Commit | Line | Data |
---|---|---|
80b77646 DT |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2014 David Thompson <davet@gnu.org> | |
d96e162a | 3 | ;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net> |
9381a02a | 4 | ;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name> |
893d963a | 5 | ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox> |
c6220b13 | 6 | ;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
f0f6f9f6 | 7 | ;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org> |
d56c55ff | 8 | ;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org> |
de98f4ed | 9 | ;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com> |
fa58a0a6 | 10 | ;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il> |
80b77646 DT |
11 | ;;; |
12 | ;;; This file is part of GNU Guix. | |
13 | ;;; | |
14 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
15 | ;;; under the terms of the GNU General Public License as published by | |
16 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
17 | ;;; your option) any later version. | |
18 | ;;; | |
19 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
20 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | ;;; GNU General Public License for more details. | |
23 | ;;; | |
24 | ;;; You should have received a copy of the GNU General Public License | |
25 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
26 | ||
27 | (define-module (gnu packages crypto) | |
28 | #:use-module (gnu packages) | |
2e3f1851 EB |
29 | #:use-module (gnu packages admin) |
30 | #:use-module (gnu packages aidc) | |
b6f87ec0 | 31 | #:use-module (gnu packages attr) |
893d963a | 32 | #:use-module (gnu packages autotools) |
fb8a5d63 | 33 | #:use-module (gnu packages boost) |
de98f4ed | 34 | #:use-module (gnu packages compression) |
2e3f1851 | 35 | #:use-module (gnu packages cryptsetup) |
fb8a5d63 | 36 | #:use-module (gnu packages gettext) |
2e3f1851 EB |
37 | #:use-module (gnu packages gnupg) |
38 | #:use-module (gnu packages image) | |
f1876bfc LF |
39 | #:use-module (gnu packages pkg-config) |
40 | #:use-module (gnu packages libbsd) | |
0751fddd | 41 | #:use-module (gnu packages libffi) |
fb8a5d63 | 42 | #:use-module (gnu packages linux) |
893d963a LG |
43 | #:use-module (gnu packages nettle) |
44 | #:use-module (gnu packages password-utils) | |
fb8a5d63 | 45 | #:use-module (gnu packages perl) |
5ccde207 | 46 | #:use-module (gnu packages perl-check) |
893d963a | 47 | #:use-module (gnu packages readline) |
2e3f1851 | 48 | #:use-module (gnu packages search) |
893d963a | 49 | #:use-module (gnu packages serialization) |
19b2ea1b | 50 | #:use-module (gnu packages shells) |
b6f87ec0 | 51 | #:use-module (gnu packages tcl) |
893d963a | 52 | #:use-module (gnu packages tls) |
b6f87ec0 | 53 | #:use-module (gnu packages xml) |
7fb18f57 | 54 | #:use-module ((guix licenses) #:prefix license:) |
80b77646 DT |
55 | #:use-module (guix packages) |
56 | #:use-module (guix download) | |
6fabb196 | 57 | #:use-module (guix git-download) |
b6f87ec0 | 58 | #:use-module (guix build-system cmake) |
09c36743 | 59 | #:use-module (guix build-system gnu) |
fa58a0a6 EF |
60 | #:use-module (guix build-system perl) |
61 | #:use-module (srfi srfi-1) | |
62 | #:use-module (srfi srfi-26)) | |
80b77646 DT |
63 | |
64 | (define-public libsodium | |
65 | (package | |
66 | (name "libsodium") | |
7bd9af73 | 67 | (version "1.0.16") |
80b77646 DT |
68 | (source (origin |
69 | (method url-fetch) | |
4150ac88 | 70 | (uri (list (string-append |
bee98a9f | 71 | "https://download.libsodium.org/libsodium/" |
4150ac88 LF |
72 | "releases/libsodium-" version ".tar.gz") |
73 | (string-append | |
74 | "https://download.libsodium.org/libsodium/" | |
