Commit | Line | Data |
---|---|---|
6036453f LC |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org> | |
58c5fb76 | 3 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
a6b256af | 4 | ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org> |
58fdab1d | 5 | ;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com> |
e84eb77a | 6 | ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> |
a0e63ce4 | 7 | ;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> |
53471636 | 8 | ;;; Copyright © 2017, 2019 Ricardo Wurmus <rekado@elephly.net> |
404037f8 | 9 | ;;; Copyright © 2018, 2019 Chris Marusich <cmmarusich@gmail.com> |
fab8a9f9 | 10 | ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net> |
6036453f LC |
11 | ;;; |
12 | ;;; This file is part of GNU Guix. | |
13 | ;;; | |
14 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
15 | ;;; under the terms of the GNU General Public License as published by | |
16 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
17 | ;;; your option) any later version. | |
18 | ;;; | |
19 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
20 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | ;;; GNU General Public License for more details. | |
23 | ;;; | |
24 | ;;; You should have received a copy of the GNU General Public License | |
25 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
26 | ||
f9c33960 | 27 | (define-module (gnu packages security-token) |
6036453f | 28 | #:use-module (gnu packages) |
07b1fb86 | 29 | #:use-module ((guix licenses) #:prefix license:) |
6036453f LC |
30 | #:use-module (guix packages) |
31 | #:use-module (guix download) | |
5297e975 | 32 | #:use-module (guix gexp) |
13151c32 | 33 | #:use-module (guix git-download) |
6036453f | 34 | #:use-module (guix build-system gnu) |
e84eb77a | 35 | #:use-module (guix build-system glib-or-gtk) |
404037f8 | 36 | #:use-module (guix build-system python) |
e84eb77a | 37 | #:use-module (gnu packages autotools) |
53471636 | 38 | #:use-module (gnu packages base) |
a6b256af | 39 | #:use-module (gnu packages curl) |
ba8d8820 | 40 | #:use-module (gnu packages check) |
a6706f30 | 41 | #:use-module (gnu packages docbook) |
ba8d8820 | 42 | #:use-module (gnu packages documentation) |
5297e975 | 43 | #:use-module (gnu packages dns) |
e84eb77a | 44 | #:use-module (gnu packages gettext) |
ba8d8820 | 45 | #:use-module (gnu packages graphviz) |
e84eb77a | 46 | #:use-module (gnu packages gtk) |
58fdab1d | 47 | #:use-module (gnu packages libusb) |
a6b256af | 48 | #:use-module (gnu packages linux) |
6036453f | 49 | #:use-module (gnu packages man) |
e84eb77a TD |
50 | #:use-module (gnu packages networking) |
51 | #:use-module (gnu packages cyrus-sasl) | |
aa3ad4b1 | 52 | #:use-module (gnu packages popt) |
a6706f30 | 53 | #:use-module (gnu packages readline) |
e84eb77a | 54 | #:use-module (gnu packages tls) |
ba8d8820 | 55 | #:use-module (gnu packages tex) |
a6b256af | 56 | #:use-module (gnu packages perl) |
e84eb77a | 57 | #:use-module (gnu packages pkg-config) |
404037f8 | 58 | #:use-module (gnu packages python) |
5297e975 CM |
59 | #:use-module (gnu packages python-crypto) |
60 | #:use-module (gnu packages python-xyz) | |
404037f8 | 61 | #:use-module (gnu packages swig) |
a5523942 | 62 | #:use-module (gnu packages web) |
e84eb77a | 63 | #:use-module (gnu packages xml)) |
6036453f | 64 | |
58fdab1d MB |
65 | (define-public ccid |
66 | (package | |
67 | (name "ccid") | |
