author: kx <kx@radix.pro> 2023-04-09 23:18:24 +0300
committer: kx <kx@radix.pro> 2023-04-09 23:18:24 +0300
commit: 8b7e76c7ad2445c0920e9d056728f7b6baaa0c43
parent: 3dd1914515dc5c714451bc4148f0abb51672ed06
Commit Summary:
Diffstat:
9 files changed, 233 insertions, 0 deletions
diff --git a/packages/n/ca-certificates/Makefile b/packages/n/ca-certificates/Makefile
new file mode 100644
index 0000000..6a08622
--- /dev/null
+++ b/packages/n/ca-certificates/Makefile
@@ -0,0 +1,27 @@
+
+#
+# Following command helps to cheate SUBDIRS list:
+# $ tree -fid .
+#
+
+SUBDIRS := cacert.org \
+ debian \
+ mozilla \
+ spi-inc.org
+
+
+all-recursive downloads_clean-recursive:
+ @set fnord $(MAKEFLAGS); amf=$$2; \
+ target=`echo $@ | sed s/-recursive//`; \
+ list='$(SUBDIRS)'; for subdir in $$list; do \
+ echo "Making $$target in $$subdir"; \
+ local_target="$$target"; \
+ (cd $$subdir && $(MAKE) $$fnord $$local_target) \
+ || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \
+ done; test -z "$$fail"
+
+all: all-recursive
+
+downloads_clean: downloads_clean-recursive
+
+.PHONY: all-recursive downloads_clean-recursive all downloads_clean
diff --git a/packages/n/ca-certificates/cacert.org/Makefile b/packages/n/ca-certificates/cacert.org/Makefile
new file mode 100644
index 0000000..b3a5f1d
--- /dev/null
+++ b/packages/n/ca-certificates/cacert.org/Makefile
@@ -0,0 +1,46 @@
+
+cacert_home = http://www.cacert.org/index.php?id=3
+cacert_url = http://www.cacert.org/certs
+cacert_files = root class3
+cacert_suffixes = crt der txt
+cacert_asc = cacert.asc
+
+ID = 65D0FD58
+signatures = sign/cacert-fingerprint.txt sign/cacert-gpg-fingerprint.txt
+
+tarball = cacert.tar.xz
+suffix = $(shell echo $(tarball) | cut -f 2,3 -d '.')
+sha1s = $(addsuffix .sha1sum, $(tarball))
+
+files = $(foreach sfx, $(cacert_suffixes), $(addsuffix .$(sfx),$(cacert_files)))
+files += $(cacert_asc)
+
+all: $(tarball) $(sha1s)
+
+.PHONY: verify downloads_clean
+
+
+$(files):
+ @echo -e "\n======= Downloading cacert.org certificates =======\n"
+ @for file in $(files) ; do \
+ wget -N $(cacert_url)/$$file ; \
+ done
+
+$(tarball): $(files)
+ @( directory=`echo $(tarball) | cut -f 1 -d '.'` ; \
+ mkdir -p $$directory ; \
+ cp -a sign $$directory ; \
+ cp -a README *.crt *.der *.txt *.asc $$directory ; \
+ tar cJvf $(tarball) $$directory ; \
+ rm -rf $$directory ; \
+ rm -f *.crt *.der *.txt *.asc ; \
+ )
+
+$(sha1s): %.$(suffix).sha1sum : %.$(suffix)
+ @for tarball in $< ; do \
+ echo -e "\n======= Calculation the '$$tarball' sha1sum =======\n" ; \
+ sha1sum --binary $$tarball > $$tarball.sha1sum ; \
+ done
+
+downloads_clean:
+ @rm -f $(tarball) $(sha1s) *.crt *.der *.txt *.asc *.gpg
diff --git a/packages/n/ca-certificates/cacert.org/README b/packages/n/ca-certificates/cacert.org/README
new file mode 100644
index 0000000..196fc7e
--- /dev/null
+++ b/packages/n/ca-certificates/cacert.org/README
@@ -0,0 +1,31 @@
+
+Confirmed the certificate fingerprint:
+=====================================
+
+$ openssl x509 -in root.crt -fingerprint -noout -sha1
+SHA1 Fingerprint=13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33
+
+$ openssl x509 -in root.crt -fingerprint -noout -md5
+MD5 Fingerprint=A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B
+
+
+$ openssl x509 -in class3.crt -fingerprint -noout -sha1
+SHA1 Fingerprint=AD:7C:3F:64:FC:44:39:FE:F4:E9:0B:E8:F4:7C:6C:FA:8A:AD:FD:CE
+
+$ openssl x509 -in class3.crt -fingerprint -noout -md5
+MD5 Fingerprint=F7:25:12:82:4E:67:B5:D0:8D:92:B7:7C:0B:86:7A:42
+
+
+$ LANG=C gpg --verify sign/cacert-fingerprint.txt
+gpg: Signature made Thu Sep 4 00:57:45 2003 CDT using DSA key ID 65D0FD58
+gpg: Good signature from "CA Cert Signing Authority (Root CA) <gpg@cacert.org>"
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
+
+$ LANG=C gpg --verify sign/cacert-gpg-fingerprint.txt
+gpg: Signature made Sun Feb 13 23:10:37 2005 CST using DSA key ID 65D0FD58
+gpg: Good signature from "CA Cert Signing Authority (Root CA) <gpg@cacert.org>"
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg: There is no indication that the signature belongs to the owner.
