HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: icecat: Use system harfbuzz and graphite2 libraries.
[jackhill/guix/guix.git] / gnu / packages / crypto.scm
CommitLineData
80b77646
DT		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2014 David Thompson <davet@gnu.org>
d96e162a 3;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
9381a02a 4;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
893d963a 5;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
c6220b13 6;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
f0f6f9f6 7;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
d56c55ff 8;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org>
de98f4ed 9;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
fa58a0a6 10;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
80b77646
DT		 11;;;
12;;; This file is part of GNU Guix.
13;;;
14;;; GNU Guix is free software; you can redistribute it and/or modify it
15;;; under the terms of the GNU General Public License as published by
16;;; the Free Software Foundation; either version 3 of the License, or (at
17;;; your option) any later version.
18;;;
19;;; GNU Guix is distributed in the hope that it will be useful, but
20;;; WITHOUT ANY WARRANTY; without even the implied warranty of
21;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22;;; GNU General Public License for more details.
23;;;
24;;; You should have received a copy of the GNU General Public License
25;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
26
27(define-module (gnu packages crypto)
28 #:use-module (gnu packages)
2e3f1851
EB		 29 #:use-module (gnu packages admin)
30 #:use-module (gnu packages aidc)
b6f87ec0 31 #:use-module (gnu packages attr)
893d963a 32 #:use-module (gnu packages autotools)
fb8a5d63 33 #:use-module (gnu packages boost)
de98f4ed 34 #:use-module (gnu packages compression)
2e3f1851 35 #:use-module (gnu packages cryptsetup)
fb8a5d63 36 #:use-module (gnu packages gettext)
2e3f1851
EB		 37 #:use-module (gnu packages gnupg)
38 #:use-module (gnu packages image)
f1876bfc
LF		 39 #:use-module (gnu packages pkg-config)
40 #:use-module (gnu packages libbsd)
0751fddd 41 #:use-module (gnu packages libffi)
fb8a5d63 42 #:use-module (gnu packages linux)
893d963a
LG		 43 #:use-module (gnu packages nettle)
44 #:use-module (gnu packages password-utils)
fb8a5d63 45 #:use-module (gnu packages perl)
5ccde207 46 #:use-module (gnu packages perl-check)
893d963a 47 #:use-module (gnu packages readline)
2e3f1851 48 #:use-module (gnu packages search)
893d963a 49 #:use-module (gnu packages serialization)
19b2ea1b 50 #:use-module (gnu packages shells)
b6f87ec0 51 #:use-module (gnu packages tcl)
893d963a 52 #:use-module (gnu packages tls)
b6f87ec0 53 #:use-module (gnu packages xml)
7fb18f57 54 #:use-module ((guix licenses) #:prefix license:)
80b77646
DT		 55 #:use-module (guix packages)
56 #:use-module (guix download)
6fabb196 57 #:use-module (guix git-download)
b6f87ec0 58 #:use-module (guix build-system cmake)
09c36743 59 #:use-module (guix build-system gnu)
fa58a0a6
EF		 60 #:use-module (guix build-system perl)
61 #:use-module (srfi srfi-1)
62 #:use-module (srfi srfi-26))
80b77646
DT		 63
64(define-public libsodium
65 (package
66 (name "libsodium")
7bd9af73 67 (version "1.0.16")
80b77646
DT		 68 (source (origin
69 (method url-fetch)
4150ac88 70 (uri (list (string-append
bee98a9f 71 "https://download.libsodium.org/libsodium/"
4150ac88
LF		 72 "releases/libsodium-" version ".tar.gz")
73 (string-append
74 "https://download.libsodium.org/libsodium/"
75 "releases/old/libsodium-" version ".tar.gz")))
80b77646
DT		 76 (sha256
77 (base32
7bd9af73 78 "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf"))))
80b77646
DT		 79 (build-system gnu-build-system)
80 (synopsis "Portable NaCl-based crypto library")
81 (description
35b9e423 82 "Sodium is a new easy-to-use high-speed software library for network
80b77646 83communication, encryption, decryption, signatures, etc.")