da926c25 | 68 | (version "1.4.31") |
58fdab1d MB |
69 | (source (origin |
70 | (method url-fetch) | |
71 | (uri (string-append | |
01c6607a TGR |
72 | "https://ccid.apdu.fr/files/" |
73 | name "-" version ".tar.bz2")) | |
58fdab1d MB |
74 | (sha256 |
75 | (base32 | |
da926c25 | 76 | "1xz8ikr6vk73w3xnwb931yq8lqc1zrj8c3v34n6h63irwjvdfj3b")))) |
58fdab1d MB |
77 | (build-system gnu-build-system) |
78 | (arguments | |
79 | `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output | |
80 | "/pcsc/drivers")) | |
81 | #:phases | |
82 | (modify-phases %standard-phases | |
83 | (add-after 'unpack 'patch-Makefile | |
84 | (lambda _ | |
85 | (substitute* "src/Makefile.in" | |
86 | (("/bin/echo") (which "echo"))) | |
87 | #t))))) | |
88 | (native-inputs | |
84c7fbfd | 89 | `(("pcsc-lite" ,pcsc-lite) ; only required for headers |
fab8a9f9 | 90 | ("perl" ,perl) |
58fdab1d MB |
91 | ("pkg-config" ,pkg-config))) |
92 | (inputs | |
fab8a9f9 | 93 | `(("libusb" ,libusb))) |
01c6607a | 94 | (home-page "https://ccid.apdu.fr/") |
58fdab1d MB |
95 | (synopsis "PC/SC driver for USB smart card devices") |
96 | (description | |
97 | "This package provides a PC/SC IFD handler implementation for devices | |
98 | compliant with the CCID and ICCD protocols. It supports a wide range of | |
99 | readers and is needed to communicate with such devices through the | |
100 | @command{pcscd} resource manager.") | |
101 | (license license:lgpl2.1+))) | |
102 | ||
e84eb77a TD |
103 | (define-public eid-mw |
104 | (package | |
105 | (name "eid-mw") | |
51058cb2 | 106 | (version "4.4.23") |
13151c32 TGR |
107 | (source |
108 | (origin | |
109 | (method git-fetch) | |
110 | (uri (git-reference | |
111 | (url "https://github.com/Fedict/eid-mw") | |
112 | (commit (string-append "v" version)))) | |
4fdad3ed | 113 | (file-name (git-file-name name version)) |
13151c32 | 114 | (sha256 |
51058cb2 | 115 | (base32 "0kf147zxsp5ilghr46hjxa2nsikhv8198n04q81qzn9zln69av04")))) |
e84eb77a | 116 | (build-system glib-or-gtk-build-system) |
74a83085 | 117 | (native-inputs |
e84eb77a TD |
118 | `(("autoconf" ,autoconf) |
119 | ("automake" ,automake) | |
120 | ("gettext" ,gnu-gettext) | |
121 | ("libtool" ,libtool) | |
122 | ("pkg-config" ,pkg-config) | |
123 | ("perl" ,perl))) | |
124 | (inputs | |
125 | `(("curl" ,curl) | |
126 | ("openssl" ,openssl) | |
127 | ("gtk+" ,gtk+) | |
128 | ("pcsc-lite" ,pcsc-lite) | |
129 | ("p11-kit" ,p11-kit) | |
130 | ("libproxy" ,libproxy) | |
131 | ("libxml2" ,libxml2) | |
132 | ("cyrus-sasl" ,cyrus-sasl))) | |
133 | (arguments | |
134 | `(#:phases | |
135 | (modify-phases %standard-phases | |
080093ff TGR |
136 | (add-after 'unpack 'bootstrap |
137 | (lambda _ | |
138 | ;; configure.ac relies on ‘git --describe’ to get the version. | |
139 | ;; Patch it to just return the real version number directly. | |
140 | (substitute* "scripts/build-aux/genver.sh" | |
141 | (("/bin/sh") (which "sh")) | |
249deec9 | 142 | (("^(GITDESC=).*" match) (string-append match ,version "\n"))) |
080093ff | 143 | (invoke "sh" "./bootstrap.sh")))))) |
e84eb77a TD |
144 | (synopsis "Belgian eID Middleware") |
145 | (description "The Belgian eID Middleware is required to authenticate with | |
146 | online services using the Belgian electronic identity card.") | |
147 | (home-page "https://github.com/Fedict/eid-mw") | |
148 | (license license:lgpl3))) | |
149 | ||
6036453f LC |
150 | (define-public libyubikey |
151 | (package | |
152 | (name "libyubikey") | |