+Primary key fingerprint: A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
diff --git a/packages/n/ca-certificates/cacert.org/sign/README b/packages/n/ca-certificates/cacert.org/sign/README
new file mode 100644
index 0000000..cb4529f
--- /dev/null
+++ b/packages/n/ca-certificates/cacert.org/sign/README
@@ -0,0 +1,40 @@
+
+Signatures 'cacert-fingerprint.asc' and 'cacert-gpg-fingerprint.asc'
+are taken from http://www.cacert.org/index.php?id=3 WEB page:
+============================================================
+
+GPG Key ID: 0x65D0FD58
+Fingerprint: A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
+
+PKI fingerprint signed by the CAcert GPG Key
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+For most software, the fingerprint is reported as:
+A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B
+
+Under MSIE the thumbprint is reported as:
+135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.2 (GNU/Linux)
+
+iD8DBQE/VtRZ0rsNAWXQ/VgRAphfAJ9jh6TKBDexG0NTTUHvdNuf6O9RuQCdE5kD
+Mch2LMZhK4h/SBIft5ROzVU=
+=R/pJ
+-----END PGP SIGNATURE-----
+
+
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA)
+ Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
+sub 2048g/113ED0F2 2003-07-11 [expires: 2033-07-03]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.5 (GNU/Linux)
+
+iD8DBQFCEDLN0rsNAWXQ/VgRArhhAJ9EY1TJOzsVVuy2lL98CoKL0vnJjQCfbdBk
+TG1yj+lkktROGGyn0hJ5SbM=
+=tXoj
+-----END PGP SIGNATURE-----
diff --git a/packages/n/ca-certificates/cacert.org/sign/cacert-fingerprint.txt b/packages/n/ca-certificates/cacert.org/sign/cacert-fingerprint.txt
new file mode 100644
index 0000000..5b0a358
--- /dev/null
+++ b/packages/n/ca-certificates/cacert.org/sign/cacert-fingerprint.txt
@@ -0,0 +1,15 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+For most software, the fingerprint is reported as:
+A6:1B:37:5E:39:0D:9C:36:54:EE:BD:20:31:46:1F:6B
+
+Under MSIE the thumbprint is reported as:
+135C EC36 F49C B8E9 3B1A B270 CD80 8846 76CE 8F33
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.2 (GNU/Linux)
+
+iD8DBQE/VtRZ0rsNAWXQ/VgRAphfAJ9jh6TKBDexG0NTTUHvdNuf6O9RuQCdE5kD
+Mch2LMZhK4h/SBIft5ROzVU=
+=R/pJ
+-----END PGP SIGNATURE-----
diff --git a/packages/n/ca-certificates/cacert.org/sign/cacert-gpg-fingerprint.txt b/packages/n/ca-certificates/cacert.org/sign/cacert-gpg-fingerprint.txt
new file mode 100644
index 0000000..33d2868
--- /dev/null
+++ b/packages/n/ca-certificates/cacert.org/sign/cacert-gpg-fingerprint.txt
@@ -0,0 +1,13 @@
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
+pub 1024D/65D0FD58 2003-07-11 CA Cert Signing Authority (Root CA)
+ Key fingerprint = A31D 4F81 EF4E BD07 B456 FA04 D2BB 0D01 65D0 FD58
+sub 2048g/113ED0F2 2003-07-11 [expires: 2033-07-03]
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.2.5 (GNU/Linux)
+
+iD8DBQFCEDLN0rsNAWXQ/VgRArhhAJ9EY1TJOzsVVuy2lL98CoKL0vnJjQCfbdBk
+TG1yj+lkktROGGyn0hJ5SbM=
+=tXoj
+-----END PGP SIGNATURE-----
diff --git a/packages/n/ca-certificates/debian/Makefile b/packages/n/ca-certificates/debian/Makefile
new file mode 100644
index 0000000..293f041
--- /dev/null
+++ b/packages/n/ca-certificates/debian/Makefile
@@ -0,0 +1,56 @@
+#
+# Project Home:
+# ============
+# https://packages.debian.org/sid/ca-certificates
+#
+# Downloads:
+# =========
+# https://deb.debian.org/debian/pool/main/c/ca-certificates
+# https://ftp.debian.org/debian/pool/main/c/ca-certificates/
+#
+
+url = https://ftp.debian.org/debian/pool/main/c/ca-certificates
+
+versions = 20190110 20210119 20211016
+
+pkgname = ca-certificates
+suffix = tar.xz
+
+tarballs = $(addsuffix .$(suffix), $(addprefix $(pkgname)_, $(versions)))
+sha1s = $(addsuffix .sha1sum, $(tarballs))