7fb18f57 84 (license license:isc)
bee98a9f 85 (home-page "https://libsodium.org")))
f1876bfc 86
32977915
CB		 87(define-public libmd
88 (package
89 (name "libmd")
90 (version "0.0.0")
91 (source (origin
92 (method url-fetch)
93 (uri (string-append
94 "https://archive.hadrons.org/software/libmd/libmd-"
95 version
96 ".tar.xz"))
97 (sha256
98 (base32
99 "121s73pgbqsnmy6xblbrkj9y44c5zzzpf2hcmh6zvcvg4dk26gzx"))))
100 (build-system gnu-build-system)
101 (synopsis "Message Digest functions from BSD systems")
102 (description
103 "The currently provided message digest algorithms are:
104@itemize
105@item MD2
106@item MD4
107@item MD5
108@item RIPEMD-160
109@item SHA-1
110@item SHA-2 (SHA-256, SHA-384 and SHA-512)
111@end itemize")
112 (license (list license:bsd-3
113 license:bsd-2
114 license:isc
115 license:public-domain))
116 (home-page "https://www.hadrons.org/software/libmd/")))
117
f1876bfc
LF		 118(define-public signify
119 (package
120 (name "signify")
3151345c 121 (version "23")
f1876bfc
LF		 122 (source (origin
123 (method url-fetch)
124 (uri (string-append "https://github.com/aperezdc/signify/"
125 "archive/v" version ".tar.gz"))
126 (file-name (string-append name "-" version ".tar.gz"))
127 (sha256
128 (base32
3151345c 129 "0c70mzawgahsvmsv4xdrass4pgyynd67ipd9lij0fgi8wkq0ns8w"))))
f1876bfc
LF		 130 (build-system gnu-build-system)
131 ;; TODO Build with libwaive (described in README.md), to implement something
132 ;; like OpenBSD's pledge().
133 (arguments
134 `(#:tests? #f ; no test suite
135 #:make-flags
136 (list "CC=gcc"
137 (string-append "PREFIX=" (assoc-ref %outputs "out")))
138 #:phases
139 (modify-phases %standard-phases
140 (delete 'configure))))
141 (native-inputs
142 `(("pkg-config" ,pkg-config)))
143 (inputs
144 `(("libbsd" ,libbsd)))
145 (synopsis "Create and verify cryptographic signatures")
146 (description "The signify utility creates and verifies cryptographic
147signatures using the elliptic curve Ed25519. This is a Linux port of the
148OpenBSD tool of the same name.")
149 (home-page "https://github.com/aperezdc/signify")
150 ;; This package includes third-party code that was originally released under
151 ;; various non-copyleft licenses. See the source files for clarification.
7fb18f57
TGR		 152 (license (list license:bsd-3 license:bsd-4 license:expat license:isc
153 license:public-domain (license:non-copyleft
154 "file://base64.c"
155 "See base64.c in the distribution for
156 the license from IBM.")))))