58c5fb76 | 153 | (version "1.13") |
6036453f LC |
154 | (source (origin |
155 | (method url-fetch) | |
156 | (uri (string-append | |
157 | "https://developers.yubico.com/yubico-c/Releases/" | |
158 | name "-" version ".tar.gz")) | |
159 | (sha256 | |
160 | (base32 | |
58c5fb76 | 161 | "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84")))) |
6036453f LC |
162 | (build-system gnu-build-system) |
163 | (synopsis "Development kit for the YubiKey authentication device") | |
164 | (description | |
165 | "This package contains a C library and command-line tools that make up | |
166 | the low-level development kit for the Yubico YubiKey authentication device.") | |
167 | (home-page "https://developers.yubico.com/yubico-c/") | |
07b1fb86 | 168 | (license license:bsd-2))) |
6036453f | 169 | |
a6b256af MG |
170 | (define-public pcsc-lite |
171 | (package | |
172 | (name "pcsc-lite") | |
a0e63ce4 | 173 | (version "1.8.26") |
a6b256af MG |
174 | (source (origin |
175 | (method url-fetch) | |
b256ab50 TGR |
176 | (uri (string-append "https://pcsclite.apdu.fr/files/" |
177 | "pcsc-lite-" version ".tar.bz2")) | |
a6b256af MG |
178 | (sha256 |
179 | (base32 | |
a0e63ce4 | 180 | "1ndvvz0fgqwz70pijymsxmx25mzryb0zav1i8jjc067ndryvxdry")))) |
a6b256af MG |
181 | (build-system gnu-build-system) |
182 | (arguments | |
972fa870 MB |
183 | `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers" |
184 | "--disable-libsystemd"))) | |
a6b256af MG |
185 | (native-inputs |
186 | `(("perl" ,perl) ; for pod2man | |
187 | ("pkg-config" ,pkg-config))) | |
188 | (inputs | |
189 | `(("libudev" ,eudev))) | |
01c6607a | 190 | (home-page "https://pcsclite.apdu.fr/") |
a6b256af MG |
191 | (synopsis "Middleware to access a smart card using PC/SC") |
192 | (description | |
193 | "pcsc-lite provides an interface to communicate with smartcards and | |
194 | readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon | |
195 | from a client application and provide access to the desired reader.") | |
196 | (license (list license:bsd-3 ; pcsc-lite | |
a6b256af MG |
197 | license:isc ; src/strlcat.c src/strlcpy.c |
198 | license:gpl3+)))) ; src/spy/* | |
199 | ||
6036453f LC |
200 | (define-public ykclient |
201 | (package | |
202 | (name "ykclient") | |
f6b1a8f7 | 203 | (version "2.15") |
6036453f LC |
204 | (source (origin |
205 | (method url-fetch) | |
206 | (uri (string-append | |
207 | "https://developers.yubico.com/yubico-c-client/Releases/" | |
208 | name "-" version ".tar.gz")) | |
209 | (sha256 | |
210 | (base32 | |
f6b1a8f7 | 211 | "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl")))) |
6036453f LC |
212 | (build-system gnu-build-system) |
213 | ||
214 | ;; There's just one test, and it requires network access to access | |
215 | ;; yubico.com, so skip it. | |
216 | (arguments '(#:tests? #f)) | |
217 | ||
218 | (native-inputs `(("pkg-config" ,pkg-config) | |
219 | ("help2man" ,help2man))) | |
220 | (inputs `(("curl" ,curl))) | |
221 | (synopsis "C library to validate one-time-password YubiKeys") | |
222 | (description | |
223 | "YubiKey C Client Library (libykclient) is a C library used to validate a | |
224 | one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico | |
225 | website for more information about Yubico and the YubiKey.") | |
226 | (home-page "https://developers.yubico.com/yubico-c-client/") | |
07b1fb86 | 227 | (license license:bsd-2))) |
a6706f30 CM |
228 | |
