Commit | Line | Data |
---|---|---|
de63b20e SS |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com> | |
6f5c67d7 | 3 | ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
7e9b07bd | 4 | ;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de> |
3d4f9d5c | 5 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
c285a400 JT |
6 | ;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se> |
7 | ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr> | |
6d32dd8c | 8 | ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org> |
61201e46 | 9 | ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> |
f339f277 | 10 | ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> |
60628f54 | 11 | ;;; Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org> |
d504de26 | 12 | ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
a1714ff5 | 13 | ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org> |
eb28a777 | 14 | ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org> |
7f7fadb5 | 15 | ;;; Copyright © 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
763269f9 | 16 | ;;; Copyright © 2017 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> |
dcf12172 | 17 | ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> |
c06bf6a3 | 18 | ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com> |
649eb8b5 | 19 | ;;; Copyright © 2018 Konrad Hinsen <konrad.hinsen@fastmail.net> |
d4e0ebd0 | 20 | ;;; Copyright © 2018 Thomas Sigurdsen <tonton@riseup.net> |
20b51b17 | 21 | ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net> |
4715f92e | 22 | ;;; Copyright © 2018 Pierre Neidhardt <mail@ambrevar.xyz> |
037d1851 | 23 | ;;; Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net> |
7d4b3e1e | 24 | ;;; Copyright © 2018 Tim Gesthuizen <tim.gesthuizen@yahoo.de> |
de63b20e SS |
25 | ;;; |
26 | ;;; This file is part of GNU Guix. | |
27 | ;;; | |
28 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
29 | ;;; under the terms of the GNU General Public License as published by | |
30 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
31 | ;;; your option) any later version. | |
32 | ;;; | |
33 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
34 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
35 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
36 | ;;; GNU General Public License for more details. | |
37 | ;;; | |
38 | ;;; You should have received a copy of the GNU General Public License | |
39 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
40 | ||
41 | (define-module (gnu packages password-utils) | |
42 | #:use-module ((guix licenses) #:prefix license:) | |
e8647227 | 43 | #:use-module (guix build-system cmake) |
de63b20e SS |
44 | #:use-module (guix build-system gnu) |
45 | #:use-module (guix download) | |
7d4b3e1e | 46 | #:use-module (guix git-download) |
e8647227 | 47 | #:use-module (guix packages) |
53dcbbec | 48 | #:use-module (gnu packages) |
c285a400 | 49 | #:use-module (gnu packages admin) |
81635fb6 | 50 | #:use-module (gnu packages aidc) |
c285a400 | 51 | #:use-module (gnu packages base) |
ac257f12 | 52 | #:use-module (gnu packages check) |
e8647227 | 53 | #:use-module (gnu packages compression) |
da1b30bd EF |
54 | #:use-module (gnu packages crypto) |
55 | #:use-module (gnu packages curl) | |
7d4b3e1e | 56 | #:use-module (gnu packages file) |
a1714ff5 | 57 | #:use-module (gnu packages freedesktop) |
7d4b3e1e | 58 | #:use-module (gnu packages gettext) |
f339f277 | 59 | #:use-module (gnu packages glib) |
e8647227 | 60 | #:use-module (gnu packages gnupg) |
eb28a777 | 61 | #:use-module (gnu packages gnuzilla) |
0050876b | 62 | #:use-module (gnu packages gtk) |
dd24e906 | 63 | #:use-module (gnu packages guile) |
eb28a777 | 64 | #:use-module (gnu packages kerberos) |
0751fddd | 65 | #:use-module (gnu packages libffi) |
c285a400 | 66 | #:use-module (gnu packages linux) |
3d4f9d5c | 67 | #:use-module (gnu packages man) |
eb28a777 | 68 | #:use-module (gnu packages multiprecision) |
7e9b07bd | 69 | #:use-module (gnu packages ncurses) |
c10aa278 | 70 | #:use-module (gnu packages opencl) |
eb4ffe9b | 71 | #:use-module (gnu packages perl) |
7e9b07bd | 72 | #:use-module (gnu packages pkg-config) |
3d4f9d5c | 73 | #:use-module (gnu packages python) |
20b51b17 | 74 | #:use-module (gnu packages python-web) |
44d10b1f | 75 | #:use-module (gnu packages python-xyz) |
177475cf | 76 | #:use-module (gnu packages suckless) |
7e9b07bd | 77 | #:use-module (gnu packages tls) |
e8647227 | 78 | #:use-module (gnu packages qt) |
c285a400 | 79 | #:use-module (gnu packages version-control) |
7d4b3e1e | 80 | #:use-module (gnu packages wxwidgets) |
dd24e906 | 81 | #:use-module (gnu packages xdisorg) |
3d4f9d5c | 82 | #:use-module (gnu packages xorg) |