75 | "releases/old/libsodium-" version ".tar.gz"))) | |
80b77646 DT |
76 | (sha256 |
77 | (base32 | |
7bd9af73 | 78 | "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf")))) |
80b77646 DT |
79 | (build-system gnu-build-system) |
80 | (synopsis "Portable NaCl-based crypto library") | |
81 | (description | |
35b9e423 | 82 | "Sodium is a new easy-to-use high-speed software library for network |
80b77646 | 83 | communication, encryption, decryption, signatures, etc.") |
7fb18f57 | 84 | (license license:isc) |
bee98a9f | 85 | (home-page "https://libsodium.org"))) |
f1876bfc | 86 | |
32977915 CB |
87 | (define-public libmd |
88 | (package | |
89 | (name "libmd") | |
90 | (version "0.0.0") | |
91 | (source (origin | |
92 | (method url-fetch) | |
93 | (uri (string-append | |
94 | "https://archive.hadrons.org/software/libmd/libmd-" | |
95 | version | |
96 | ".tar.xz")) | |
97 | (sha256 | |
98 | (base32 | |
99 | "121s73pgbqsnmy6xblbrkj9y44c5zzzpf2hcmh6zvcvg4dk26gzx")))) | |
100 | (build-system gnu-build-system) | |
101 | (synopsis "Message Digest functions from BSD systems") | |
102 | (description | |
103 | "The currently provided message digest algorithms are: | |
104 | @itemize | |
105 | @item MD2 | |
106 | @item MD4 | |
107 | @item MD5 | |
108 | @item RIPEMD-160 | |
109 | @item SHA-1 | |
110 | @item SHA-2 (SHA-256, SHA-384 and SHA-512) | |
111 | @end itemize") | |
112 | (license (list license:bsd-3 | |
113 | license:bsd-2 | |
114 | license:isc | |
115 | license:public-domain)) | |
116 | (home-page "https://www.hadrons.org/software/libmd/"))) | |
117 | ||
f1876bfc LF |
118 | (define-public signify |
119 | (package | |
120 | (name "signify") | |
3151345c | 121 | (version "23") |
f1876bfc LF |
122 | (source (origin |
123 | (method url-fetch) | |
124 | (uri (string-append "https://github.com/aperezdc/signify/" | |
125 | "archive/v" version ".tar.gz")) | |
126 | (file-name (string-append name "-" version ".tar.gz")) | |
127 | (sha256 | |
128 | (base32 | |
3151345c | 129 | "0c70mzawgahsvmsv4xdrass4pgyynd67ipd9lij0fgi8wkq0ns8w")))) |
f1876bfc LF |
130 | (build-system gnu-build-system) |
131 | ;; TODO Build with libwaive (described in README.md), to implement something | |
132 | ;; like OpenBSD's pledge(). | |
133 | (arguments | |
134 | `(#:tests? #f ; no test suite | |
135 | #:make-flags | |
136 | (list "CC=gcc" | |
137 | (string-append "PREFIX=" (assoc-ref %outputs "out"))) | |
138 | #:phases | |
139 | (modify-phases %standard-phases | |
140 | (delete 'configure)))) | |
141 | (native-inputs | |
142 | `(("pkg-config" ,pkg-config))) | |
143 | (inputs | |
144 | `(("libbsd" ,libbsd))) | |
145 | (synopsis "Create and verify cryptographic signatures") | |
146 | (description "The signify utility creates and verifies cryptographic | |
147 | signatures using the elliptic curve Ed25519. This is a Linux port of the | |
148 | OpenBSD tool of the same name.") | |
149 | (home-page "https://github.com/aperezdc/signify") | |
150 | ;; This package includes third-party code that was originally released under | |
151 | ;; various non-copyleft licenses. See the source files for clarification. | |
7fb18f57 TGR |
152 | (license (list license:bsd-3 license:bsd-4 license:expat license:isc |
153 | license:public-domain (license:non-copyleft | |
154 | "file://base64.c" | |
155 | "See base64.c in the distribution for | |
156 | the license from IBM."))))) | |
893d963a LG |
157 | |
158 | ||
159 | (define-public opendht | |
160 | (package | |
161 | (name "opendht") | |
162 | (version "0.6.1") | |
163 | (source | |
164 | (origin | |
165 | (method url-fetch) | |
166 | (uri | |
167 | (string-append | |
168 | "https://github.com/savoirfairelinux/" name | |
169 | "/archive/" version ".tar.gz")) | |
