Commit | Line | Data |
---|---|---|
de63b20e SS |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com> | |
6f5c67d7 | 3 | ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
7e9b07bd | 4 | ;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de> |
3d4f9d5c | 5 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
c285a400 JT |
6 | ;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se> |
7 | ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr> | |
6d32dd8c | 8 | ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org> |
61201e46 | 9 | ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> |
f339f277 | 10 | ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> |
60628f54 | 11 | ;;; Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org> |
d504de26 | 12 | ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
a1714ff5 | 13 | ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org> |
eb28a777 | 14 | ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org> |
7f7fadb5 | 15 | ;;; Copyright © 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
763269f9 | 16 | ;;; Copyright © 2017 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> |
dcf12172 | 17 | ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> |
c06bf6a3 | 18 | ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com> |
649eb8b5 | 19 | ;;; Copyright © 2018 Konrad Hinsen <konrad.hinsen@fastmail.net> |
d4e0ebd0 | 20 | ;;; Copyright © 2018 Thomas Sigurdsen <tonton@riseup.net> |
20b51b17 | 21 | ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net> |
de63b20e SS |
22 | ;;; |
23 | ;;; This file is part of GNU Guix. | |
24 | ;;; | |
25 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
26 | ;;; under the terms of the GNU General Public License as published by | |
27 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
28 | ;;; your option) any later version. | |
29 | ;;; | |
30 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
31 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
32 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
33 | ;;; GNU General Public License for more details. | |
34 | ;;; | |
35 | ;;; You should have received a copy of the GNU General Public License | |
36 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
37 | ||
38 | (define-module (gnu packages password-utils) | |
39 | #:use-module ((guix licenses) #:prefix license:) | |
e8647227 | 40 | #:use-module (guix build-system cmake) |
de63b20e SS |
41 | #:use-module (guix build-system gnu) |
42 | #:use-module (guix download) | |
e8647227 | 43 | #:use-module (guix packages) |
53dcbbec | 44 | #:use-module (gnu packages) |
c285a400 | 45 | #:use-module (gnu packages admin) |
81635fb6 | 46 | #:use-module (gnu packages aidc) |
c285a400 | 47 | #:use-module (gnu packages base) |
ac257f12 | 48 | #:use-module (gnu packages check) |
e8647227 | 49 | #:use-module (gnu packages compression) |
da1b30bd EF |
50 | #:use-module (gnu packages crypto) |
51 | #:use-module (gnu packages curl) | |
a1714ff5 | 52 | #:use-module (gnu packages freedesktop) |
f339f277 | 53 | #:use-module (gnu packages glib) |
e8647227 | 54 | #:use-module (gnu packages gnupg) |
eb28a777 | 55 | #:use-module (gnu packages gnuzilla) |
0050876b | 56 | #:use-module (gnu packages gtk) |
dd24e906 | 57 | #:use-module (gnu packages guile) |
eb28a777 | 58 | #:use-module (gnu packages kerberos) |
0751fddd | 59 | #:use-module (gnu packages libffi) |
c285a400 | 60 | #:use-module (gnu packages linux) |
3d4f9d5c | 61 | #:use-module (gnu packages man) |
eb28a777 | 62 | #:use-module (gnu packages multiprecision) |