d4e0ebd0 | 83 | #:use-module (gnu packages xml) |
3d4f9d5c | 84 | #:use-module (guix build-system python)) |
de63b20e SS |
85 | |
86 | (define-public pwgen | |
87 | (package | |
88 | (name "pwgen") | |
5a2c4b3b | 89 | (version "2.08") |
de63b20e SS |
90 | (source |
91 | (origin | |
92 | (method url-fetch) | |
de67e922 LF |
93 | (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version |
94 | "/pwgen-" version ".tar.gz")) | |
de63b20e | 95 | (sha256 |
5a2c4b3b | 96 | (base32 "0yy90pqrr2pszzhb5hxjishq9qc7dqd290amiibqx9fm1b9kvc6s")))) |
de63b20e SS |
97 | (build-system gnu-build-system) |
98 | (arguments | |
99 | `(#:tests? #f)) ; no test suite | |
100 | (home-page "http://pwgen.sourceforge.net/") | |
101 | (synopsis "Password generator") | |
102 | (description "Pwgen generates passwords which can be easily memorized by a | |
103 | human.") | |
104 | (license license:gpl2))) | |
e8647227 | 105 | |
99672f7b EF |
106 | (define-public keepassxc |
107 | (package | |
108 | (name "keepassxc") | |
0e5d66ab | 109 | (version "2.3.4") |
99672f7b EF |
110 | (source |
111 | (origin | |
112 | (method url-fetch) | |
113 | (uri (string-append "https://github.com/keepassxreboot/" name | |
114 | "/releases/download/" version "/keepassxc-" | |
115 | version "-src.tar.xz")) | |
116 | (sha256 | |
117 | (base32 | |
0e5d66ab | 118 | "02kq0a7a7hpw824n03apma00yq1c6dds224g15mrnnqqjn4af90c")))) |
99672f7b | 119 | (build-system cmake-build-system) |
da1b30bd EF |
120 | (arguments |
121 | '(#:configure-flags '("-DWITH_XC_NETWORKING=YES" | |
122 | "-DWITH_XC_BROWSER=YES" | |
0e5d66ab | 123 | "-DWITH_XC_SSHAGENT=YES"))) |
99672f7b | 124 | (inputs |
3374dcc7 | 125 | `(("argon2" ,argon2) |
0e5d66ab | 126 | ("curl" ,curl) ; XC_NETWORKING |
3374dcc7 | 127 | ("libgcrypt" ,libgcrypt) |
0e5d66ab | 128 | ("libsodium" ,libsodium) ; XC_BROWSER |
99672f7b EF |
129 | ("libxi" ,libxi) |
130 | ("libxtst" ,libxtst) | |
131 | ("qtbase" ,qtbase) | |
132 | ("qtx11extras" ,qtx11extras) | |
133 | ("zlib" ,zlib))) | |
134 | (native-inputs | |
135 | `(("qttools" ,qttools))) | |
136 | (home-page "https://www.keepassxc.org") | |
137 | (synopsis "Password manager") | |
138 | (description "KeePassXC is a password manager or safe which helps you to | |
139 | manage your passwords in a secure way. You can put all your passwords in one | |
140 | database, which is locked with one master key or a key-file which can be stored | |
141 | on an external storage device. The databases are encrypted using the | |
142 | algorithms AES or Twofish.") | |
0e5d66ab | 143 | ;; Non-functional parts use various licences. |
99672f7b EF |
144 | (license license:gpl3))) |
145 | ||
e8647227 EF |
146 | (define-public keepassx |
147 | (package | |
148 | (name "keepassx") | |
a00fbe8a | 149 | (version "2.0.3") |
e8647227 EF |
150 | (source |
151 | (origin | |
152 | (method url-fetch) | |
e5be0e01 EF |
153 | (uri (string-append "https://www.keepassx.org/releases/" version |
154 | "/keepassx-" version ".tar.gz")) | |
e8647227 | 155 | (sha256 |
2c5e4976 | 156 | (base32 |
a00fbe8a | 157 | "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3")))) |
e8647227 EF |
158 | (build-system cmake-build-system) |
159 | (inputs | |
160 | `(("libgcrypt" ,libgcrypt) | |
a00fbe8a | 161 | ("libxi" ,libxi) |
e8647227 EF |
162 | ("libxtst" ,libxtst) |
163 | ("qt" ,qt-4))) | |
164 | (native-inputs | |
165 | `(("zlib" ,zlib))) | |
166 | (home-page "https://www.keepassx.org") | |
167 | (synopsis "Password manager") | |
168 | (description "KeePassX is a password manager or safe which helps you to | |
169 | manage your passwords in a secure way. You can put all your passwords in one | |
170 | database, which is locked with one master key or a key-file which can be stored | |
171 | on an external storage device. The databases are encrypted using the | |
172 | algorithms AES or Twofish.") | |
173 | ;; Non functional parts use various licences. | |
b7ac10e6 EF |
174 | (license license:gpl3) |
175 | (properties `((superseded . ,keepassxc))))) | |
dd24e906 | 176 | |
7d4b3e1e TG |
177 | (define-public pwsafe |
178 | (package | |
179 | (name "pwsafe") | |
180 | (version "3.48.0") | |
181 | (home-page "https://www.pwsafe.org/" ) | |
182 | (source | |
183 | (origin | |
184 | (method git-fetch) | |
185 | (uri (git-reference | |
186 | (url "https://github.com/pwsafe/pwsafe.git") | |
187 | (commit version))) | |
188 | (sha256 (base32 "0hxv23yh76liggxbjn4m132z15sklra8ms341xgzl4n5vjx30ihi")) | |
189 | (file-name (string-append name "-" version "-checkout")))) | |
190 | (build-system cmake-build-system) | |
191 | (native-inputs `(("gettext" ,gettext-minimal) | |
192 | ("perl" ,perl) | |
193 | ("zip" ,zip))) | |
194 | (inputs `(("curl" ,curl) | |