170 | (file-name (string-append name "-" version ".tar.gz")) | |
171 | (modules '((guix build utils))) | |
172 | (snippet | |
173 | '(begin | |
174 | (delete-file-recursively "src/argon2") | |
175 | (substitute* "src/Makefile.am" | |
176 | (("./argon2/libargon2.la") "") | |
177 | (("SUBDIRS = argon2") "")) | |
178 | (substitute* "src/crypto.cpp" | |
179 | (("argon2/argon2.h") "argon2.h")) | |
180 | (substitute* "configure.ac" | |
181 | (("src/argon2/Makefile") "")))) | |
182 | (sha256 | |
183 | (base32 | |
184 | "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x")))) | |
185 | (build-system gnu-build-system) | |
186 | (inputs | |
187 | `(("gnutls" ,gnutls) | |
188 | ("nettle" ,nettle) | |
893d963a LG |
189 | ("readline" ,readline) |
190 | ("argon2" ,argon2))) | |
615c9990 LG |
191 | (propagated-inputs |
192 | `(("msgpack" ,msgpack))) ;included in several installed headers | |
893d963a LG |
193 | (native-inputs |
194 | `(("autoconf" ,autoconf) | |
195 | ("pkg-config" ,pkg-config) | |
196 | ("automake" ,automake) | |
197 | ("libtool" ,libtool))) | |
198 | (arguments | |
199 | `(#:configure-flags '("--disable-tools" "--disable-python") | |
200 | #:phases (modify-phases %standard-phases | |
d10092b8 | 201 | (add-after 'unpack 'autoconf |
893d963a LG |
202 | (lambda _ |
203 | (zero? (system* "autoreconf" "-vfi"))))))) | |
204 | (home-page "https://github.com/savoirfairelinux/opendht/") | |
205 | (synopsis "Distributed Hash Table (DHT) library") | |
206 | (description "OpenDHT is a Distributed Hash Table (DHT) library. It may | |
207 | be used to manage peer-to-peer network connections as needed for real time | |
208 | communication.") | |
7fb18f57 | 209 | (license license:gpl3))) |
fb8a5d63 | 210 | |
fb8a5d63 TGR |
211 | (define-public encfs |
212 | (package | |
213 | (name "encfs") | |
ffabdc18 | 214 | (version "1.9.1") |
fb8a5d63 TGR |
215 | (source |
216 | (origin | |
217 | (method url-fetch) | |
218 | (uri | |
219 | (string-append "https://github.com/vgough/encfs/releases/download/v" | |
220 | version "/encfs-" version ".tar.gz")) | |
221 | (sha256 | |
222 | (base32 | |
ffabdc18 | 223 | "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837")) |
b6f87ec0 TGR |
224 | (modules '((guix build utils))) |
225 | ;; Remove bundled dependencies in favour of proper inputs. | |
226 | (snippet '(for-each delete-file-recursively | |
227 | (find-files "internal" "^tinyxml2-[0-9]" | |
228 | #:directories? #t))))) | |
229 | (build-system cmake-build-system) | |
fb8a5d63 | 230 | (native-inputs |
79355ae3 | 231 | `(("gettext" ,gettext-minimal) |
b6f87ec0 TGR |
232 | |
233 | ;; Test dependencies. | |
234 | ("expect" ,expect) | |
235 | ("perl" ,perl))) | |
fb8a5d63 | 236 | (inputs |
b6f87ec0 | 237 | `(("attr" ,attr) |
fb8a5d63 TGR |
238 | ("fuse" ,fuse) |
239 | ("openssl" ,openssl) | |
b6f87ec0 TGR |
240 | ("tinyxml2" ,tinyxml2))) |
241 | (arguments | |
242 | `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF"))) | |
fb8a5d63 TGR |
243 | (home-page "https://vgough.github.io/encfs") |
244 | (synopsis "Encrypted virtual file system") | |
245 | (description | |
246 | "EncFS creates a virtual encrypted file system in user-space. Each file | |
247 | created under an EncFS mount point is stored as a separate encrypted file on | |
248 | the underlying file system. Like most encrypted file systems, EncFS is meant | |
249 | to provide security against off-line attacks, such as a drive falling into | |
250 | the wrong hands.") | |
b6f87ec0 TGR |
251 | (license (list license:expat ; internal/easylogging++.h |
252 | license:lgpl3+ ; encfs library | |
253 | license:gpl3+)))) ; command-line tools | |
279d902b TGR |
254 | |
255 | (define-public keyutils | |
256 | (package | |
257 | (name "keyutils") | |