7e9b07bd AP |
63 | #:use-module (gnu packages ncurses) |
64 | #:use-module (gnu packages pkg-config) | |
3d4f9d5c | 65 | #:use-module (gnu packages python) |
20b51b17 | 66 | #:use-module (gnu packages python-web) |
177475cf | 67 | #:use-module (gnu packages suckless) |
7e9b07bd | 68 | #:use-module (gnu packages tls) |
e8647227 | 69 | #:use-module (gnu packages qt) |
c285a400 | 70 | #:use-module (gnu packages version-control) |
dd24e906 | 71 | #:use-module (gnu packages xdisorg) |
3d4f9d5c | 72 | #:use-module (gnu packages xorg) |
d4e0ebd0 | 73 | #:use-module (gnu packages xml) |
3d4f9d5c | 74 | #:use-module (guix build-system python)) |
de63b20e SS |
75 | |
76 | (define-public pwgen | |
77 | (package | |
78 | (name "pwgen") | |
5a2c4b3b | 79 | (version "2.08") |
de63b20e SS |
80 | (source |
81 | (origin | |
82 | (method url-fetch) | |
de67e922 LF |
83 | (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version |
84 | "/pwgen-" version ".tar.gz")) | |
de63b20e | 85 | (sha256 |
5a2c4b3b | 86 | (base32 "0yy90pqrr2pszzhb5hxjishq9qc7dqd290amiibqx9fm1b9kvc6s")))) |
de63b20e SS |
87 | (build-system gnu-build-system) |
88 | (arguments | |
89 | `(#:tests? #f)) ; no test suite | |
90 | (home-page "http://pwgen.sourceforge.net/") | |
91 | (synopsis "Password generator") | |
92 | (description "Pwgen generates passwords which can be easily memorized by a | |
93 | human.") | |
94 | (license license:gpl2))) | |
e8647227 | 95 | |
99672f7b EF |
96 | (define-public keepassxc |
97 | (package | |
98 | (name "keepassxc") | |
d412dbe4 | 99 | (version "2.3.3") |
99672f7b EF |
100 | (source |
101 | (origin | |
102 | (method url-fetch) | |
103 | (uri (string-append "https://github.com/keepassxreboot/" name | |
104 | "/releases/download/" version "/keepassxc-" | |
105 | version "-src.tar.xz")) | |
106 | (sha256 | |
107 | (base32 | |
d412dbe4 | 108 | "1m8alsp39vk21zgcvy5zswk0dc1xmajbwnccg7n0lndsi7pqbzyg")))) |
99672f7b | 109 | (build-system cmake-build-system) |
da1b30bd EF |
110 | (arguments |
111 | '(#:configure-flags '("-DWITH_XC_NETWORKING=YES" | |
112 | "-DWITH_XC_BROWSER=YES" | |
6f5c67d7 EF |
113 | "-DWITH_XC_SSHAGENT=YES") |
114 | #:phases | |
115 | (modify-phases %standard-phases | |
116 | ;; should be fixed in 2.3.3+, see: | |
117 | ;; https://github.com/keepassxreboot/keepassxc/pull/1964 | |
118 | (add-after 'unpack 'patch-sources | |
119 | (lambda _ | |
120 | (substitute* "src/gui/entry/EditEntryWidget.cpp" | |
121 | (("#include <QColorDialog>") "#include <QColorDialog> | |
122 | #include <QButtonGroup>")) | |
123 | #t))))) | |
99672f7b | 124 | (inputs |
3374dcc7 | 125 | `(("argon2" ,argon2) |
da1b30bd | 126 | ("curl" ,curl) ; XC_NETWORKING |
3374dcc7 | 127 | ("libgcrypt" ,libgcrypt) |
da1b30bd | 128 | ("libsodium" ,libsodium) ; XC_BROWSER |
99672f7b EF |
129 | ("libxi" ,libxi) |
130 | ("libxtst" ,libxtst) | |
131 | ("qtbase" ,qtbase) | |
132 | ("qtx11extras" ,qtx11extras) | |
133 | ("zlib" ,zlib))) | |
134 | (native-inputs | |
135 | `(("qttools" ,qttools))) | |
136 | (home-page "https://www.keepassxc.org") | |
137 | (synopsis "Password manager") | |
138 | (description "KeePassXC is a password manager or safe which helps you to | |
139 | manage your passwords in a secure way. You can put all your passwords in one | |
140 | database, which is locked with one master key or a key-file which can be stored | |
141 | on an external storage device. The databases are encrypted using the | |
142 | algorithms AES or Twofish.") | |
143 | ;; Non functional parts use various licences. | |
144 | (license license:gpl3))) | |