195 | ("file" ,file) | |
196 | ("gtest" ,googletest) | |
197 | ("libuuid" ,util-linux) | |
198 | ("libxt" ,libxt) | |
199 | ("libxtst" ,libxtst) | |
200 | ("openssl" ,openssl) | |
201 | ("qrencode" ,qrencode) | |
202 | ("wxwidgets" ,wxwidgets) | |
203 | ("xerces-c" ,xerces-c))) | |
204 | (arguments '(#:configure-flags (list "-DNO_GTEST=YES") | |
205 | #:phases (modify-phases %standard-phases | |
206 | (add-after 'unpack 'add-gtest | |
207 | (lambda* (#:key inputs #:allow-other-keys) | |
208 | (chmod "CMakeLists.txt" #o644) | |
209 | (let ((cmake-port (open-file "CMakeLists.txt" | |
210 | "a"))) | |
211 | (display "find_package(GTest) | |
212 | add_subdirectory(src/test)\n" cmake-port) | |
213 | (close cmake-port) | |
214 | #t))) | |
215 | (add-after 'add-gtest 'patch-executables | |
216 | (lambda* (#:key inputs #:allow-other-keys) | |
217 | (chmod "src/test/OSTest.cpp" #o644) | |
218 | (substitute* "src/os/unix/media.cpp" | |
219 | (("/usr/bin/file") | |
220 | (string-append (assoc-ref inputs "file") | |
221 | "/bin/file"))) | |
222 | #t))))) | |
223 | (synopsis "Password safe with automatic input and key generation") | |
224 | (description "pwsafe is a password manager originally designed by Bruce | |
225 | Schneier. It offers a simple UI to manage passwords for different services. | |
226 | There are other programs that support the file format on different | |
227 | platforms.") | |
228 | (license license:artistic2.0))) | |
229 | ||
dd24e906 DT |
230 | (define-public shroud |
231 | (package | |
232 | (name "shroud") | |
b4aa6d3d | 233 | (version "0.1.1") |
dd24e906 DT |
234 | (source (origin |
235 | (method url-fetch) | |
a652eb93 | 236 | (uri (string-append "https://files.dthompson.us/shroud/shroud-" |
dd24e906 DT |
237 | version ".tar.gz")) |
238 | (sha256 | |
239 | (base32 | |
b4aa6d3d | 240 | "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr")))) |
dd24e906 | 241 | (build-system gnu-build-system) |
df0e8a23 SB |
242 | (arguments |
243 | '(#:phases | |
244 | (modify-phases %standard-phases | |
245 | (add-after 'install 'wrap-shroud | |
246 | (lambda* (#:key outputs #:allow-other-keys) | |
247 | (let* ((out (assoc-ref outputs "out")) | |
248 | (ccachedir (string-append out "/lib/guile/2.0/ccache")) | |
249 | (prog (string-append out "/bin/shroud"))) | |
250 | (wrap-program prog | |
251 | `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir))) | |
252 | #t)))))) | |
dd24e906 DT |
253 | (inputs |
254 | `(("guile" ,guile-2.0) | |
255 | ("gnupg" ,gnupg) | |
256 | ("xclip" ,xclip))) | |
257 | (synopsis "GnuPG-based secret manager") | |
258 | (description "Shroud is a simple secret manager with a command line | |
259 | interface. The password database is stored as a Scheme s-expression and | |
260 | encrypted with a GnuPG key. Secrets consist of an arbitrary number of | |
261 | key/value pairs, making Shroud suitable for more than just password storage. | |
262 | For copying and pasting secrets into web browsers and other graphical | |
263 | applications, there is xclip integration." ) | |
59d915ac | 264 | (home-page "https://dthompson.us/projects/shroud.html") |
dd24e906 | 265 | (license license:gpl3+))) |
7e9b07bd AP |
266 | |
267 | (define-public yapet | |
268 | (package | |
269 | (name "yapet") | |
3d63422c | 270 | (version "1.1") |
7e9b07bd AP |
271 | (source (origin |
272 | (method url-fetch) | |
273 | (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-" | |
274 | version | |
275 | ".tar.bz2")) | |
276 | (sha256 | |
277 | (base32 | |
3d63422c | 278 | "1lq46mpxdsbl6qw4cj58hp9q7jckmyvbsi08p5zr77rjgqadxyyy")))) |
7e9b07bd AP |
279 | (build-system gnu-build-system) |
280 | (inputs | |
281 | `(("ncurses" ,ncurses) | |
282 | ("openssl" ,openssl))) | |
283 | (native-inputs | |
284 | `(("pkg-config" ,pkg-config))) | |
285 | (synopsis "Yet Another Password Encryption Tool") | |
286 | (description "YAPET is a text based password manager using the Blowfish | |
287 | encryption algorithm. Because of its small footprint and very few library | |
288 | dependencies, it is suited for installing on desktop and server systems alike. | |
289 | The text based user interface allows you to run YAPET easily in a Secure Shell | |
290 | session. Two companion utilities enable users to convert CSV files to YAPET | |
291 | and vice versa.") | |
292 | (home-page "http://www.guengel.ch/myapps/yapet/") | |
293 | (license license:gpl3+))) | |
72029c8b SB |
294 | |
295 | (define-public cracklib | |
296 | (package | |
297 | (name "cracklib") | |
298 | (version "2.9.6") | |
299 | (source (origin | |
300 | (method url-fetch) | |
301 | (uri (string-append "https://github.com/cracklib/cracklib/" | |
302 | "releases/download/" name "-" version "/" | |