258 | (version "1.5.9") | |
259 | (source | |
260 | (origin | |
261 | (method url-fetch) | |
262 | (uri | |
263 | (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-" | |
264 | version ".tar.bz2")) | |
265 | (sha256 | |
266 | (base32 | |
267 | "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd")) | |
268 | (modules '((guix build utils))) | |
269 | ;; Create relative symbolic links instead of absolute ones to /lib/* | |
270 | (snippet '(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/") | |
271 | "$(LNS) "))))) | |
272 | (build-system gnu-build-system) | |
273 | (arguments | |
274 | `(#:phases (modify-phases %standard-phases | |
275 | (delete 'configure)) ; no configure script | |
276 | #:make-flags (list "CC=gcc" | |
277 | "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)" | |
278 | (string-append "DESTDIR=" | |
279 | (assoc-ref %outputs "out")) | |
280 | "INCLUDEDIR=/include" | |
281 | "LIBDIR=/lib" | |
282 | "MANDIR=/share/man" | |
283 | "SHAREDIR=/share/keyutils") | |
284 | #:test-target "test")) | |
285 | (home-page "https://people.redhat.com/dhowells/keyutils/") | |
5b63a856 | 286 | (synopsis "Linux key management utilities") |
279d902b TGR |
287 | (description |
288 | "Keyutils is a set of utilities for managing the key retention facility in | |
289 | the Linux kernel, which can be used by file systems, block devices, and more to | |
290 | gain and retain the authorization and encryption keys required to perform | |
291 | secure operations. ") | |
292 | (license (list license:lgpl2.1+ ; the files keyutils.* | |
293 | license:gpl2+)))) ; the rest | |
6fabb196 | 294 | |
295 | ;; There is no release candidate but commits point out a version number, | |
296 | ;; furthermore no tarball exists. | |
297 | (define-public eschalot | |
298 | (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44") | |
299 | (revision "1")) | |
300 | (package | |
301 | (name "eschalot") | |
302 | (version (string-append "1.2.0-" revision "." (string-take commit 7))) | |
303 | (source | |
304 | (origin | |
305 | (method git-fetch) | |
306 | (uri (git-reference | |
307 | (url "https://github.com/schnabear/eschalot") | |
308 | (commit commit))) | |
309 | (file-name (string-append name "-" version)) | |
310 | (sha256 | |
311 | (base32 | |
312 | "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98")))) | |
313 | (inputs | |
314 | `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h | |
315 | (build-system gnu-build-system) | |
316 | (arguments | |
317 | `(#:make-flags (list "CC=gcc" | |
318 | (string-append "PREFIX=" (assoc-ref %outputs "out")) | |
319 | (string-append "INSTALL=" "install")) | |
320 | ;; XXX: make test would run a !VERY! long hashing of names with the use | |
321 | ;; of a wordlist, the amount of computing time this would waste on build | |
322 | ;; servers is in no relation to the size or importance of this small | |
323 | ;; application, therefore we run our own tests on eschalot and worgen. | |
324 | #:phases | |
325 | (modify-phases %standard-phases | |
326 | (delete 'configure) | |
327 | (replace 'check | |
328 | (lambda _ | |
329 | (and | |
330 | (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt" | |
331 | "3-6" "top150adjectives.txt" "3-6")) | |
332 | (zero? (system* "./eschalot" "-r" "^guix|^guixsd")) | |
333 | (zero? (system* "./eschalot" "-r" "^gnu|^free")) | |
334 | (zero? (system* "./eschalot" "-r" "^cyber|^hack")) | |
335 | (zero? (system* "./eschalot" "-r" "^troll"))))) | |
336 | ;; Make install can not create the bin dir, create it. | |
337 | (add-before 'install 'create-bin-dir | |
338 | (lambda* (#:key outputs #:allow-other-keys) | |
339 | (let* ((out (assoc-ref outputs "out")) | |