893d963a
LG		 157
158
159(define-public opendht
160 (package
161 (name "opendht")
162 (version "0.6.1")
163 (source
164 (origin
165 (method url-fetch)
166 (uri
167 (string-append
168 "https://github.com/savoirfairelinux/" name
169 "/archive/" version ".tar.gz"))
170 (file-name (string-append name "-" version ".tar.gz"))
171 (modules '((guix build utils)))
172 (snippet
173 '(begin
174 (delete-file-recursively "src/argon2")
175 (substitute* "src/Makefile.am"
176 (("./argon2/libargon2.la") "")
177 (("SUBDIRS = argon2") ""))
178 (substitute* "src/crypto.cpp"
179 (("argon2/argon2.h") "argon2.h"))
180 (substitute* "configure.ac"
181 (("src/argon2/Makefile") ""))))
182 (sha256
183 (base32
184 "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
185 (build-system gnu-build-system)
186 (inputs
187 `(("gnutls" ,gnutls)
188 ("nettle" ,nettle)
893d963a
LG		 189 ("readline" ,readline)
190 ("argon2" ,argon2)))
615c9990
LG		 191 (propagated-inputs
192 `(("msgpack" ,msgpack))) ;included in several installed headers
893d963a
LG		 193 (native-inputs
194 `(("autoconf" ,autoconf)
195 ("pkg-config" ,pkg-config)
196 ("automake" ,automake)
197 ("libtool" ,libtool)))
198 (arguments
199 `(#:configure-flags '("--disable-tools" "--disable-python")
200 #:phases (modify-phases %standard-phases
d10092b8 201 (add-after 'unpack 'autoconf
893d963a
LG		 202 (lambda _
203 (zero? (system* "autoreconf" "-vfi")))))))
204 (home-page "https://github.com/savoirfairelinux/opendht/")
205 (synopsis "Distributed Hash Table (DHT) library")
206 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
207be used to manage peer-to-peer network connections as needed for real time
208communication.")
7fb18f57 209 (license license:gpl3)))
fb8a5d63 210
fb8a5d63
TGR		 211(define-public encfs
212 (package
213 (name "encfs")
ffabdc18 214 (version "1.9.1")
fb8a5d63
TGR		 215 (source
216 (origin
217 (method url-fetch)
218 (uri
219 (string-append "https://github.com/vgough/encfs/releases/download/v"
220 version "/encfs-" version ".tar.gz"))
221 (sha256
222 (base32
ffabdc18 223 "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837"))
b6f87ec0
TGR		 224 (modules '((guix build utils)))
225 ;; Remove bundled dependencies in favour of proper inputs.
226 (snippet '(for-each delete-file-recursively
227 (find-files "internal" "^tinyxml2-[0-9]"
228 #:directories? #t)))))
229 (build-system cmake-build-system)
fb8a5d63 230 (native-inputs
79355ae3 231 `(("gettext" ,gettext-minimal)
b6f87ec0
TGR		 232
233 ;; Test dependencies.
234 ("expect" ,expect)
235 ("perl" ,perl)))
fb8a5d63 236 (inputs
b6f87ec0 237 `(("attr" ,attr)
fb8a5d63
TGR		 238 ("fuse" ,fuse)
239 ("openssl" ,openssl)
b6f87ec0
TGR		 240 ("tinyxml2" ,tinyxml2)))
241 (arguments
242 `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")))
fb8a5d63
TGR		 243 (home-page "https://vgough.github.io/encfs")
244 (synopsis "Encrypted virtual file system")
245 (description
246 "EncFS creates a virtual encrypted file system in user-space. Each file
247created under an EncFS mount point is stored as a separate encrypted file on
248the underlying file system. Like most encrypted file systems, EncFS is meant
249to provide security against off-line attacks, such as a drive falling into
250the wrong hands.")
b6f87ec0
TGR		 251 (license (list license:expat ; internal/easylogging++.h
252 license:lgpl3+ ; encfs library
253 license:gpl3+)))) ; command-line tools
279d902b
TGR		 254
255(define-public keyutils
256 (package
257 (name "keyutils")
258 (version "1.5.9")
259 (source
260 (origin
261 (method url-fetch)
262 (uri
263 (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
264 version ".tar.bz2"))
265 (sha256
266 (base32
267 "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd"))
268 (modules '((guix build utils)))
269 ;; Create relative symbolic links instead of absolute ones to /lib/*
270 (snippet '(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
271 "$(LNS) ")))))
272 (build-system gnu-build-system)
273 (arguments
274 `(#:phases (modify-phases %standard-phases
275 (delete 'configure)) ; no configure script
276 #:make-flags (list "CC=gcc"
277 "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
278 (string-append "DESTDIR="
279 (assoc-ref %outputs "out"))
280 "INCLUDEDIR=/include"
281 "LIBDIR=/lib"
282 "MANDIR=/share/man"
283 "SHAREDIR=/share/keyutils")
284 #:test-target "test"))
285 (home-page "https://people.redhat.com/dhowells/keyutils/")
5b63a856 286 (synopsis "Linux key management utilities")
279d902b
TGR		 287 (description
288 "Keyutils is a set of utilities for managing the key retention facility in
289the Linux kernel, which can be used by file systems, block devices, and more to
290gain and retain the authorization and encryption keys required to perform
291secure operations. ")
292 (license (list license:lgpl2.1+ ; the files keyutils.*
293 license:gpl2+)))) ; the rest
6fabb196 294
295;; There is no release candidate but commits point out a version number,
296;; furthermore no tarball exists.