229 | (define-public opensc | |
230 | (package | |
231 | (name "opensc") | |
508d5c5f | 232 | (version "0.19.0") |
a6706f30 CM |
233 | (source (origin |
234 | (method url-fetch) | |
235 | (uri (string-append | |
236 | "https://github.com/OpenSC/OpenSC/releases/download/" | |
237 | version "/opensc-" version ".tar.gz")) | |
238 | (sha256 | |
239 | (base32 | |
508d5c5f | 240 | "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic")))) |
a6706f30 CM |
241 | (build-system gnu-build-system) |
242 | (arguments | |
243 | `(#:phases | |
244 | (modify-phases %standard-phases | |
245 | ;; By setting an absolute path here, we arrange for OpenSC to | |
246 | ;; successfully dlopen libpcsclite.so.1 by default. The user can | |
247 | ;; still override this if they want to, by specifying a custom OpenSC | |
248 | ;; configuration file at runtime. | |
249 | (add-after 'unpack 'set-default-libpcsclite.so.1-path | |
250 | (lambda* (#:key inputs #:allow-other-keys) | |
251 | (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite") | |
252 | "/lib/libpcsclite.so.1"))) | |
253 | (substitute* "configure" | |
254 | (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"") | |
255 | (string-append | |
256 | "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\""))) | |
bfd99572 | 257 | #t)))))) |
a6706f30 CM |
258 | (inputs |
259 | `(("readline" ,readline) | |
260 | ("openssl" ,openssl) | |
261 | ("pcsc-lite" ,pcsc-lite) | |
262 | ("ccid" ,ccid))) | |
263 | (native-inputs | |
264 | `(("libxslt" ,libxslt) | |
265 | ("docbook-xsl" ,docbook-xsl) | |
266 | ("pkg-config" ,pkg-config))) | |
267 | (home-page "https://github.com/OpenSC/OpenSC/wiki") | |
268 | (synopsis "Tools and libraries related to smart cards") | |
269 | (description | |
270 | "OpenSC is a set of software tools and libraries to work with smart | |
271 | cards, with the focus on smart cards with cryptographic capabilities. OpenSC | |
272 | facilitate the use of smart cards in security applications such as | |
273 | authentication, encryption and digital signatures. OpenSC implements the PKCS | |
274 | #15 standard and the PKCS #11 API.") | |
275 | (license license:lgpl2.1+))) | |
ba8d8820 CM |
276 | |
277 | (define-public yubico-piv-tool | |
278 | (package | |
279 | (name "yubico-piv-tool") | |
574e2ee8 | 280 | (version "1.6.1") |
ba8d8820 CM |
281 | (source (origin |
282 | (method url-fetch) | |
283 | (uri (string-append | |
284 | "https://developers.yubico.com/yubico-piv-tool/Releases/" | |
285 | name "-" version ".tar.gz")) | |
286 | (sha256 | |
287 | (base32 | |
574e2ee8 | 288 | "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi")))) |
ba8d8820 CM |
289 | (build-system gnu-build-system) |
290 | (inputs | |
aa3ad4b1 MB |
291 | `(("gengetopt" ,gengetopt) |
292 | ("perl" ,perl) | |
ba8d8820 CM |
293 | ("pcsc-lite" ,pcsc-lite) |
294 | ("openssl" ,openssl))) | |
295 | (native-inputs | |
296 | `(("doxygen" ,doxygen) | |
297 | ("graphviz" ,graphviz) | |
aa3ad4b1 | 298 | ("help2man" ,help2man) |
ba8d8820 CM |
299 | ("check" ,check) |
300 | ("texlive-bin" ,texlive-bin) | |
301 | ("pkg-config" ,pkg-config))) | |
302 | (home-page "https://developers.yubico.com/yubico-piv-tool/") | |
303 | (synopsis "Interact with the PIV application on a YubiKey") | |
304 | (description | |
305 | "The Yubico PIV tool is used for interacting with the Privilege and | |
306 | Identification Card (PIV) application on a YubiKey. With it you may generate | |
