Commit | Line | Data |
---|---|---|
6036453f LC |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org> | |
58c5fb76 | 3 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
a6b256af | 4 | ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org> |
58fdab1d | 5 | ;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com> |
e84eb77a | 6 | ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> |
74a83085 | 7 | ;;; Copyright © 2017 Tobias Geerinckx-Rice <me@tobias.gr> |
79b43bc3 | 8 | ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> |
a6706f30 | 9 | ;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com> |
6036453f LC |
10 | ;;; |
11 | ;;; This file is part of GNU Guix. | |
12 | ;;; | |
13 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
14 | ;;; under the terms of the GNU General Public License as published by | |
15 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
16 | ;;; your option) any later version. | |
17 | ;;; | |
18 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
19 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
20 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
21 | ;;; GNU General Public License for more details. | |
22 | ;;; | |
23 | ;;; You should have received a copy of the GNU General Public License | |
24 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
25 | ||
f9c33960 | 26 | (define-module (gnu packages security-token) |
6036453f | 27 | #:use-module (gnu packages) |
07b1fb86 | 28 | #:use-module ((guix licenses) #:prefix license:) |
6036453f LC |
29 | #:use-module (guix packages) |
30 | #:use-module (guix download) | |
31 | #:use-module (guix build-system gnu) | |
e84eb77a TD |
32 | #:use-module (guix build-system glib-or-gtk) |
33 | #:use-module (gnu packages autotools) | |
a6b256af | 34 | #:use-module (gnu packages curl) |
ba8d8820 | 35 | #:use-module (gnu packages check) |
a6706f30 | 36 | #:use-module (gnu packages docbook) |
ba8d8820 | 37 | #:use-module (gnu packages documentation) |
e84eb77a | 38 | #:use-module (gnu packages gettext) |
ba8d8820 | 39 | #:use-module (gnu packages graphviz) |
e84eb77a | 40 | #:use-module (gnu packages gtk) |
58fdab1d | 41 | #:use-module (gnu packages libusb) |
a6b256af | 42 | #:use-module (gnu packages linux) |
6036453f | 43 | #:use-module (gnu packages man) |
e84eb77a TD |
44 | #:use-module (gnu packages networking) |
45 | #:use-module (gnu packages cyrus-sasl) | |
a6706f30 | 46 | #:use-module (gnu packages readline) |
e84eb77a | 47 | #:use-module (gnu packages tls) |
ba8d8820 | 48 | #:use-module (gnu packages tex) |
a6b256af | 49 | #:use-module (gnu packages perl) |
e84eb77a TD |
50 | #:use-module (gnu packages pkg-config) |
51 | #:use-module (gnu packages xml)) | |
6036453f | 52 | |
58fdab1d MB |
53 | (define-public ccid |
54 | (package | |
55 | (name "ccid") | |
9cf2de87 | 56 | (version "1.4.29") |
58fdab1d MB |
57 | (source (origin |
58 | (method url-fetch) | |
59 | (uri (string-append | |
9cf2de87 | 60 | "https://alioth.debian.org/frs/download.php/file/4238/" |
58fdab1d MB |
61 | "ccid-" version ".tar.bz2")) |
62 | (sha256 | |
63 | (base32 | |
9cf2de87 | 64 | "0kdqmbma6sclsrbxy9w85h7cs0v11if4nc2r9v09613k8pl2lhx5")))) |
58fdab1d MB |
65 | (build-system gnu-build-system) |
66 | (arguments | |
67 | `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output | |
68 | "/pcsc/drivers")) | |
69 | #:phases | |
70 | (modify-phases %standard-phases | |
71 | (add-after 'unpack 'patch-Makefile | |
72 | (lambda _ | |
73 | (substitute* "src/Makefile.in" | |
74 | (("/bin/echo") (which "echo"))) | |
75 | #t))))) | |
76 | (native-inputs | |
77 | `(("perl" ,perl) | |
78 | ("pkg-config" ,pkg-config))) | |
79 | (inputs | |
80 | `(("libusb" ,libusb) | |
81 | ("pcsc-lite" ,pcsc-lite))) | |
82 | (home-page "https://pcsclite.alioth.debian.org/ccid.html") | |
83 | (synopsis "PC/SC driver for USB smart card devices") | |
84 | (description | |
85 | "This package provides a PC/SC IFD handler implementation for devices | |
86 | compliant with the CCID and ICCD protocols. It supports a wide range of | |
87 | readers and is needed to communicate with such devices through the | |
88 | @command{pcscd} resource manager.") | |
89 | (license license:lgpl2.1+))) | |
90 | ||
e84eb77a TD |
91 | (define-public eid-mw |
92 | (package | |
93 | (name "eid-mw") | |
74a83085 | 94 | (version "4.3.4") |