297(define-public eschalot
298 (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")
299 (revision "1"))
300 (package
301 (name "eschalot")
302 (version (string-append "1.2.0-" revision "." (string-take commit 7)))
303 (source
304 (origin
305 (method git-fetch)
306 (uri (git-reference
307 (url "https://github.com/schnabear/eschalot")
308 (commit commit)))
309 (file-name (string-append name "-" version))
310 (sha256
311 (base32
312 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))
313 (inputs
314 `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h
315 (build-system gnu-build-system)
316 (arguments
317 `(#:make-flags (list "CC=gcc"
318 (string-append "PREFIX=" (assoc-ref %outputs "out"))
319 (string-append "INSTALL=" "install"))
320 ;; XXX: make test would run a !VERY! long hashing of names with the use
321 ;; of a wordlist, the amount of computing time this would waste on build
322 ;; servers is in no relation to the size or importance of this small
323 ;; application, therefore we run our own tests on eschalot and worgen.
324 #:phases
325 (modify-phases %standard-phases
326 (delete 'configure)
327 (replace 'check
328 (lambda _
329 (and
330 (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"
331 "3-6" "top150adjectives.txt" "3-6"))
332 (zero? (system* "./eschalot" "-r" "^guix|^guixsd"))
333 (zero? (system* "./eschalot" "-r" "^gnu|^free"))
334 (zero? (system* "./eschalot" "-r" "^cyber|^hack"))
335 (zero? (system* "./eschalot" "-r" "^troll")))))
336 ;; Make install can not create the bin dir, create it.
337 (add-before 'install 'create-bin-dir
338 (lambda* (#:key outputs #:allow-other-keys)
339 (let* ((out (assoc-ref outputs "out"))
340 (bin (string-append out "/bin")))
341 (mkdir-p bin)
342 #t))))))
343 (home-page "https://github.com/schnabear/eschalot")
344 (synopsis "Tor hidden service name generator")
345 (description
346 "Eschalot is a tor hidden service name generator, it allows one to
347produce customized vanity .onion addresses using a brute-force method. Searches
348for valid names can be run with regular expressions and wordlists. For the
349generation of wordlists the included tool @code{worgen} can be used. There is
350no man page, refer to the home page for usage details.")