340 | (bin (string-append out "/bin"))) | |
341 | (mkdir-p bin) | |
342 | #t)))))) | |
343 | (home-page "https://github.com/schnabear/eschalot") | |
344 | (synopsis "Tor hidden service name generator") | |
345 | (description | |
346 | "Eschalot is a tor hidden service name generator, it allows one to | |
347 | produce customized vanity .onion addresses using a brute-force method. Searches | |
348 | for valid names can be run with regular expressions and wordlists. For the | |
349 | generation of wordlists the included tool @code{worgen} can be used. There is | |
350 | no man page, refer to the home page for usage details.") | |
351 | (license (list license:isc license:expat))))) | |
2e3f1851 EB |
352 | |
353 | (define-public tomb | |
354 | (package | |
355 | (name "tomb") | |
d56c55ff | 356 | (version "2.4") |
2e3f1851 EB |
357 | (source (origin |
358 | (method url-fetch) | |
359 | (uri (string-append "https://files.dyne.org/tomb/" | |
8ca2cb58 | 360 | "Tomb-" version ".tar.gz")) |
2e3f1851 EB |
361 | (sha256 |
362 | (base32 | |
d56c55ff | 363 | "1hv1w79as7swqj0n137vz8n8mwvcgwlvd91sdyssz41jarg7f1vr")))) |
2e3f1851 | 364 | (build-system gnu-build-system) |
d56c55ff | 365 | (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase |
2e3f1851 EB |
366 | (inputs |
367 | `(("zsh" ,zsh) | |
2e3f1851 EB |
368 | ("gnupg" ,gnupg) |
369 | ("cryptsetup" ,cryptsetup) | |
370 | ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4 | |
7c90d0f4 | 371 | ("gettext" ,gettext-minimal) ;used at runtime |
2e3f1851 EB |
372 | ("mlocate" ,mlocate) |
373 | ("pinentry" ,pinentry) | |
374 | ("qrencode" ,qrencode) | |
d56c55ff | 375 | ("steghide" ,steghide))) |
2e3f1851 EB |
376 | (arguments |
377 | `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) | |
378 | ;; TODO: Build and install gtk and qt trays | |
379 | #:phases | |
380 | (modify-phases %standard-phases | |
381 | (delete 'configure) ;no configuration to be done | |
382 | (add-after 'install 'i18n | |
383 | (lambda* (#:key make-flags #:allow-other-keys) | |
384 | (zero? (apply system* | |
385 | "make" "-C" "extras/translations" | |
386 | "install" make-flags)))) | |
387 | (add-after 'install 'wrap | |
388 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
389 | (let ((out (assoc-ref outputs "out"))) | |
390 | (wrap-program (string-append out "/bin/tomb") | |
391 | `("PATH" ":" prefix | |
392 | (,(string-append (assoc-ref inputs "mlocate") "/bin") | |
393 | ,@(map (lambda (program) | |
394 | (or (and=> (which program) dirname) | |
395 | (error "program not found:" program))) | |
396 | '("seq" "mkfs.ext4" "pinentry" "sudo" | |
397 | "gpg" "cryptsetup" "gettext" | |
d56c55ff | 398 | "qrencode" "steghide"))))) |
2e3f1851 EB |
399 | #t))) |
400 | (delete 'check) | |
401 | (add-after 'wrap 'check | |
402 | (lambda* (#:key outputs #:allow-other-keys) | |
403 | ;; Running the full tests requires sudo/root access for | |
404 | ;; cryptsetup, which is not available in the build environment. | |
405 | ;; But we can run `tomb dig` without root, so make sure that | |
406 | ;; works. TODO: It Would Be Nice to check the expected "index", | |
407 | ;; "search", "bury", and "exhume" features are available by | |
408 | ;; querying `tomb -h`. | |
409 | (let ((tomb (string-append (assoc-ref outputs "out") | |
410 | "/bin/tomb"))) | |
411 | (zero? (system* tomb "dig" "-s" "10" "secrets.tomb")))))))) | |
412 | (home-page "http://www.dyne.org/software/tomb") | |
413 | (synopsis "File encryption for secret data") | |
414 | (description | |
415 | "Tomb is an application to manage the creation and access of encrypted | |
416 | storage files: it can be operated from commandline and it can integrate with a | |
417 | user's graphical desktop.") | |
