Package: wnpp Severity: wishlist Owner: Simon Josefsson <si...@josefsson.org>
* Package name : relic Version : 7.6.1-1 Upstream Author : SAS Institute, Inc. * URL : https://github.com/sassoftware/relic * License : Apache-2.0 Programming Lang: Go Description : digitally sign Linux/Java/Windows packages relic is a multi-tool and server for package signing and working with hardware security modules (HSMs). . Package types . * RPM - RedHat packages * DEB - Debian packages * JAR - Java archives * EXE (PE/COFF) - Windows executable * MSI - Windows installer * appx, appxbundle - Windows universal application * CAB - Windows cabinet file * CAT - Windows security catalog * XAP - Silverlight and legacy Windows Phone applications * PS1, PS1XML, MOF, etc. - Microsoft Powershell scripts and modules * manifest, application - Microsoft ClickOnce manifest * VSIX - Visual Studio extension * Mach-O - macOS/iOS signed executables * DMG, PKG - macOS disk images / installer packages * APK - Android package * PGP - inline, detached or cleartext signature of data . Token types . relic can work with several types of token: . * pkcs11 - Industry standard PKCS#11 HSM interface using shared object files * Cloud services - AWS, Azure and Google Cloud managed keys * scdaemon - The GnuPG scdaemon service can enable access to OpenPGP cards (such as Yubikey NEO) * file - Private keys stored in a password-protected file . Features . Relic is primarily meant to operate as a signing server, allowing clients to authenticate with a TLS certificate and sign packages remotely. It can also be used as a standalone signing tool. . Other features include: . * Generating and importing keys in the token * Importing certificate chains from a PKCS#12 file * Creating X509 certificate signing requests (CSR) and self-signed certificates * Limited X509 CA support -- signing CSRs and cross-signing certificates * Creating simple PGP public keys * RSA and ECDSA supported for all signature types * Verify signatures, certificate chains and timestamps on all supported package types * Sending audit logs to an AMQP broker, with an optional sealing signature * Save token PINs in the system keyring . Linux, Windows and MacOS are supported. Other platforms probably work as well. . relic is tested using libsofthsm2 and Gemalto SafeNet Network HSM (Luna SA). I hope to maintain this package as part of Debian Go Packaging Team: https://salsa.debian.org/go-team/packages/relic /Simon
signature.asc
Description: PGP signature