145 | ||
e8647227 EF |
146 | (define-public keepassx |
147 | (package | |
148 | (name "keepassx") | |
a00fbe8a | 149 | (version "2.0.3") |
e8647227 EF |
150 | (source |
151 | (origin | |
152 | (method url-fetch) | |
e5be0e01 EF |
153 | (uri (string-append "https://www.keepassx.org/releases/" version |
154 | "/keepassx-" version ".tar.gz")) | |
e8647227 | 155 | (sha256 |
2c5e4976 | 156 | (base32 |
a00fbe8a | 157 | "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3")))) |
e8647227 EF |
158 | (build-system cmake-build-system) |
159 | (inputs | |
160 | `(("libgcrypt" ,libgcrypt) | |
a00fbe8a | 161 | ("libxi" ,libxi) |
e8647227 EF |
162 | ("libxtst" ,libxtst) |
163 | ("qt" ,qt-4))) | |
164 | (native-inputs | |
165 | `(("zlib" ,zlib))) | |
166 | (home-page "https://www.keepassx.org") | |
167 | (synopsis "Password manager") | |
168 | (description "KeePassX is a password manager or safe which helps you to | |
169 | manage your passwords in a secure way. You can put all your passwords in one | |
170 | database, which is locked with one master key or a key-file which can be stored | |
171 | on an external storage device. The databases are encrypted using the | |
172 | algorithms AES or Twofish.") | |
173 | ;; Non functional parts use various licences. | |
b7ac10e6 EF |
174 | (license license:gpl3) |
175 | (properties `((superseded . ,keepassxc))))) | |
dd24e906 DT |
176 | |
177 | (define-public shroud | |
178 | (package | |
179 | (name "shroud") | |
b4aa6d3d | 180 | (version "0.1.1") |
dd24e906 DT |
181 | (source (origin |
182 | (method url-fetch) | |
a652eb93 | 183 | (uri (string-append "https://files.dthompson.us/shroud/shroud-" |
dd24e906 DT |
184 | version ".tar.gz")) |
185 | (sha256 | |
186 | (base32 | |
b4aa6d3d | 187 | "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr")))) |
dd24e906 | 188 | (build-system gnu-build-system) |
df0e8a23 SB |
189 | (arguments |
190 | '(#:phases | |
191 | (modify-phases %standard-phases | |
192 | (add-after 'install 'wrap-shroud | |
193 | (lambda* (#:key outputs #:allow-other-keys) | |
194 | (let* ((out (assoc-ref outputs "out")) | |
195 | (ccachedir (string-append out "/lib/guile/2.0/ccache")) | |
196 | (prog (string-append out "/bin/shroud"))) | |
197 | (wrap-program prog | |
198 | `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir))) | |
199 | #t)))))) | |
dd24e906 DT |
200 | (inputs |
201 | `(("guile" ,guile-2.0) | |
202 | ("gnupg" ,gnupg) | |
203 | ("xclip" ,xclip))) | |
204 | (synopsis "GnuPG-based secret manager") | |
205 | (description "Shroud is a simple secret manager with a command line | |
206 | interface. The password database is stored as a Scheme s-expression and | |
207 | encrypted with a GnuPG key. Secrets consist of an arbitrary number of | |
208 | key/value pairs, making Shroud suitable for more than just password storage. | |
209 | For copying and pasting secrets into web browsers and other graphical | |
210 | applications, there is xclip integration." ) | |
59d915ac | 211 | (home-page "https://dthompson.us/projects/shroud.html") |
dd24e906 | 212 | (license license:gpl3+))) |
7e9b07bd AP |
213 | |
214 | (define-public yapet | |
215 | (package | |
216 | (name "yapet") | |
3d63422c | 217 | (version "1.1") |
7e9b07bd AP |
218 | (source (origin |
219 | (method url-fetch) | |
220 | (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-" | |
221 | version | |
222 | ".tar.bz2")) | |
223 | (sha256 | |
224 | (base32 | |
3d63422c | 225 | "1lq46mpxdsbl6qw4cj58hp9q7jckmyvbsi08p5zr77rjgqadxyyy")))) |
7e9b07bd AP |
226 | (build-system gnu-build-system) |