351 (license (list license:isc license:expat)))))
2e3f1851
EB		 352
353(define-public tomb
354 (package
355 (name "tomb")
d56c55ff 356 (version "2.4")
2e3f1851
EB		 357 (source (origin
358 (method url-fetch)
359 (uri (string-append "https://files.dyne.org/tomb/"
8ca2cb58 360 "Tomb-" version ".tar.gz"))
2e3f1851
EB		 361 (sha256
362 (base32
d56c55ff 363 "1hv1w79as7swqj0n137vz8n8mwvcgwlvd91sdyssz41jarg7f1vr"))))
2e3f1851 364 (build-system gnu-build-system)
d56c55ff 365 (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
2e3f1851
EB		 366 (inputs
367 `(("zsh" ,zsh)
2e3f1851
EB		 368 ("gnupg" ,gnupg)
369 ("cryptsetup" ,cryptsetup)
370 ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
7c90d0f4 371 ("gettext" ,gettext-minimal) ;used at runtime
2e3f1851
EB		 372 ("mlocate" ,mlocate)
373 ("pinentry" ,pinentry)
374 ("qrencode" ,qrencode)
d56c55ff 375 ("steghide" ,steghide)))
2e3f1851
EB		 376 (arguments
377 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
378 ;; TODO: Build and install gtk and qt trays
379 #:phases
380 (modify-phases %standard-phases
381 (delete 'configure) ;no configuration to be done
382 (add-after 'install 'i18n
383 (lambda* (#:key make-flags #:allow-other-keys)
384 (zero? (apply system*
385 "make" "-C" "extras/translations"
386 "install" make-flags))))
387 (add-after 'install 'wrap
388 (lambda* (#:key inputs outputs #:allow-other-keys)
389 (let ((out (assoc-ref outputs "out")))
390 (wrap-program (string-append out "/bin/tomb")
391 `("PATH" ":" prefix
392 (,(string-append (assoc-ref inputs "mlocate") "/bin")
393 ,@(map (lambda (program)
394 (or (and=> (which program) dirname)
395 (error "program not found:" program)))
396 '("seq" "mkfs.ext4" "pinentry" "sudo"
397 "gpg" "cryptsetup" "gettext"
d56c55ff 398 "qrencode" "steghide")))))
2e3f1851
EB		 399 #t)))
400 (delete 'check)
401 (add-after 'wrap 'check
402 (lambda* (#:key outputs #:allow-other-keys)
403 ;; Running the full tests requires sudo/root access for
404 ;; cryptsetup, which is not available in the build environment.
405 ;; But we can run `tomb dig` without root, so make sure that
406 ;; works. TODO: It Would Be Nice to check the expected "index",
407 ;; "search", "bury", and "exhume" features are available by
408 ;; querying `tomb -h`.
409 (let ((tomb (string-append (assoc-ref outputs "out")
410 "/bin/tomb")))
411 (zero? (system* tomb "dig" "-s" "10" "secrets.tomb"))))))))
412 (home-page "http://www.dyne.org/software/tomb")
413 (synopsis "File encryption for secret data")
414 (description
415 "Tomb is an application to manage the creation and access of encrypted
416storage files: it can be operated from commandline and it can integrate with a
417user's graphical desktop.")
418 (license license:gpl3+)))
9381a02a
LF		 419
420(define-public scrypt
421 (package
422 (name "scrypt")
6c067a3f 423 (version "1.2.1")
9381a02a
LF		 424 (source
425 (origin
426 (method url-fetch)
427 (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-"
428 version ".tgz"))
429 (sha256
430 (base32
6c067a3f 431 "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
9381a02a
LF		 432 (build-system gnu-build-system)
433 (arguments
434 `(#:phases (modify-phases %standard-phases
435 (add-after 'unpack 'patch-command-invocations
436 (lambda _
437 (substitute* "Makefile.in"
438 (("command -p") ""))
439 #t))
440 (add-after 'install 'install-docs
441 (lambda* (#:key outputs #:allow-other-keys)
442 (let* ((out (assoc-ref %outputs "out"))
443 (misc (string-append out "/share/doc/scrypt")))
444 (install-file "FORMAT" misc)
445 #t))))))
446 (inputs
447 `(("openssl" ,openssl)))
448 (home-page "https://www.tarsnap.com/scrypt.html")
449 (synopsis "Memory-hard encryption tool based on scrypt")
450 (description "This packages provides a simple password-based encryption
451utility as a demonstration of the @code{scrypt} key derivation function.
452@code{Scrypt} is designed to be far more resistant against hardware brute-force
453attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
454 (license license:bsd-2)))
09c36743 455
d96e162a
RW		 456(define-public perl-math-random-isaac-xs
457 (package
458 (name "perl-math-random-isaac-xs")
459 (version "1.004")
460 (source
461 (origin
462 (method url-fetch)
463 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
464 "Math-Random-ISAAC-XS-" version ".tar.gz"))
465 (sha256
466 (base32
467 "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
468 (build-system perl-build-system)
469 (native-inputs
470 `(("perl-module-build" ,perl-module-build)
471 ("perl-test-nowarnings" ,perl-test-nowarnings)))
472 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
473 (synopsis "C implementation of the ISAAC PRNG algorithm")
474 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
475fast pseudo-random number generator. It is suitable for applications where a
476significant amount of random data needs to be produced quickly, such as
477solving using the Monte Carlo method or for games. The results are uniformly
478distributed, unbiased, and unpredictable unless you know the seed.