303 | name "-" version ".tar.gz")) | |
b0a56764 LF |
304 | (patches (search-patches "cracklib-CVE-2016-6318.patch" |
305 | "cracklib-fix-buffer-overflow.patch")) | |
72029c8b SB |
306 | (sha256 |
307 | (base32 | |
308 | "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp")))) | |
309 | (build-system gnu-build-system) | |
310 | (synopsis "Password checking library") | |
311 | (home-page "https://github.com/cracklib/cracklib") | |
312 | (description | |
313 | "CrackLib is a library containing a C function which may be used in a | |
b1a686bb TGR |
314 | @command{passwd}-like program. The idea is simple: try to prevent users from |
315 | choosing passwords that could easily be guessed (or \"cracked\") by filtering | |
316 | them out, at the source.") | |
72029c8b | 317 | (license license:lgpl2.1))) |
c2fb2076 SB |
318 | |
319 | (define-public libpwquality | |
320 | (package | |
321 | (name "libpwquality") | |
4a577fef | 322 | (version "1.4.0") |
c2fb2076 SB |
323 | (source (origin |
324 | (method url-fetch) | |
325 | (uri (list | |
c18594dd EJ |
326 | (string-append "https://github.com/" name "/" name |
327 | "/releases/download/" name "-" version | |
328 | "/" name "-" version ".tar.bz2") | |
c2fb2076 SB |
329 | (string-append "https://launchpad.net/libpwquality/trunk/" |
330 | version "/+download/" | |
331 | name "-" version ".tar.bz2"))) | |
332 | (sha256 | |
333 | (base32 | |
4a577fef | 334 | "0syyz8r54l8mqmbb0mw19qz4z2cx8gdgidicb8k2s5zjdh2gzrhx")))) |
c2fb2076 SB |
335 | (build-system gnu-build-system) |
336 | (arguments | |
337 | ;; XXX: have RUNPATH issue. | |
338 | '(#:configure-flags '("--disable-python-bindings"))) | |
339 | (inputs | |
340 | `(("cracklib" ,cracklib))) | |
341 | (synopsis "Password quality checker") | |
c18594dd | 342 | (home-page "https://github.com/libpwquality/libpwquality") |
c2fb2076 SB |
343 | (description |
344 | "Libpwquality is a library for password quality checking and generation of | |
345 | random passwords that pass the checks.") | |
346 | (license license:gpl2+))) | |
3d4f9d5c CAW |
347 | |
348 | (define-public assword | |
349 | (package | |
350 | (name "assword") | |
d504de26 | 351 | (version "0.11") |
3d4f9d5c CAW |
352 | (source (origin |
353 | (method url-fetch) | |
354 | (uri (list | |
355 | (string-append | |
356 | "http://http.debian.net/debian/pool/main/a/assword/" | |
357 | "assword_" version ".orig.tar.gz"))) | |
358 | (sha256 | |
359 | (base32 | |
d504de26 | 360 | "03gkb6kvsghznbcw5l7nmrc6mn3ixkjd5jcs96ni4zs9l47jf7yp")))) |
3d4f9d5c | 361 | (arguments |
f339f277 | 362 | `(;; irritatingly, tests do run but not there are two problems: |
3d4f9d5c CAW |
363 | ;; - "import gtk" fails for unknown reasons here despite it the |
364 | ;; program working (indeed, I've found I have to do a logout and log | |
365 | ;; back in in after an install order for some mumbo jumbo environment | |
366 | ;; variable mess to work with pygtk and assword... what's up with | |
367 | ;; that?) | |
368 | ;; - even when the tests fail, they don't return a nonzero status, | |
369 | ;; so I'm not sure how to programmatically get that information | |
370 | #:tests? #f | |
371 | #:phases | |
372 | (modify-phases %standard-phases | |
0050876b SB |
373 | (add-after 'install 'wrap-assword |
374 | (lambda* (#:key outputs #:allow-other-keys) | |
375 | (let ((prog (string-append | |
376 | (assoc-ref outputs "out") | |
377 | "/bin/assword")) | |
378 | (gi-typelib-path (getenv "GI_TYPELIB_PATH"))) | |
379 | (wrap-program prog | |
380 | `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path))) | |
381 | #t))) | |
3d4f9d5c CAW |
382 | (add-after 'install 'manpage |
383 | (lambda* (#:key outputs #:allow-other-keys) | |
3692cffe RW |
384 | ;; Without this substitution, it fails with |
385 | ;; ImportError: No module named 'gpg' | |
386 | (substitute* "Makefile" | |
387 | (("PYTHONPATH=.") "")) | |
388 | (invoke "make" "assword.1") | |
389 | (install-file | |
390 | "assword.1" | |
391 | (string-append (assoc-ref outputs "out") "/share/man/man1"))))))) | |
3d4f9d5c CAW |
392 | (build-system python-build-system) |
393 | (native-inputs | |
f339f277 | 394 | `(("txt2man" ,txt2man))) |
3d4f9d5c | 395 | (inputs |
0050876b SB |
396 | `(("gtk+" ,gtk+) |
397 | ("python-xdo" ,python-xdo) | |
f339f277 LF |
398 | ("python-gpg" ,python-gpg) |
399 | ("python-pygobject" ,python-pygobject))) | |
3d4f9d5c CAW |
400 | (propagated-inputs |
401 | `(("xclip" ,xclip))) | |
402 | (home-page "https://finestructure.net/assword/") | |
403 | (synopsis "Password manager") | |
404 | (description "assword is a simple password manager using GPG-wrapped | |
405 | JSON files. It has a command line interface as well as a very simple | |
