Re: [new] security/paperkey

On 2023/03/03 20:01:49 +0300, Mikhail <mp39590@gmail.com> wrote:
> This port makes suitable for printing backups of gnupg private keys, the
> format of the default backup file is:
>
> 1: 00 04 14 7A 2E F2 2E 5C CA 00 F5 C4 D9 3C A9 83 EF F8 7C 2A 54 4B ADF25B
> 2: 03 CB 00 0B FF 51 E2 FE 8B 9B 51 EC BA E5 02 7D A2 FB 55 DC C0 63 0EB985
> 3: 7C AE 4E 44 B9 82 0A 46 23 8F E0 87 A1 FC C9 62 9D 6D FA 07 53 11 41FCBB
> 4: 7B 11 DC 9B 13 EB CD C2 15 1A 11 0A 69 72 71 0B 2C 75 6B 48 74 C4 12D73F
> [...]
>
> It's bytes with CRC at the end, a person can OCR it or ask the
> program for raw ouput, which (as the homepage says) can be feed to QR
> generation.
>
> Comparing to printing and OCR'ing armored private keys from gpg I see
> CRC checksums as advantage, with which the software can give you useful
> hints like this:
>
> CRC on line 1 does not match (AAAAAA!=BBBBBB)
>
> Comment:
> gpg private key backups, suitable for printing
>
> Description:
> Due to metadata and redundancy, OpenPGP secret keys are significantly larger
> than just the "secret bits". The secret key contains a complete copy of the
> public key. Since the public key generally doesn't need to be escrowed, only
> archiving the secret parts can be a real advantage.
>
> Paperkey extracts just those secret bytes and prints them. To reconstruct, you
> re-enter those bytes (whether by hand, OCR, QR code, or the like) and paperkey
> can use them to transform your existing public key into a secret key.
>
> Maintainer: The OpenBSD ports mailing-list <ports@openbsd.org>
>
> WWW: http://www.jabberwocky.com/software/paperkey/

few nits on the Makefile:

- please use https:// for the HOMEPAGE
- it's actually GPLv2+ (not *that* important)
- I'd avoid setting SEPARATE_BUILD for autotools, it doesn't gain
anything really.

less important, but I'd also reword the COMMENT to something along the
lines of "OpenPGP private key backup utility suitable for printing".

Otherwise it looks good to me; ok op@ to import it