479
480This package implements the same interface as @code{Math::Random::ISAAC}.")
481 (license license:public-domain)))
649238cb
RW		 482
483(define-public perl-math-random-isaac
484 (package
485 (name "perl-math-random-isaac")
486 (version "1.004")
487 (source
488 (origin
489 (method url-fetch)
490 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
491 "Math-Random-ISAAC-" version ".tar.gz"))
492 (sha256
493 (base32
494 "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
495 (build-system perl-build-system)
496 (native-inputs
497 `(("perl-test-nowarnings" ,perl-test-nowarnings)))
498 (propagated-inputs
499 `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
500 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
501 (synopsis "Perl interface to the ISAAC PRNG algorithm")
502 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
503fast pseudo-random number generator. It is suitable for applications where a
504significant amount of random data needs to be produced quickly, such as
505solving using the Monte Carlo method or for games. The results are uniformly
506distributed, unbiased, and unpredictable unless you know the seed.
507
508This package provides a Perl interface to the ISAAC pseudo random number
509generator.")
510 (license license:public-domain)))
2023b79f
RW		 511
512(define-public perl-crypt-random-source
513 (package
514 (name "perl-crypt-random-source")
515 (version "0.12")
516 (source
517 (origin
518 (method url-fetch)
519 (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
520 "Crypt-Random-Source-" version ".tar.gz"))
521 (sha256
522 (base32
523 "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
524 (build-system perl-build-system)
525 (native-inputs
526 `(("perl-module-build-tiny" ,perl-module-build-tiny)
527 ("perl-test-exception" ,perl-test-exception)))
528 (propagated-inputs
529 `(("perl-capture-tiny" ,perl-capture-tiny)
530 ("perl-module-find" ,perl-module-find)
531 ("perl-module-runtime" ,perl-module-runtime)
532 ("perl-moo" ,perl-moo)
533 ("perl-namespace-clean" ,perl-namespace-clean)
534 ("perl-sub-exporter" ,perl-sub-exporter)
535 ("perl-type-tiny" ,perl-type-tiny)))
536 (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
537 (synopsis "Get weak or strong random data from pluggable sources")
538 (description "This module provides implementations for a number of
539byte-oriented sources of random data.")
8cb537ac 540 (license license:perl-license)))
233f4f43
RW		 541
542(define-public perl-math-random-secure
543 (package
544 (name "perl-math-random-secure")
545 (version "0.080001")
546 (source
547 (origin
548 (method url-fetch)
549 (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
550 "Math-Random-Secure-" version ".tar.gz"))
551 (sha256
552 (base32
553 "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
554 (build-system perl-build-system)
555 (native-inputs
556 `(("perl-list-moreutils" ,perl-list-moreutils)
557 ("perl-test-leaktrace" ,perl-test-leaktrace)
558 ("perl-test-sharedfork" ,perl-test-sharedfork)
559 ("perl-test-warn" ,perl-test-warn)))
560 (inputs
561 `(("perl-crypt-random-source" ,perl-crypt-random-source)
562 ("perl-math-random-isaac" ,perl-math-random-isaac)
563 ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
564 ("perl-moo" ,perl-moo)))
565 (home-page "http://search.cpan.org/dist/Math-Random-Secure")
566 (synopsis "Cryptographically secure replacement for rand()")
567 (description "This module is intended to provide a
568cryptographically-secure replacement for Perl's built-in @code{rand} function.