e84eb77a TD |
95 | (source (origin |
96 | (method url-fetch) | |
97 | (uri (string-append | |
98 | "https://github.com/Fedict/eid-mw/archive/v" | |
99 | version ".tar.gz")) | |
100 | (file-name (string-append name "-" version ".tar.gz")) | |
101 | (sha256 | |
102 | (base32 | |
74a83085 | 103 | "1ay9znry9dkhhn783paqy8czvv3w5gdpmq8ag8znx9akza8c929z")))) |
e84eb77a | 104 | (build-system glib-or-gtk-build-system) |
74a83085 | 105 | (native-inputs |
e84eb77a TD |
106 | `(("autoconf" ,autoconf) |
107 | ("automake" ,automake) | |
108 | ("gettext" ,gnu-gettext) | |
109 | ("libtool" ,libtool) | |
110 | ("pkg-config" ,pkg-config) | |
111 | ("perl" ,perl))) | |
112 | (inputs | |
113 | `(("curl" ,curl) | |
114 | ("openssl" ,openssl) | |
115 | ("gtk+" ,gtk+) | |
116 | ("pcsc-lite" ,pcsc-lite) | |
117 | ("p11-kit" ,p11-kit) | |
118 | ("libproxy" ,libproxy) | |
119 | ("libxml2" ,libxml2) | |
120 | ("cyrus-sasl" ,cyrus-sasl))) | |
121 | (arguments | |
122 | `(#:phases | |
123 | (modify-phases %standard-phases | |
124 | ;; The github tarball doesn't contain a configure script. | |
125 | (add-before 'configure 'autoreconf | |
74a83085 | 126 | (lambda _ (zero? (system* "autoreconf" "-i"))))))) |
e84eb77a TD |
127 | (synopsis "Belgian eID Middleware") |
128 | (description "The Belgian eID Middleware is required to authenticate with | |
129 | online services using the Belgian electronic identity card.") | |
130 | (home-page "https://github.com/Fedict/eid-mw") | |
131 | (license license:lgpl3))) | |
132 | ||
6036453f LC |
133 | (define-public libyubikey |
134 | (package | |
135 | (name "libyubikey") | |
58c5fb76 | 136 | (version "1.13") |
6036453f LC |
137 | (source (origin |
138 | (method url-fetch) | |
139 | (uri (string-append | |
140 | "https://developers.yubico.com/yubico-c/Releases/" | |
141 | name "-" version ".tar.gz")) | |
142 | (sha256 | |
143 | (base32 | |
58c5fb76 | 144 | "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84")))) |
6036453f LC |
145 | (build-system gnu-build-system) |
146 | (synopsis "Development kit for the YubiKey authentication device") | |
147 | (description | |
148 | "This package contains a C library and command-line tools that make up | |
149 | the low-level development kit for the Yubico YubiKey authentication device.") | |
150 | (home-page "https://developers.yubico.com/yubico-c/") | |
07b1fb86 | 151 | (license license:bsd-2))) |
6036453f | 152 | |
a6b256af MG |
153 | (define-public pcsc-lite |
154 | (package | |
155 | (name "pcsc-lite") | |
972fa870 | 156 | (version "1.8.23") |
a6b256af MG |
157 | (source (origin |
158 | (method url-fetch) | |
159 | (uri (string-append | |
972fa870 | 160 | "https://alioth.debian.org/frs/download.php/file/4235/" |
a6b256af MG |
161 | "pcsc-lite-" version ".tar.bz2")) |
162 | (sha256 | |
163 | (base32 | |
972fa870 | 164 | "1jc9ws5ra6v3plwraqixin0w0wfxj64drahrbkyrrwzghqjjc9ss")))) |
a6b256af MG |
165 | (build-system gnu-build-system) |
166 | (arguments | |
972fa870 MB |
167 | `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers" |
168 | "--disable-libsystemd"))) | |
a6b256af MG |
169 | (native-inputs |
170 | `(("perl" ,perl) ; for pod2man | |
171 | ("pkg-config" ,pkg-config))) | |
172 | (inputs | |
173 | `(("libudev" ,eudev))) | |
174 | (home-page "https://pcsclite.alioth.debian.org/pcsclite.html") | |
175 | (synopsis "Middleware to access a smart card using PC/SC") | |
176 | (description | |
177 | "pcsc-lite provides an interface to communicate with smartcards and | |
178 | readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon | |
179 | from a client application and provide access to the desired reader.") | |
180 | (license (list license:bsd-3 ; pcsc-lite | |
a6b256af MG |
181 | license:isc ; src/strlcat.c src/strlcpy.c |
182 | license:gpl3+)))) ; src/spy/* | |
183 | ||
6036453f LC |
184 | (define-public ykclient |
185 | (package | |
186 | (name "ykclient") | |
f6b1a8f7 | 187 | (version "2.15") |
6036453f LC |
188 | (source (origin |
189 | (method url-fetch) | |
190 | (uri (string-append | |
191 | "https://developers.yubico.com/yubico-c-client/Releases/" | |
192 | name "-" version ".tar.gz")) | |
193 | (sha256 | |
194 | (base32 | |
f6b1a8f7 | 195 | "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl")))) |
6036453f LC |
196 | (build-system gnu-build-system) |
197 | ||