418 | (license license:gpl3+))) | |
9381a02a LF |
419 | |
420 | (define-public scrypt | |
421 | (package | |
422 | (name "scrypt") | |
6c067a3f | 423 | (version "1.2.1") |
9381a02a LF |
424 | (source |
425 | (origin | |
426 | (method url-fetch) | |
427 | (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-" | |
428 | version ".tgz")) | |
429 | (sha256 | |
430 | (base32 | |
6c067a3f | 431 | "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6")))) |
9381a02a LF |
432 | (build-system gnu-build-system) |
433 | (arguments | |
434 | `(#:phases (modify-phases %standard-phases | |
435 | (add-after 'unpack 'patch-command-invocations | |
436 | (lambda _ | |
437 | (substitute* "Makefile.in" | |
438 | (("command -p") "")) | |
439 | #t)) | |
440 | (add-after 'install 'install-docs | |
441 | (lambda* (#:key outputs #:allow-other-keys) | |
442 | (let* ((out (assoc-ref %outputs "out")) | |
443 | (misc (string-append out "/share/doc/scrypt"))) | |
444 | (install-file "FORMAT" misc) | |
445 | #t)))))) | |
446 | (inputs | |
447 | `(("openssl" ,openssl))) | |
448 | (home-page "https://www.tarsnap.com/scrypt.html") | |
449 | (synopsis "Memory-hard encryption tool based on scrypt") | |
450 | (description "This packages provides a simple password-based encryption | |
451 | utility as a demonstration of the @code{scrypt} key derivation function. | |
452 | @code{Scrypt} is designed to be far more resistant against hardware brute-force | |
453 | attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.") | |
454 | (license license:bsd-2))) | |
09c36743 | 455 | |
d96e162a RW |
456 | (define-public perl-math-random-isaac-xs |
457 | (package | |
458 | (name "perl-math-random-isaac-xs") | |
459 | (version "1.004") | |
460 | (source | |
461 | (origin | |
462 | (method url-fetch) | |
463 | (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/" | |
464 | "Math-Random-ISAAC-XS-" version ".tar.gz")) | |
465 | (sha256 | |
466 | (base32 | |
467 | "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws")))) | |
468 | (build-system perl-build-system) | |
469 | (native-inputs | |
470 | `(("perl-module-build" ,perl-module-build) | |
471 | ("perl-test-nowarnings" ,perl-test-nowarnings))) | |
472 | (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS") | |
473 | (synopsis "C implementation of the ISAAC PRNG algorithm") | |
474 | (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a | |
475 | fast pseudo-random number generator. It is suitable for applications where a | |
476 | significant amount of random data needs to be produced quickly, such as | |
477 | solving using the Monte Carlo method or for games. The results are uniformly | |
478 | distributed, unbiased, and unpredictable unless you know the seed. | |
479 | ||
480 | This package implements the same interface as @code{Math::Random::ISAAC}.") | |
481 | (license license:public-domain))) | |
649238cb RW |
482 | |
483 | (define-public perl-math-random-isaac | |
484 | (package | |
485 | (name "perl-math-random-isaac") | |
486 | (version "1.004") | |
487 | (source | |
488 | (origin | |
489 | (method url-fetch) | |
490 | (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/" | |
491 | "Math-Random-ISAAC-" version ".tar.gz")) | |
492 | (sha256 | |
493 | (base32 | |
494 | "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7")))) | |
495 | (build-system perl-build-system) | |
496 | (native-inputs | |
497 | `(("perl-test-nowarnings" ,perl-test-nowarnings))) | |
498 | (propagated-inputs | |
499 | `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs))) | |
500 | (home-page "http://search.cpan.org/dist/Math-Random-ISAAC") | |
501 | (synopsis "Perl interface to the ISAAC PRNG algorithm") | |
502 | (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a | |