406 | graphical interface, which can even \"type\" your passwords into | |
407 | any X11 window.") | |
408 | (license license:gpl3+))) | |
c285a400 JT |
409 | |
410 | (define-public password-store | |
411 | (package | |
412 | (name "password-store") | |
3e9aa5cf | 413 | (version "1.7.3") |
c285a400 JT |
414 | (source (origin |
415 | (method url-fetch) | |
416 | (uri | |
417 | (string-append "https://git.zx2c4.com/password-store/snapshot/" | |
418 | name "-" version ".tar.xz")) | |
419 | (sha256 | |
420 | (base32 | |
3e9aa5cf | 421 | "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b")))) |
c285a400 JT |
422 | (build-system gnu-build-system) |
423 | (arguments | |
424 | '(#:phases | |
425 | (modify-phases %standard-phases | |
426 | (delete 'configure) | |
619f98fa | 427 | (delete 'build) |
177475cf JL |
428 | (add-before 'install 'patch-passmenu-path |
429 | (lambda* (#:key inputs #:allow-other-keys) | |
430 | (substitute* "contrib/dmenu/passmenu" | |
431 | (("dmenu") (string-append (assoc-ref inputs "dmenu") | |
432 | "/bin/dmenu")) | |
433 | (("xdotool") (string-append (assoc-ref inputs "xdotool") | |
434 | "/bin/xdotool"))) | |
435 | #t)) | |
436 | (add-after 'install 'install-passmenu | |
437 | (lambda* (#:key outputs #:allow-other-keys) | |
e9ce6425 TGR |
438 | (let* ((out (assoc-ref outputs "out")) |
439 | (bin (string-append out "/bin"))) | |
440 | (install-file "contrib/dmenu/passmenu" bin) | |
177475cf | 441 | #t))) |
61201e46 AG |
442 | (add-after 'install 'wrap-path |
443 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
444 | (let ((out (assoc-ref outputs "out")) | |
445 | (path (map (lambda (pkg) | |
446 | (string-append (assoc-ref inputs pkg) "/bin")) | |
81635fb6 | 447 | '("coreutils" "getopt" "git" "gnupg" "qrencode" |
61201e46 AG |
448 | "sed" "tree" "which" "xclip")))) |
449 | (wrap-program (string-append out "/bin/pass") | |
718c1278 MB |
450 | `("PATH" ":" prefix (,(string-join path ":")))) |
451 | #t))) | |
452 | (add-after 'wrap-path 'install-shell-completions | |
453 | (lambda* (#:key outputs #:allow-other-keys) | |
454 | (let* ((out (assoc-ref outputs "out")) | |
455 | (bashcomp (string-append out "/etc/bash_completion.d"))) | |
456 | ;; TODO: install fish and zsh completions. | |
457 | (mkdir-p bashcomp) | |
458 | (copy-file "src/completion/pass.bash-completion" | |
459 | (string-append bashcomp "/pass")) | |
460 | #t)))) | |
c285a400 | 461 | #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output)) |
a77f0360 CB |
462 | ;; Parallel tests may cause a race condition leading to a |
463 | ;; timeout in some circumstances. | |
464 | #:parallel-tests? #f | |
c285a400 | 465 | #:test-target "test")) |
61201e46 | 466 | (inputs |
177475cf JL |
467 | `(("dmenu" ,dmenu) |
468 | ("getopt" ,util-linux) | |
61201e46 AG |
469 | ("git" ,git) |
470 | ("gnupg" ,gnupg) | |
81635fb6 | 471 | ("qrencode" ,qrencode) |
61201e46 AG |
472 | ("sed" ,sed) |
473 | ("tree" ,tree) | |
474 | ("which" ,which) | |
177475cf JL |
475 | ("xclip" ,xclip) |
476 | ("xdotool" ,xdotool))) | |
62ab60aa | 477 | (home-page "https://www.passwordstore.org/") |
c285a400 JT |
478 | (synopsis "Encrypted password manager") |
479 | (description "Password-store is a password manager which uses GnuPG to | |
480 | store and retrieve passwords. The tool stores each password in its own | |
481 | GnuPG-encrypted file, allowing the program to be simple yet secure. | |
482 | Synchronization is possible using the integrated git support, which commits | |
483 | changes to your password database to a git repository that can be managed | |
484 | through the pass command.") | |
485 | (license license:gpl2+))) | |
6d32dd8c LG |
486 | |
487 | (define-public argon2 | |
488 | (package | |
489 | (name "argon2") | |
c06bf6a3 | 490 | (version "20171227") |
6d32dd8c LG |
491 | (source |
492 | (origin | |
493 | (method url-fetch) | |
494 | (uri | |
1feeb2e0 TGR |
495 | (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/" |
496 | version ".tar.gz")) | |
6d32dd8c LG |
497 | (file-name (string-append name "-" version ".tar.gz")) |
498 | (sha256 | |
499 | (base32 | |
c06bf6a3 | 500 | "1n6w5y3va7lrcym7cxr0nikapldqm80wxjdns584bvplq5r03spa")))) |
6d32dd8c LG |
501 | (build-system gnu-build-system) |
502 | (arguments | |
503 | `(#:test-target "test" | |
c06bf6a3 MB |
504 | #:make-flags '("CC=gcc" |
505 | "OPTTEST=1") ;disable CPU optimization | |
6d32dd8c LG |
506 | #:phases |
507 | (modify-phases %standard-phases | |
c06bf6a3 MB |
508 | (add-after 'unpack 'patch-Makefile |
509 | (lambda* (#:key outputs #:allow-other-keys) | |
510 | (let ((out (assoc-ref outputs "out"))) | |
511 | (substitute* "Makefile" | |
512 | (("PREFIX = /usr") (string-append "PREFIX = " out))) | |
037d1851 AB |
513 | (substitute* "libargon2.pc" |