+descriptions = $(addsuffix .dsc, $(addprefix $(pkgname)_, $(versions)))
+
+files = $(descriptions)
+
+all: $(tarballs) $(files) $(sha1s)
+
+.PHONY: downloads_clean
+
+
+$(tarballs):
+ @echo -e "\n======= Downloading source tarball =======\n"
+ @for tarball in $(tarballs) ; do \
+ wget -N $(url)/$${tarball} ; \
+ version=`echo $${tarball} | sed 's,$(pkgname)_,,' | sed 's,\.$(suffix),,'` ; \
+ if [ "$${version}" -ge "20210119" ] ; then \
+ tar xJf $(pkgname)_$${version}.$(suffix) ; \
+ mv work $(pkgname)-$${version} ; \
+ tar cJf $(pkgname)_$${version}.$(suffix) $(pkgname)-$${version} ; \
+ rm -rf $(pkgname)-$${version} ; \
+ fi ; \
+ done
+
+$(files): $(tarballs)
+ @echo -e "\n======= Downloading patch and description =======\n"
+ @for file in $(files) ; do \
+ wget -N $(url)/$${file} ; \
+ done
+
+$(sha1s): %.$(suffix).sha1sum : %.$(suffix)
+ @for tarball in $< ; do \
+ echo -e "\n======= Calculation the '$${tarball}' sha1sum =======\n" ; \
+ sha1sum --binary $${tarball} > $${tarball}.sha1sum ; \
+ done
+
+downloads_clean:
+ @rm -rf $(tarballs) $(files) $(sha1s)
diff --git a/packages/n/ca-certificates/mozilla/Makefile b/packages/n/ca-certificates/mozilla/Makefile
new file mode 100644
index 0000000..2fe8690
--- /dev/null
+++ b/packages/n/ca-certificates/mozilla/Makefile
@@ -0,0 +1,39 @@
+#
+# Project Home:
+# ============
+# Repo: https://hg.mozilla.org/mozilla-central/file
+# Path: https://hg.mozilla.org/mozilla-central/file/tip/security/nss/lib/ckfw/builtins
+#
+# Downloads:
+# =========
+# https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
+# https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/nssckbi.h
+#
+
+url = https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins
+
+version = $(shell echo `date +%Y%m%d`)
+pkgname = mozilla-certs
+suffix = tar.xz
+
+tarball = $(addsuffix .$(suffix), $(addprefix $(pkgname)-, $(version)))
+sha1s = $(addsuffix .sha1sum, $(tarball))
+
+
+all: $(tarball) $(sha1s)
+
+.PHONY: downloads_clean
+
+$(tarball):
+ @echo -e "\n======= Downloading source tarballs =======\n"
+ @wget -N $(url)/certdata.txt
+ @wget -N $(url)/nssckbi.h
+ @tar cJvf $(tarball) certdata.txt nssckbi.h
+ @rm -f certdata.txt nssckbi.h
+
+$(sha1s): $(tarball)
+ @echo -e "\n======= Calculation the '$(tarball)' sha1sum =======\n"
+ @sha1sum --binary $(tarball) > $(tarball).sha1sum ; \
+
+downloads_clean:
+ @rm -rf $(pkgname)-*$(suffix) $(pkgname)-*$(suffix).sha1sum
diff --git a/packages/n/ca-certificates/spi-inc.org/Makefile b/packages/n/ca-certificates/spi-inc.org/Makefile
new file mode 100644
index 0000000..a2ca1ae
--- /dev/null
+++ b/packages/n/ca-certificates/spi-inc.org/Makefile
@@ -0,0 +1,41 @@
+
+cacert_home = http://www.spi-inc.org/ca
+cacert_url = http://www.spi-inc.org/ca
+cacert_files = spi-cacert.crt
+
+signature = spi-cacert.fingerprint.txt
+
+tarball = spi-inc.tar.xz
+suffix = $(shell echo $(tarball) | cut -f 2,3 -d '.')
+sha1s = $(addsuffix .sha1sum, $(tarball))
+
+files = $(cacert_files) $(signature)
+
+all: $(tarball) $(sha1s)
+
+.PHONY: verify downloads_clean
+
+
+$(files):
+ @echo -e "\n======= Downloading cacert.org certificates =======\n"
+ @for file in $(files) ; do \
+ wget -N $(cacert_url)/$$file ; \
+ done
+
+$(tarball): $(files)
+ @( directory=`echo $(tarball) | cut -f 1 -d '.'` ; \
+ mkdir -p $$directory ; \
+ cp -a *.crt *.txt $$directory ; \
+ tar cJvf $(tarball) $$directory ; \
+ rm -rf $$directory ; \
+ rm -f *.crt *.txt ; \
+ )
+
+$(sha1s): %.$(suffix).sha1sum : %.$(suffix)
+ @for tarball in $< ; do \
+ echo -e "\n======= Calculation the '$$tarball' sha1sum =======\n" ; \
+ sha1sum --binary $$tarball > $$tarball.sha1sum ; \
+ done
+
+downloads_clean:
+ @rm -f $(tarball) $(sha1s) *.crt *.txt