503 | fast pseudo-random number generator. It is suitable for applications where a | |
504 | significant amount of random data needs to be produced quickly, such as | |
505 | solving using the Monte Carlo method or for games. The results are uniformly | |
506 | distributed, unbiased, and unpredictable unless you know the seed. | |
507 | ||
508 | This package provides a Perl interface to the ISAAC pseudo random number | |
509 | generator.") | |
510 | (license license:public-domain))) | |
2023b79f RW |
511 | |
512 | (define-public perl-crypt-random-source | |
513 | (package | |
514 | (name "perl-crypt-random-source") | |
515 | (version "0.12") | |
516 | (source | |
517 | (origin | |
518 | (method url-fetch) | |
519 | (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/" | |
520 | "Crypt-Random-Source-" version ".tar.gz")) | |
521 | (sha256 | |
522 | (base32 | |
523 | "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h")))) | |
524 | (build-system perl-build-system) | |
525 | (native-inputs | |
526 | `(("perl-module-build-tiny" ,perl-module-build-tiny) | |
527 | ("perl-test-exception" ,perl-test-exception))) | |
528 | (propagated-inputs | |
529 | `(("perl-capture-tiny" ,perl-capture-tiny) | |
530 | ("perl-module-find" ,perl-module-find) | |
531 | ("perl-module-runtime" ,perl-module-runtime) | |
532 | ("perl-moo" ,perl-moo) | |
533 | ("perl-namespace-clean" ,perl-namespace-clean) | |
534 | ("perl-sub-exporter" ,perl-sub-exporter) | |
535 | ("perl-type-tiny" ,perl-type-tiny))) | |
536 | (home-page "http://search.cpan.org/dist/Crypt-Random-Source") | |
537 | (synopsis "Get weak or strong random data from pluggable sources") | |
538 | (description "This module provides implementations for a number of | |
539 | byte-oriented sources of random data.") | |
8cb537ac | 540 | (license license:perl-license))) |
233f4f43 RW |
541 | |
542 | (define-public perl-math-random-secure | |
543 | (package | |
544 | (name "perl-math-random-secure") | |
545 | (version "0.080001") | |
546 | (source | |
547 | (origin | |
548 | (method url-fetch) | |
549 | (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/" | |
550 | "Math-Random-Secure-" version ".tar.gz")) | |
551 | (sha256 | |
552 | (base32 | |
553 | "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z")))) | |
554 | (build-system perl-build-system) | |
555 | (native-inputs | |
556 | `(("perl-list-moreutils" ,perl-list-moreutils) | |
557 | ("perl-test-leaktrace" ,perl-test-leaktrace) | |
558 | ("perl-test-sharedfork" ,perl-test-sharedfork) | |
559 | ("perl-test-warn" ,perl-test-warn))) | |
560 | (inputs | |
561 | `(("perl-crypt-random-source" ,perl-crypt-random-source) | |
562 | ("perl-math-random-isaac" ,perl-math-random-isaac) | |
563 | ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs) | |
564 | ("perl-moo" ,perl-moo))) | |
565 | (home-page "http://search.cpan.org/dist/Math-Random-Secure") | |
566 | (synopsis "Cryptographically secure replacement for rand()") | |
567 | (description "This module is intended to provide a | |
568 | cryptographically-secure replacement for Perl's built-in @code{rand} function. | |
569 | \"Crytographically secure\", in this case, means: | |
570 | ||
571 | @enumerate | |
572 | @item No matter how many numbers you see generated by the random number | |
573 | generator, you cannot guess the future numbers, and you cannot guess the seed. | |
574 | @item There are so many possible seeds that it would take decades, centuries, | |
575 | or millenia for an attacker to try them all. | |
576 | @item The seed comes from a source that generates relatively strong random | |
577 | data on your platform, so the seed itself will be as random as possible. | |
578 | @end enumerate\n") | |