307 | keys on the device, import keys and certificates, create certificate requests, | |
308 | and other operations. It includes a library and a command-line tool.") | |
309 | ;; The file ykcs11/pkcs11.h also declares an additional, very short free | |
310 | ;; license for that one file. Please see it for details. The vast | |
311 | ;; majority of files are licensed under bsd-2. | |
312 | (license license:bsd-2))) | |
a5523942 CM |
313 | |
314 | (define-public yubikey-personalization | |
315 | (package | |
316 | (name "yubikey-personalization") | |
a9203c23 | 317 | (version "1.19.3") |
a5523942 CM |
318 | (source (origin |
319 | (method url-fetch) | |
320 | (uri (string-append | |
321 | "https://developers.yubico.com/" name | |
322 | "/Releases/ykpers-" version ".tar.gz")) | |
323 | (sha256 | |
324 | (base32 | |
a9203c23 | 325 | "0jhvnavjrpwzmmjcw486df5s48j53njqgyz36yz3dskbaz3kwlfr")))) |
a5523942 CM |
326 | (build-system gnu-build-system) |
327 | (arguments | |
328 | '(#:configure-flags (list (string-append "--with-udevrulesdir=" | |
329 | (assoc-ref %outputs "out") | |
330 | "/lib/udev/rules.d")))) | |
331 | (inputs | |
332 | `(("json-c" ,json-c) | |
333 | ("libusb" ,libusb) | |
334 | ;; The library "libyubikey" is also known as "yubico-c". | |
335 | ("libyubikey" ,libyubikey))) | |
336 | (native-inputs | |
337 | `(("pkg-config" ,pkg-config) | |
338 | ("eudev" ,eudev))) | |
339 | (home-page "https://developers.yubico.com/yubikey-personalization/") | |
340 | (synopsis "Library and tools to personalize YubiKeys") | |
341 | (description | |
342 | "The YubiKey Personalization package contains a C library and command | |
343 | line tools for personalizing YubiKeys. You can use these to set an AES key, | |
344 | retrieve a YubiKey's serial number, and so forth.") | |
345 | (license license:bsd-2))) | |
404037f8 CM |
346 | |
347 | (define-public python-pyscard | |
348 | (package | |
349 | (name "python-pyscard") | |
8a8e4491 | 350 | (version "1.9.9") |
404037f8 CM |
351 | (source (origin |
352 | (method url-fetch) | |
353 | ;; The maintainer publishes releases on various sites, but | |
354 | ;; SourceForge is apparently the only one with a signed release. | |
355 | (uri (string-append | |
356 | "mirror://sourceforge/pyscard/pyscard/pyscard%20" | |
357 | version "/pyscard-" version ".tar.gz")) | |
358 | (sha256 | |
359 | (base32 | |
8a8e4491 | 360 | "082cjkbxadaz2jb4rbhr0mkrirzlqyqhcf3r823qb0q1k50ybgg6")))) |
404037f8 CM |
361 | (build-system python-build-system) |
362 | (arguments | |
363 | `(#:phases | |
364 | (modify-phases %standard-phases | |
365 | ;; Tell pyscard where to find the PCSC include directory. | |
366 | (add-after 'unpack 'patch-platform-include-dirs | |
367 | (lambda* (#:key inputs #:allow-other-keys) | |
368 | (let ((pcsc-include-dir (string-append | |
369 | (assoc-ref inputs "pcsc-lite") | |
370 | "/include/PCSC"))) | |
371 | (substitute* "setup.py" | |
372 | (("platform_include_dirs = \\[.*?\\]") | |
373 | (string-append | |
374 | "platform_include_dirs = ['" pcsc-include-dir "']"))) | |
375 | #t))) | |
376 | ;; pyscard wants to dlopen libpcsclite, so tell it where it is. | |
377 | (add-after 'unpack 'patch-dlopen | |
378 | (lambda* (#:key inputs #:allow-other-keys) | |
379 | (substitute* "smartcard/scard/winscarddll.c" | |
380 | (("lib = \"libpcsclite\\.so\\.1\";") | |
381 | (simple-format #f | |
382 | "lib = \"~a\";" | |
383 | (string-append (assoc-ref inputs "pcsc-lite") | |