198 | ;; There's just one test, and it requires network access to access | |
199 | ;; yubico.com, so skip it. | |
200 | (arguments '(#:tests? #f)) | |
201 | ||
202 | (native-inputs `(("pkg-config" ,pkg-config) | |
203 | ("help2man" ,help2man))) | |
204 | (inputs `(("curl" ,curl))) | |
205 | (synopsis "C library to validate one-time-password YubiKeys") | |
206 | (description | |
207 | "YubiKey C Client Library (libykclient) is a C library used to validate a | |
208 | one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico | |
209 | website for more information about Yubico and the YubiKey.") | |
210 | (home-page "https://developers.yubico.com/yubico-c-client/") | |
07b1fb86 | 211 | (license license:bsd-2))) |
a6706f30 CM |
212 | |
213 | (define-public opensc | |
214 | (package | |
215 | (name "opensc") | |
216 | (version "0.17.0") | |
217 | (source (origin | |
218 | (method url-fetch) | |
219 | (uri (string-append | |
220 | "https://github.com/OpenSC/OpenSC/releases/download/" | |
221 | version "/opensc-" version ".tar.gz")) | |
222 | (sha256 | |
223 | (base32 | |
224 | "0043jh5g7q2lyd5vnb0akwb5y349isx7vbm9wqhlgav7d20wcwxy")))) | |
225 | (build-system gnu-build-system) | |
226 | (arguments | |
227 | `(#:phases | |
228 | (modify-phases %standard-phases | |
229 | ;; By setting an absolute path here, we arrange for OpenSC to | |
230 | ;; successfully dlopen libpcsclite.so.1 by default. The user can | |
231 | ;; still override this if they want to, by specifying a custom OpenSC | |
232 | ;; configuration file at runtime. | |
233 | (add-after 'unpack 'set-default-libpcsclite.so.1-path | |
234 | (lambda* (#:key inputs #:allow-other-keys) | |
235 | (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite") | |
236 | "/lib/libpcsclite.so.1"))) | |
237 | (substitute* "configure" | |
238 | (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"") | |
239 | (string-append | |
240 | "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\""))) | |
241 | #t)))))) | |
242 | (inputs | |
243 | `(("readline" ,readline) | |
244 | ("openssl" ,openssl) | |
245 | ("pcsc-lite" ,pcsc-lite) | |
246 | ("ccid" ,ccid))) | |
247 | (native-inputs | |
248 | `(("libxslt" ,libxslt) | |
249 | ("docbook-xsl" ,docbook-xsl) | |
250 | ("pkg-config" ,pkg-config))) | |
251 | (home-page "https://github.com/OpenSC/OpenSC/wiki") | |
252 | (synopsis "Tools and libraries related to smart cards") | |
253 | (description | |
254 | "OpenSC is a set of software tools and libraries to work with smart | |
255 | cards, with the focus on smart cards with cryptographic capabilities. OpenSC | |
256 | facilitate the use of smart cards in security applications such as | |
257 | authentication, encryption and digital signatures. OpenSC implements the PKCS | |
258 | #15 standard and the PKCS #11 API.") | |
259 | (license license:lgpl2.1+))) | |
ba8d8820 CM |
260 | |
261 | (define-public yubico-piv-tool | |
262 | (package | |
263 | (name "yubico-piv-tool") | |
264 | (version "1.5.0") | |
265 | (source (origin | |
266 | (method url-fetch) | |
267 | (uri (string-append | |
268 | "https://developers.yubico.com/yubico-piv-tool/Releases/" | |
269 | name "-" version ".tar.gz")) | |
270 | (sha256 | |
271 | (base32 | |
272 | "1axa0lnky5gsc8yack6mpfbjh49z0czr1cv52gbgjnx2kcbpb0y1")))) | |
273 | (build-system gnu-build-system) | |
274 | (inputs | |
275 | `(("perl" ,perl) | |
276 | ("pcsc-lite" ,pcsc-lite) | |
277 | ("openssl" ,openssl))) | |
278 | (native-inputs | |
279 | `(("doxygen" ,doxygen) | |
280 | ("graphviz" ,graphviz) | |
281 | ("check" ,check) | |
282 | ("texlive-bin" ,texlive-bin) | |
283 | ("pkg-config" ,pkg-config))) | |
284 | (home-page "https://developers.yubico.com/yubico-piv-tool/") | |
285 | (synopsis "Interact with the PIV application on a YubiKey") | |
286 | (description | |
287 | "The Yubico PIV tool is used for interacting with the Privilege and | |
288 | Identification Card (PIV) application on a YubiKey. With it you may generate | |
289 | keys on the device, import keys and certificates, create certificate requests, | |
290 | and other operations. It includes a library and a command-line tool.") | |
291 | ;; The file ykcs11/pkcs11.h also declares an additional, very short free | |
292 | ;; license for that one file. Please see it for details. The vast | |
293 | ;; majority of files are licensed under bsd-2. | |
294 | (license license:bsd-2))) |