579 | (license license:artistic2.0))) | |
f0f6f9f6 | 580 | |
de98f4ed PL |
581 | (define-public crypto++ |
582 | (package | |
583 | (name "crypto++") | |
584 | (version "5.6.5") | |
585 | (source (origin | |
586 | (method url-fetch/zipbomb) | |
587 | (uri (string-append "https://cryptopp.com/cryptopp" | |
588 | (string-join (string-split version #\.) "") | |
589 | ".zip")) | |
590 | (sha256 | |
591 | (base32 | |
592 | "0d1cqdz369ivi082k59025wvxzywvkizw7i0pf5h0a1izs3g8pm7")) | |
593 | (patches | |
594 | (search-patches "crypto++-fix-dos-in-asn.1-decoders.patch")))) | |
595 | (build-system gnu-build-system) | |
596 | (arguments | |
597 | `(#:make-flags | |
598 | (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) | |
599 | #:phases | |
600 | (modify-phases %standard-phases | |
c300cae6 TGR |
601 | (add-after 'unpack 'disable-native-optimisation |
602 | ;; This package installs more than just headers. Ensure that the | |
603 | ;; cryptest.exe binary & static library aren't CPU model specific. | |
604 | (lambda _ | |
605 | (substitute* "GNUmakefile" | |
606 | ((" -march=native") "")) | |
607 | #t)) | |
de98f4ed PL |
608 | (delete 'configure)))) |
609 | (native-inputs | |
610 | `(("unzip" ,unzip))) | |
611 | (home-page "https://cryptopp.com/") | |
612 | (synopsis "C++ class library of cryptographic schemes") | |
613 | (description "Crypto++ is a C++ class library of cryptographic schemes.") | |
614 | ;; The compilation is distributed under the Boost license; the individual | |
615 | ;; files in the compilation are in the public domain. | |
616 | (license (list license:boost1.0 license:public-domain)))) | |
60e95297 | 617 | |
c6220b13 TGR |
618 | (define-public libb2 |
619 | (let ((revision "1") ; upstream doesn't ‘do’ releases | |
620 | (commit "60ea749837362c226e8501718f505ab138e5c19d")) | |
621 | (package | |
622 | (name "libb2") | |
623 | (version (git-version "0.0.0" revision commit)) | |
624 | (source (origin | |
625 | (method git-fetch) | |
626 | (uri (git-reference | |
627 | (url "https://github.com/BLAKE2/libb2") | |
628 | (commit commit))) | |
629 | (file-name (git-file-name name version)) | |
630 | (sha256 | |
631 | (base32 | |
632 | "07a2m8basxrsj9dsp5lj24y8jraj85lfy56756a7za1nfkgy04z7")))) | |
633 | (build-system gnu-build-system) | |
634 | (native-inputs | |
635 | `(("autoconf" ,autoconf) | |
636 | ("automake" ,automake) | |
637 | ("libtool" ,libtool))) | |
638 | (arguments | |
639 | `(#:configure-flags | |
fa58a0a6 EF |
640 | (list |
641 | ,@(if (any (cute string-prefix? <> (or (%current-system) | |
642 | (%current-target-system))) | |
643 | '("x86_64" "i686")) | |
644 | ;; fat only checks for Intel optimisations | |
645 | '("--enable-fat") | |
646 | '()) | |
647 | "--disable-native") ; don't optimise at build time. | |
c6220b13 TGR |
648 | #:phases |
649 | (modify-phases %standard-phases | |
650 | (add-after 'unpack 'bootstrap | |
651 | (lambda _ | |
652 | (invoke "sh" "autogen.sh")))))) | |
653 | (home-page "https://blake2.net/") | |
654 | (synopsis "Library implementing the BLAKE2 family of hash functions") | |
655 | (description | |
656 | "libb2 is a portable implementation of the BLAKE2 family of cryptographic | |
657 | hash functions. It includes optimised implementations for IA-32 and AMD64 | |
658 | processors, and an interface layer that automatically selects the best | |
659 | implementation for the processor it is run on. | |
660 | ||
661 | @dfn{BLAKE2} (RFC 7693) is a family of high-speed cryptographic hash functions | |
662 | that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure | |
663 | as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist | |
664 | BLAKE.") | |
665 | (license license:public-domain)))) |