384 | "/lib/libpcsclite.so.1")))) | |
385 | #t))))) | |
386 | (inputs | |
387 | `(("pcsc-lite" ,pcsc-lite))) | |
388 | (native-inputs | |
389 | `(("swig" ,swig))) | |
390 | (home-page "https://github.com/LudovicRousseau/pyscard") | |
391 | (synopsis "Smart card library for Python") | |
392 | (description | |
393 | "The pyscard smart card library is a framework for building smart card | |
394 | aware applications in Python. The smart card module is built on top of the | |
395 | PCSC API Python wrapper module.") | |
396 | (license license:lgpl2.1+))) | |
397 | ||
398 | (define-public python2-pyscard | |
399 | (package-with-python2 python-pyscard)) | |
5f7d151c CM |
400 | |
401 | (define-public libu2f-host | |
402 | (package | |
403 | (name "libu2f-host") | |
b8ae2e9e | 404 | (version "1.1.10") |
5f7d151c CM |
405 | (source (origin |
406 | (method url-fetch) | |
407 | (uri | |
408 | (string-append | |
409 | "https://developers.yubico.com" | |
410 | "/libu2f-host/Releases/libu2f-host-" version ".tar.xz")) | |
411 | (sha256 | |
412 | (base32 | |
b8ae2e9e | 413 | "0vrivl1dwql6nfi48z6dy56fwy2z13d7abgahgrs2mcmqng7hra2")))) |
5f7d151c CM |
414 | (build-system gnu-build-system) |
415 | (arguments | |
416 | `(#:configure-flags | |
417 | (list "--enable-gtk-doc" | |
418 | (string-append "--with-udevrulesdir=" | |
419 | (assoc-ref %outputs "out") | |
420 | "/lib/udev/rules.d")) | |
421 | #:phases | |
422 | (modify-phases %standard-phases | |
423 | (add-after 'unpack 'patch-docbook-xml | |
424 | (lambda* (#:key inputs #:allow-other-keys) | |
425 | ;; Avoid a network connection attempt during the build. | |
426 | (substitute* "gtk-doc/u2f-host-docs.xml" | |
427 | (("http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd") | |
428 | (string-append (assoc-ref inputs "docbook-xml") | |
429 | "/xml/dtd/docbook/docbookx.dtd"))) | |
430 | #t))))) | |
431 | (inputs | |
432 | `(("json-c" ,json-c) | |
433 | ("hidapi" ,hidapi))) | |
434 | (native-inputs | |
435 | `(("help2man" ,help2man) | |
436 | ("gengetopt" ,gengetopt) | |
437 | ("pkg-config" ,pkg-config) | |
438 | ("gtk-doc" ,gtk-doc) | |
439 | ("docbook-xml" ,docbook-xml-4.3) | |
440 | ("eudev" ,eudev))) | |
441 | (home-page "https://developers.yubico.com/libu2f-host/") | |
442 | ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side". | |
443 | (synopsis "U2F host-side C library and tool") | |
444 | (description | |
445 | "Libu2f-host provides a C library and command-line tool that implements | |
446 | the host-side of the Universal 2nd Factor (U2F) protocol. There are APIs to | |
447 | talk to a U2F device and perform the U2F Register and U2F Authenticate | |
448 | operations.") | |
449 | ;; Most files are LGPLv2.1+, but some files are GPLv3+. | |
450 | (license (list license:lgpl2.1+ license:gpl3+)))) | |
5297e975 | 451 | |
53471636 RW |
452 | (define-public libu2f-server |
453 | (package | |
454 | (name "libu2f-server") | |
455 | (version "1.1.0") | |
456 | (source (origin | |
457 | (method git-fetch) | |
458 | (uri | |
459 | (git-reference | |
460 | (url "https://github.com/Yubico/libu2f-server.git") | |
461 | (commit (string-append "libu2f-server-" version)))) | |
462 | (file-name (git-file-name name version)) | |
463 | (sha256 | |
464 | (base32 | |
465 | "1nmsfq372zza5y6j13ydincjf324bwfcjg950vykh166xkp6wiic")))) | |
466 | (build-system gnu-build-system) | |
467 | (arguments | |
468 | `(#:configure-flags | |
469 | (list "--enable-gtk-doc" | |