514 | (("prefix=/usr") (string-append "prefix=" out)) | |
515 | (("@HOST_MULTIARCH@") "") | |
516 | (("@UPSTREAM_VER@") ,version)) | |
c06bf6a3 | 517 | #t))) |
037d1851 AB |
518 | (delete 'configure) |
519 | (add-after 'install 'install-argon2.pc | |
520 | (lambda* (#:key outputs #:allow-other-keys) | |
521 | (let ((out (assoc-ref outputs "out"))) | |
522 | (install-file "libargon2.pc" | |
523 | (string-append out "/lib/pkgconfig")) | |
524 | #t)))))) | |
6d32dd8c LG |
525 | (home-page "https://www.argon2.com/") |
526 | (synopsis "Password hashing library") | |
527 | (description "Argon2 provides a key derivation function that was declared | |
528 | winner of the 2015 Password Hashing Competition.") | |
c06bf6a3 MB |
529 | ;; Argon2 is dual licensed under CC0 and ASL 2.0. Some of the source |
530 | ;; files are CC0 only; see README.md and LICENSE for details. | |
531 | (license (list license:cc0 license:asl2.0)))) | |
153e58c5 | 532 | |
a1714ff5 JL |
533 | (define-public pass-git-helper |
534 | (package | |
535 | (name "pass-git-helper") | |
536 | (version "0.3.1") | |
537 | (source | |
538 | (origin | |
539 | (method url-fetch) | |
540 | (uri (string-append "https://github.com/languitar/pass-git-helper/archive/release-" | |
541 | version ".tar.gz")) | |
542 | (sha256 | |
543 | (base32 | |
544 | "0lz5ncy44pz7z1j2nnyildx8sq33zi3xvg5nkwg25n11nasqh2xn")))) | |
545 | (build-system python-build-system) | |
546 | (arguments | |
547 | `(#:phases | |
548 | (modify-phases %standard-phases | |
549 | (add-before 'build 'patch-pass-path | |
550 | (lambda* (#:key inputs #:allow-other-keys) | |
551 | (let* ((password-store (assoc-ref inputs "password-store")) | |
552 | (pass (string-append password-store "/bin/pass"))) | |
553 | (substitute* "pass-git-helper" | |
554 | (("'pass'") (string-append "'" pass "'"))) | |
555 | #t)))))) | |
556 | (inputs | |
557 | `(("python-pyxdg" ,python-pyxdg) | |
558 | ("password-store" ,password-store))) | |
559 | (home-page "https://github.com/languitar/pass-git-helper") | |
560 | (synopsis "Git credential helper interfacing with pass") | |
561 | (description "pass-git-helper is a git credential helper which allows to | |
562 | use pass, the standard unix password manager, as the credential backend for | |
563 | your git repositories. This is achieved by explicitly defining mappings | |
564 | between hosts and entries in the password store.") | |
565 | (license license:lgpl3+))) | |
eb28a777 EB |
566 | |
567 | (define-public john-the-ripper-jumbo | |
568 | (let ((official-version "1.8.0") | |
569 | (jumbo-version "1")) | |
570 | (package | |
571 | (name "john-the-ripper-jumbo") | |
572 | (version (string-append official-version "-" jumbo-version)) | |
573 | (source | |
574 | (origin | |
575 | (method url-fetch) | |
576 | (uri (string-append "http://www.openwall.com/john/j/john-" | |
577 | official-version "-jumbo-" jumbo-version ".tar.xz")) | |
578 | (sha256 | |
579 | (base32 | |
580 | "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds")) | |
581 | (patches | |
582 | (list (origin | |
583 | (method url-fetch) | |
584 | (uri (string-append "https://github.com/magnumripper/" | |
585 | "JohnTheRipper/commit/" | |
586 | "e2e868db3e153b3f959e119a51703d4afb99c624.patch")) | |
587 | (file-name "john-the-ripper-jumbo-gcc5-inline.patch") | |
588 | (sha256 | |
589 | (base32 | |
590 | "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra"))) | |
591 | (origin | |
592 | (method url-fetch) | |
593 | (uri (string-append "https://github.com/magnumripper/" | |
594 | "JohnTheRipper/commit/" | |
595 | "480e95b0e449863be3e1a5b0bc634a67df28b618.patch")) | |
596 | (file-name "john-the-ripper-jumbo-non-x86.patch") | |
597 | (sha256 | |
598 | (base32 | |
599 | "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx"))))))) | |
600 | (build-system gnu-build-system) | |
601 | (inputs | |
602 | `(("gmp" ,gmp) | |
603 | ("krb5" ,mit-krb5) | |
604 | ("libpcap" ,libpcap) | |
605 | ("nss" ,nss) | |
606 | ("openssl" ,openssl) | |
607 | ("zlib" ,zlib))) | |
608 | (arguments | |
609 | `(#:configure-flags | |
610 | (list (string-append | |
611 | "CFLAGS=-O2 -g " | |
612 | "-DJOHN_SYSTEMWIDE=1 " | |
613 | "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' " | |
614 | "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'") | |
615 | ;; For now, do not test for instruction set in configure, and | |
616 | ;; do not pass '-march=native' to gcc: | |
617 | "--disable-native-tests" | |
618 | "--disable-native-macro") | |
619 | #:tests? #f ;tests try to create '.john' in the build user's $HOME | |
620 | #:phases | |
621 | (modify-phases %standard-phases | |
622 | (add-before 'configure 'chdir-src | |
623 | (lambda _ (chdir "src"))) | |
