1bc552e8acd06197499e8bc3f3a63334266eadb256bdf1abec7916ebd9295807
+SIZE (kryptco-kr-2.3.1_GH0.tar.gz) = 1878064
+SHA256 (atotto-clipboard-bb272b8_GH0.tar.gz) = 7385442ce255d762509d40ab6f2e5cb3645eebb5bc8b1c7bc25e275ec40452e3
+SIZE (atotto-clipboard-bb272b8_GH0.tar.gz) = 3729
+SHA256 (kryptco-qr-eb334d7_GH0.tar.gz) = 9e131483f12fbce2079f08ae6d47efa31335b8f8dbbcaaba97e0a600572a00ac
+SIZE (kryptco-qr-eb334d7_GH0.tar.gz) = 12224
+SHA256 (kryptco-gf256-bbd714a_GH0.tar.gz) = 0d785bbba438b099ac83368cade518695d0561539f9187bb4d00ca097532be81
+SIZE (kryptco-gf256-bbd714a_GH0.tar.gz) = 2277
+SHA256 (urfave-cli-b438abf_GH0.tar.gz) = e665f01314672565dd89d916529e39e35fee6c60738a2c537375d98c1fb80e18
+SIZE (urfave-cli-b438abf_GH0.tar.gz) = 45955
+SHA256 (op-go-logging-970db52_GH0.tar.gz) = e162503746867342a1a981ba38ca6ce214c8debede6819bbe1517f4da3bbeede
+SIZE (op-go-logging-970db52_GH0.tar.gz) = 37177
--- a/security/kr/files/patch-Makefile
+++ b/security/kr/files/patch-Makefile
@ -0,0 +1,11 @@
+--- Makefile.orig	2018-01-09 20:17:55 UTC
+++ Makefile
+@@ -66,7 +66,7 @@ endif
+ endif
+ 	cd kr; go build $(GO_TAGS) -o ../bin/kr
+ 	cd krd/main; CGO_LDFLAGS="$(CGO_LDFLAGS)" go build $(GO_TAGS) -o ../../bin/krd
+-	cd pkcs11shim; make; cp target/release/kr-pkcs11.so ../lib/
+	cd pkcs11shim; gmake; cp target/release/kr-pkcs11.so ../lib/
+ 	cd krssh; CGO_LDFLAGS="$(CGO_LDFLAGS)" go build $(GO_TAGS) -o ../bin/krssh
+ 	cd krgpg; go build $(GO_TAGS) -o ../bin/krgpg
+ 
--- a/security/kr/files/patch-kr_kr__unix.go
+++ b/security/kr/files/patch-kr_kr__unix.go
@ -0,0 +1,39 @@
+--- kr/kr_unix.go.orig	2018-01-09 20:17:55 UTC
+++ kr/kr_unix.go
+@@ -61,12 +61,15 @@ func hasYum() bool {
+ func hasYaourt() bool {
+ 	return exec.Command("which", "yaourt").Run() == nil
+ }
+func hasPkg() bool {
+	return exec.Command("which", "pkg").Run() == nil
+}
+ 
+ func uninstallCommand(c *cli.Context) (err error) {
+ 	go func() {
+ 		kr.Analytics{}.PostEventUsingPersistedTrackingID("kr", "uninstall", nil, nil)
+ 	}()
+-	confirmOrFatal(os.Stderr, "Uninstall Krypton from this workstation? (same as sudo apt-get/yum remove kr)")
+	confirmOrFatal(os.Stderr, "Uninstall Krypton from this workstation? (same as sudo pkg remove kr)")
+ 
+ 	exec.Command("killall", "krd").Run()
+ 
+@@ -87,6 +90,9 @@ func uninstallCommand(c *cli.Context) (e
+ 	if hasYaourt() {
+ 		runCommandWithUserInteraction("sudo", "yaourt", "-R", "kr")
+ 	}
+	if hasPkg() {
+		runCommandWithUserInteraction("sudo", "pkg", "remove", "kr")
+	}
+ 
+ 	cleanSSHConfig()
+ 	uninstallCodesigning()
+@@ -118,6 +124,9 @@ func upgradeCommand(c *cli.Context) (err
+ 	if hasYaourt() {
+ 		runCommandWithUserInteraction("sudo", "yaourt", "-Sy", "kr")
+ 	}
+	if hasPkg() {
+		runCommandWithUserInteraction("sudo", "pkg", "upgrade", "kr")
+	}
+ 
+ 	return
+ }
--- a/security/kr/pkg-descr
+++ b/security/kr/pkg-descr
@ -0,0 +1,7 @@
+kr enables SSH to authenticate with a key stored in a Krypton (iOS or
+Android) mobile app. kr runs as an SSH agent, called krd. When a Krypton
+private key operation is needed for authentication, krd routes this
+request to the paired mobile phone, where the user decides whether to
+allow the operation or not. The private key never leaves the phone.
+
+WWW: https://krypt.co