470 | "--enable-tests"))) | |
471 | (inputs | |
472 | `(("json-c" ,json-c) | |
473 | ("libressl" ,libressl))) | |
474 | (native-inputs | |
475 | `(("autoconf" ,autoconf) | |
476 | ("automake" ,automake) | |
477 | ("libtool" ,libtool) | |
478 | ("check" ,check) | |
479 | ("gengetopt" ,gengetopt) | |
480 | ("help2man" ,help2man) | |
481 | ("pkg-config" ,pkg-config) | |
482 | ("gtk-doc" ,gtk-doc) | |
483 | ("which" ,which))) | |
484 | (home-page "https://developers.yubico.com/libu2f-server/") | |
485 | ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side". | |
486 | (synopsis "U2F server-side C library") | |
487 | (description | |
488 | "This is a C library that implements the server-side of the | |
489 | @dfn{Universal 2nd Factor} (U2F) protocol. More precisely, it provides an API | |
490 | for generating the JSON blobs required by U2F devices to perform the U2F | |
491 | Registration and U2F Authentication operations, and functionality for | |
492 | verifying the cryptographic operations.") | |
493 | (license license:bsd-2))) | |
494 | ||
40645ebb RW |
495 | (define-public pam-u2f |
496 | (package | |
497 | (name "pam-u2f") | |
498 | (version "1.0.8") | |
499 | (source (origin | |
500 | (method git-fetch) | |
501 | (uri | |
502 | (git-reference | |
503 | (url "https://github.com/Yubico/pam-u2f.git") | |
504 | (commit (string-append "pam_u2f-" version)))) | |
505 | (file-name (git-file-name name version)) | |
506 | (sha256 | |
507 | (base32 | |
508 | "04d9davyi33gqbvga1rvh9fijp6f16mx2xmnn4n61rnhcn2jac98")))) | |
509 | (build-system gnu-build-system) | |
510 | (arguments | |
511 | `(#:configure-flags | |
512 | (list (string-append "--with-pam-dir=" | |
513 | (assoc-ref %outputs "out") "/lib/security")))) | |
514 | (inputs | |
515 | `(("libu2f-host" ,libu2f-host) | |
516 | ("libu2f-server" ,libu2f-server) | |
517 | ("linux-pam" ,linux-pam))) | |
518 | (native-inputs | |
519 | `(("autoconf" ,autoconf) | |
520 | ("automake" ,automake) | |
521 | ("libtool" ,libtool) | |
522 | ("asciidoc" ,asciidoc) | |
523 | ("pkg-config" ,pkg-config))) | |
524 | (home-page "https://developers.yubico.com/pam-u2f/") | |
525 | (synopsis "PAM module for U2F authentication") | |
526 | (description | |
527 | "This package provides a module implementing PAM over U2F, providing an | |
528 | easy way to integrate the YubiKey (or other U2F compliant authenticators) into | |
529 | your existing infrastructure.") | |
530 | (license license:bsd-2))) | |
531 | ||
5297e975 CM |
532 | (define-public python-fido2 |
533 | (package | |
534 | (name "python-fido2") | |
535 | (version "0.5.0") | |
536 | (source (origin | |
537 | (method url-fetch) | |
538 | (uri | |
539 | (string-append | |
540 | "https://github.com/Yubico/python-fido2/releases/download/" | |
541 | version "/fido2-" version ".tar.gz")) | |
542 | (sha256 | |
543 | (base32 | |
544 | "1pl8d2pr6jzqj4y9qiaddhjgnl92kikjxy0bgzm2jshkzzic8mp3")) | |
545 | (snippet | |
546 | ;; Remove bundled dependency. | |
547 | #~(delete-file "fido2/public_suffix_list.dat")))) | |
548 | (build-system python-build-system) | |
549 | (arguments | |
550 | `(#:phases | |
551 | (modify-phases %standard-phases | |
552 | (add-after 'unpack 'install-public-suffix-list | |
553 | (lambda* (#:key inputs #:allow-other-keys) | |
554 | (copy-file | |
555 | (string-append (assoc-ref inputs "public-suffix-list") | |
556 | "/share/public-suffix-list-" | |
557 | ,(package-version public-suffix-list) | |