569\"Crytographically secure\", in this case, means:
570
571@enumerate
572@item No matter how many numbers you see generated by the random number
573generator, you cannot guess the future numbers, and you cannot guess the seed.
574@item There are so many possible seeds that it would take decades, centuries,
575or millenia for an attacker to try them all.
576@item The seed comes from a source that generates relatively strong random
577data on your platform, so the seed itself will be as random as possible.
578@end enumerate\n")
579 (license license:artistic2.0)))
f0f6f9f6 580
de98f4ed
PL		 581(define-public crypto++
582 (package
583 (name "crypto++")
584 (version "5.6.5")
585 (source (origin
586 (method url-fetch/zipbomb)
587 (uri (string-append "https://cryptopp.com/cryptopp"
588 (string-join (string-split version #\.) "")
589 ".zip"))
590 (sha256
591 (base32
592 "0d1cqdz369ivi082k59025wvxzywvkizw7i0pf5h0a1izs3g8pm7"))
593 (patches
594 (search-patches "crypto++-fix-dos-in-asn.1-decoders.patch"))))
595 (build-system gnu-build-system)
596 (arguments
597 `(#:make-flags
598 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
599 #:phases
600 (modify-phases %standard-phases
c300cae6
TGR		 601 (add-after 'unpack 'disable-native-optimisation
602 ;; This package installs more than just headers. Ensure that the
603 ;; cryptest.exe binary & static library aren't CPU model specific.
604 (lambda _
605 (substitute* "GNUmakefile"
606 ((" -march=native") ""))
607 #t))
de98f4ed
PL		 608 (delete 'configure))))
609 (native-inputs
610 `(("unzip" ,unzip)))
611 (home-page "https://cryptopp.com/")
612 (synopsis "C++ class library of cryptographic schemes")
613 (description "Crypto++ is a C++ class library of cryptographic schemes.")
614 ;; The compilation is distributed under the Boost license; the individual
615 ;; files in the compilation are in the public domain.
616 (license (list license:boost1.0 license:public-domain))))
60e95297 617
c6220b13
TGR		 618(define-public libb2
619 (let ((revision "1") ; upstream doesn't ‘do’ releases
620 (commit "60ea749837362c226e8501718f505ab138e5c19d"))
621 (package
622 (name "libb2")
623 (version (git-version "0.0.0" revision commit))
624 (source (origin
625 (method git-fetch)
626 (uri (git-reference
627 (url "https://github.com/BLAKE2/libb2")
628 (commit commit)))
629 (file-name (git-file-name name version))
630 (sha256
631 (base32
632 "07a2m8basxrsj9dsp5lj24y8jraj85lfy56756a7za1nfkgy04z7"))))
633 (build-system gnu-build-system)
634 (native-inputs
635 `(("autoconf" ,autoconf)
636 ("automake" ,automake)
637 ("libtool" ,libtool)))
638 (arguments
639 `(#:configure-flags
fa58a0a6
EF		 640 (list
641 ,@(if (any (cute string-prefix? <> (or (%current-system)
642 (%current-target-system)))
643 '("x86_64" "i686"))
644 ;; fat only checks for Intel optimisations
645 '("--enable-fat")
646 '())
647 "--disable-native") ; don't optimise at build time.
c6220b13
TGR		 648 #:phases
649 (modify-phases %standard-phases
650 (add-after 'unpack 'bootstrap
651 (lambda _
652 (invoke "sh" "autogen.sh"))))))
653 (home-page "https://blake2.net/")
654 (synopsis "Library implementing the BLAKE2 family of hash functions")
655 (description
656 "libb2 is a portable implementation of the BLAKE2 family of cryptographic
657hash functions. It includes optimised implementations for IA-32 and AMD64
658processors, and an interface layer that automatically selects the best
659implementation for the processor it is run on.
660
661@dfn{BLAKE2} (RFC 7693) is a family of high-speed cryptographic hash functions
662that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure
663as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist
664BLAKE.")
665 (license license:public-domain))))
jackhill's copy of GNU Guix: https://guix.gnu.org/