624 | (replace 'install | |
625 | (lambda _ | |
626 | (let ((bindir (string-append %output "/bin")) | |
627 | (docdir (string-append %output "/share/doc/john")) | |
628 | (execdir (string-append %output "/libexec/john")) | |
629 | (homedir (string-append %output "/share/john")) | |
630 | (install-file-to (lambda (dir) | |
631 | (lambda (f) (install-file f dir)))) | |
632 | (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink)))) | |
633 | (with-directory-excursion "../run" | |
634 | (for-each (install-file-to execdir) | |
635 | (cons* "mailer" "benchmark-unify" | |
636 | (find-files "." ".*\\.(py|rb|pl)"))) | |
637 | (for-each (install-file-to homedir) | |
638 | (append (find-files "." "(stats|dictionary.*)") | |
639 | (find-files "." "(.*\\.chr|.*\\.lst)") | |
640 | (find-files "." ".*\\.conf"))) | |
641 | (for-each (install-file-to bindir) | |
642 | '("tgtsnarf" "genmkvpwd" "mkvcalcproba" | |
643 | "raw2dyna" "luks2john" "vncpcap2john" | |
644 | "uaf2john" "calc_stat" "wpapcap2john" | |
645 | "cprepair" "relbench" "SIPdump" "john")) | |
646 | (for-each (lambda (f) ;install symlinked aliases | |
647 | (symlink "john" | |
648 | (string-append bindir "/" (basename f)))) | |
649 | (find-files "." symlink?))) | |
650 | (copy-recursively "../doc" docdir) | |
651 | #t)))))) | |
652 | (home-page "http://www.openwall.com/john/") | |
653 | (synopsis "Password cracker") | |
654 | (description "John the Ripper is a fast password cracker. Its primary | |
655 | purpose is to detect weak Unix passwords. Besides several @code{crypt} | |
656 | password hash types most commonly found on various Unix systems, supported out | |
657 | of the box are Windows LM hashes, plus lots of other hashes and ciphers. This | |
658 | is the community-enhanced, \"jumbo\" version of John the Ripper.") | |
659 | (license license:gpl2+)))) | |
649eb8b5 KH |
660 | |
661 | (define-public sala | |
662 | (package | |
663 | (name "sala") | |
664 | (version "1.3") | |
665 | (source | |
666 | (origin | |
667 | (method url-fetch) | |
668 | (uri (pypi-uri "sala" version)) | |
669 | (sha256 | |
670 | (base32 | |
671 | "13qgmc3i2a0cqp8jqrfl93lnphfagb32pgfikc1gza2a14asxzi8")))) | |
672 | (build-system python-build-system) | |
673 | (arguments | |
674 | ;; Sala is supposed to work with Python 3.2 or higher, | |
675 | ;; but it doesn't work with Python 3.6. Better stick | |
676 | ;; to Python 2, which works fine. | |
677 | `(#:python ,python-2)) | |
678 | (propagated-inputs | |
679 | `(("gnupg" ,gnupg) | |
680 | ("pwgen" ,pwgen))) | |
681 | (home-page "http://www.digip.org/sala/") | |
682 | (synopsis "Encrypted plaintext password store") | |
683 | (description | |
684 | "Store passwords and other bits of sensitive plain-text information | |
685 | to encrypted files on a directory hierarchy. The information is protected | |
686 | by GnuPG's symmetrical encryption.") | |
687 | (license license:expat))) | |
d4e0ebd0 T |
688 | |
689 | (define-public fpm2 | |
690 | (package | |
691 | (name "fpm2") | |
692 | (version "0.79") | |
693 | (source (origin | |
694 | (method url-fetch) | |
695 | (uri (string-append "https://als.regnet.cz/fpm2/download/fpm2-" | |
696 | version ".tar.bz2")) | |
697 | (sha256 | |
698 | (base32 | |
699 | "19sdy1lygfhkg5nxi2w9a4d9kwvw24nxp0ix0p0lz91qpvk9qpnm")))) | |
700 | (build-system gnu-build-system) | |
701 | (inputs `(("gtk2" ,gtk+-2) | |
702 | ("gnupg" ,gnupg) | |
703 | ("libxml2" ,libxml2))) | |
704 | (native-inputs `(("pkg-config" ,pkg-config) | |
705 | ("intltool" ,intltool))) | |
706 | (arguments | |
707 | `(#:phases | |
708 | (modify-phases %standard-phases | |
709 | (add-before 'configure 'pre-configure | |
710 | ;; The file po/POTFILES.in ends up missing for some reason in | |
711 | ;; both nix and guix builds. Adding the file with contents | |
712 | ;; found during troubleshooting. | |
713 | (lambda _ | |
714 | (call-with-output-file "po/POTFILES.in" | |
715 | (lambda (port) | |
716 | (format port "data/fpm2.desktop.in | |
717 | data/fpm2.desktop.in.in | |
718 | fpm2.glade | |
719 | src/callbacks.c | |
720 | src/fpm.c | |
721 | src/fpm_file.c | |
722 | src/interface.c | |
723 | src/support.c | |
724 | fpm2.glade | |
725 | "))) | |
726 | #t))))) | |
727 | (synopsis "Manage, generate and store passwords encrypted") | |
728 | (description "FPM2 is GTK2 port from Figaro's Password Manager | |
729 | originally developed by John Conneely, with some new enhancements. | |
730 | ||
731 | Upstream development seems to have stopped. It is therefore recommended | |
732 | to use a different password manager.") | |
733 | (home-page "https://als.regnet.cz/fpm2/") | |
734 | (license license:gpl2+))) | |
20b51b17 AI |
735 | |
736 | (define-public pass-rotate | |