558 | "/public_suffix_list.dat") | |
559 | "fido2/public_suffix_list.dat") | |
560 | #t))))) | |
561 | (propagated-inputs | |
562 | `(("python-cryptography" ,python-cryptography) | |
563 | ("python-six" ,python-six))) | |
564 | (native-inputs | |
565 | `(("python-mock" ,python-mock) | |
566 | ("python-pyfakefs" ,python-pyfakefs) | |
567 | ("public-suffix-list" ,public-suffix-list))) | |
568 | (home-page "https://github.com/Yubico/python-fido2") | |
569 | (synopsis "Python library for communicating with FIDO devices over USB") | |
570 | (description | |
571 | "This Python library provides functionality for communicating with a Fast | |
572 | IDentity Online (FIDO) device over Universal Serial Bus (USB) as well as | |
573 | verifying attestation and assertion signatures. It aims to support the FIDO | |
574 | Universal 2nd Factor (U2F) and FIDO 2.0 protocols for communicating with a USB | |
575 | authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2). In | |
576 | addition to this low-level device access, classes defined in the | |
577 | @code{fido2.client} and @code{fido2.server} modules implement higher level | |
578 | operations which are useful when interfacing with an Authenticator, or when | |
579 | implementing a Relying Party.") | |
580 | ;; python-fido2 contains some derivative files originally from pyu2f | |
581 | ;; (https://github.com/google/pyu2f). These files are licensed under the | |
582 | ;; Apache License, version 2.0. The maintainers have customized these | |
583 | ;; files for internal use, so they are not really a bundled dependency. | |
584 | (license (list license:bsd-2 license:asl2.0)))) | |
585 | ||
586 | (define-public python2-fido2 | |
587 | (package-with-python2 python-fido2)) | |
47288061 CM |
588 | |
589 | (define-public python-yubikey-manager | |
590 | (package | |
591 | (name "python-yubikey-manager") | |
592 | (version "2.1.0") | |
593 | (source (origin | |
594 | (method url-fetch) | |
595 | (uri (string-append | |
596 | "https://developers.yubico.com/yubikey-manager/Releases" | |
597 | "/yubikey-manager-" version ".tar.gz")) | |
598 | (sha256 | |
599 | (base32 | |
600 | "11rsmcaj60k3y5m5gdhr2nbbz0w5dm3m04klyxz0fh5hnpcmr7fm")))) | |
601 | (build-system python-build-system) | |
602 | (propagated-inputs | |
603 | `(("python-six" ,python-six) | |
604 | ("python-pyscard" ,python-pyscard) | |
605 | ("python-pyusb" ,python-pyusb) | |
606 | ("python-click" ,python-click) | |
607 | ("python-cryptography" ,python-cryptography) | |
608 | ("python-pyopenssl" ,python-pyopenssl) | |
609 | ("python-fido2" ,python-fido2))) | |
610 | (inputs | |
611 | `(("yubikey-personalization" ,yubikey-personalization) | |
612 | ("pcsc-lite" ,pcsc-lite) | |
613 | ("libusb" ,libusb))) | |
614 | (native-inputs | |
615 | `(("swig" ,swig) | |
616 | ("python-mock" ,python-mock))) | |
617 | (home-page "https://developers.yubico.com/yubikey-manager/") | |
618 | (synopsis "Command line tool and library for configuring a YubiKey") | |
619 | (description | |
620 | "Python library and command line tool for configuring a YubiKey. Note | |
621 | that after installing this package, you might still need to add appropriate | |
622 | udev rules to your system configuration to be able to configure the YubiKey as | |
623 | an unprivileged user.") | |
624 | (license license:bsd-2))) | |
625 | ||
626 | (define-public python2-yubikey-manager | |
627 | (package-with-python2 python-yubikey-manager)) |