737 | (package | |
738 | (name "pass-rotate") | |
739 | (version "0.1") | |
740 | (source | |
741 | (origin | |
742 | (method url-fetch) | |
743 | (uri (string-append "https://github.com/SirCmpwn/pass-rotate/archive/" | |
744 | version ".tar.gz")) | |
745 | (sha256 | |
746 | (base32 | |
747 | "1svm5nj8bczv2dg8lh2zqqhbsrljqsw9680r03qwgl9vlci90210")) | |
748 | (file-name (string-append name "-" version ".tar.gz")))) | |
749 | (build-system python-build-system) | |
750 | (inputs | |
751 | `(("python-beautifulsoup4" ,python-beautifulsoup4) | |
752 | ("python-docopt" ,python-docopt) | |
753 | ("python-html5lib" ,python-html5lib) | |
754 | ("python-requests" ,python-requests))) | |
755 | (home-page "https://github.com/SirCmpwn/pass-rotate") | |
756 | (synopsis "Rotate password on online services") | |
757 | (description "pass-rotate is a command line utility and python library for | |
758 | rotating passwords on various web services. It makes it easier to rotate your | |
759 | passwords, one at a time or in bulk, when security events or routine upkeep of | |
760 | your online accounts makes it necessary.") | |
761 | (license license:expat))) | |
c10aa278 PN |
762 | |
763 | (define-public hashcat | |
764 | (package | |
765 | (name "hashcat") | |
45ee3fde | 766 | (version "5.1.0") |
c10aa278 PN |
767 | (source |
768 | (origin | |
769 | (method url-fetch) | |
770 | (uri (string-append "https://hashcat.net/files/hashcat-" | |
771 | version ".tar.gz")) | |
772 | (sha256 | |
773 | (base32 | |
45ee3fde | 774 | "0f73y4cg8c7a6q7x34qvpfi4g3lw6j9bnn0a13g43aqyiskflfr8")))) |
c10aa278 PN |
775 | (native-inputs |
776 | `(("opencl-headers" ,opencl-headers))) | |
777 | (build-system gnu-build-system) | |
778 | (arguments | |
779 | '(#:tests? #f ;no tests | |
780 | #:make-flags (list (string-append "PREFIX=" %output)) | |
781 | #:phases | |
782 | (modify-phases %standard-phases | |
783 | (delete 'configure)))) | |
784 | (home-page "https://hashcat.net/hashcat/") | |
785 | (synopsis "Advanced password recovery utility") | |
786 | (description "Hashcat is an password recovery utility, supporting five | |
787 | unique modes of attack for over 200 highly-optimized hashing algorithms. | |
788 | Hashcat currently supports CPUs, GPUs, and other hardware accelerators on | |
789 | Linux, Windows, and macOS, and has facilities to help enable distributed | |
790 | password cracking.") | |
791 | (license license:expat))) | |
eb4ffe9b PN |
792 | |
793 | (define-public hashcat-utils | |
794 | (package | |
795 | (name "hashcat-utils") | |
2b9b4b1f | 796 | (version "1.9") |
eb4ffe9b PN |
797 | (source |
798 | (origin | |
799 | (method url-fetch) | |
2b9b4b1f TGR |
800 | (uri (string-append "https://github.com/hashcat/hashcat-utils/releases/" |
801 | "download/v" version "/" | |
802 | "hashcat-utils-" version ".7z")) | |
eb4ffe9b | 803 | (sha256 |
2b9b4b1f | 804 | (base32 "0kq555kb338691qd7zjmi8vhq4km3apnsl2w63zh0igwzcjx6lx1")))) |
eb4ffe9b PN |
805 | (native-inputs |
806 | `(("p7zip" ,p7zip))) | |
807 | (inputs | |
808 | `(("perl" ,perl))) | |
809 | (build-system gnu-build-system) | |
810 | (arguments | |
811 | `(#:tests? #f ;no tests | |
812 | #:make-flags (list "CC=gcc" | |
813 | ;; Upstream bug(?): "make all" seems to remove the | |
814 | ;; Perl scripts from the source. | |
815 | "native") | |
816 | #:phases | |
817 | (modify-phases %standard-phases | |
818 | (replace 'unpack | |
819 | (lambda* (#:key source #:allow-other-keys) | |
820 | (invoke "7z" "x" source) | |
821 | (chdir (string-append "hashcat-utils-" ,version "/src")) | |
822 | #t)) | |
823 | (delete 'configure) | |
824 | (replace 'install | |
825 | (lambda* (#:key outputs #:allow-other-keys) | |
826 | (let ((out (string-append (assoc-ref outputs "out") "/bin"))) | |
827 | (mkdir-p out) | |
2b9b4b1f TGR |
828 | (for-each |
829 | (lambda (file) | |
830 | (copy-file file (string-append out "/" | |
831 | (basename file ".bin")))) | |
832 | (find-files "." "\\.bin$")) | |
833 | (for-each | |
834 | (lambda (file) | |
835 | (copy-file file (string-append out "/" | |
836 | (basename file ".pl")))) | |
837 | (find-files "../bin" "\\.pl$")) | |
eb4ffe9b PN |
838 | #t)))))) |
839 | (home-page "https://github.com/hashcat/hashcat-utils/") | |
840 | (synopsis "Small utilities that are useful in advanced password cracking") | |
841 | (description "Hashcat-utils are a set of small utilities that are useful | |
842 | in advanced password cracking. They all are packed into multiple stand-alone | |
843 | binaries. All of these utils are designed to execute only one specific | |
844 | function. Since they all work with @code{STDIN} and @code{STDOUT} you can | |
845 | group them into chains.") | |
846 | (license license:expat))) |