227 | (inputs | |
228 | `(("ncurses" ,ncurses) | |
229 | ("openssl" ,openssl))) | |
230 | (native-inputs | |
231 | `(("pkg-config" ,pkg-config))) | |
232 | (synopsis "Yet Another Password Encryption Tool") | |
233 | (description "YAPET is a text based password manager using the Blowfish | |
234 | encryption algorithm. Because of its small footprint and very few library | |
235 | dependencies, it is suited for installing on desktop and server systems alike. | |
236 | The text based user interface allows you to run YAPET easily in a Secure Shell | |
237 | session. Two companion utilities enable users to convert CSV files to YAPET | |
238 | and vice versa.") | |
239 | (home-page "http://www.guengel.ch/myapps/yapet/") | |
240 | (license license:gpl3+))) | |
72029c8b SB |
241 | |
242 | (define-public cracklib | |
243 | (package | |
244 | (name "cracklib") | |
245 | (version "2.9.6") | |
246 | (source (origin | |
247 | (method url-fetch) | |
248 | (uri (string-append "https://github.com/cracklib/cracklib/" | |
249 | "releases/download/" name "-" version "/" | |
250 | name "-" version ".tar.gz")) | |
b0a56764 LF |
251 | (patches (search-patches "cracklib-CVE-2016-6318.patch" |
252 | "cracklib-fix-buffer-overflow.patch")) | |
72029c8b SB |
253 | (sha256 |
254 | (base32 | |
255 | "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp")))) | |
256 | (build-system gnu-build-system) | |
257 | (synopsis "Password checking library") | |
258 | (home-page "https://github.com/cracklib/cracklib") | |
259 | (description | |
260 | "CrackLib is a library containing a C function which may be used in a | |
b1a686bb TGR |
261 | @command{passwd}-like program. The idea is simple: try to prevent users from |
262 | choosing passwords that could easily be guessed (or \"cracked\") by filtering | |
263 | them out, at the source.") | |
72029c8b | 264 | (license license:lgpl2.1))) |
c2fb2076 SB |
265 | |
266 | (define-public libpwquality | |
267 | (package | |
268 | (name "libpwquality") | |
4a577fef | 269 | (version "1.4.0") |
c2fb2076 SB |
270 | (source (origin |
271 | (method url-fetch) | |
272 | (uri (list | |
c18594dd EJ |
273 | (string-append "https://github.com/" name "/" name |
274 | "/releases/download/" name "-" version | |
275 | "/" name "-" version ".tar.bz2") | |
c2fb2076 SB |
276 | (string-append "https://launchpad.net/libpwquality/trunk/" |
277 | version "/+download/" | |
278 | name "-" version ".tar.bz2"))) | |
279 | (sha256 | |
280 | (base32 | |
4a577fef | 281 | "0syyz8r54l8mqmbb0mw19qz4z2cx8gdgidicb8k2s5zjdh2gzrhx")))) |
c2fb2076 SB |
282 | (build-system gnu-build-system) |
283 | (arguments | |
284 | ;; XXX: have RUNPATH issue. | |
285 | '(#:configure-flags '("--disable-python-bindings"))) | |
286 | (inputs | |
287 | `(("cracklib" ,cracklib))) | |
288 | (synopsis "Password quality checker") | |
c18594dd | 289 | (home-page "https://github.com/libpwquality/libpwquality") |
c2fb2076 SB |
290 | (description |
291 | "Libpwquality is a library for password quality checking and generation of | |
292 | random passwords that pass the checks.") | |
293 | (license license:gpl2+))) | |
3d4f9d5c CAW |
294 | |
295 | (define-public assword | |
296 | (package | |
297 | (name "assword") | |
d504de26 | 298 | (version "0.11") |
3d4f9d5c CAW |
299 | (source (origin |
300 | (method url-fetch) | |
301 | (uri (list | |
302 | (string-append | |
303 | "http://http.debian.net/debian/pool/main/a/assword/" | |
304 | "assword_" version ".orig.tar.gz"))) | |
305 | (sha256 | |
306 | (base32 | |
d504de26 | 307 | "03gkb6kvsghznbcw5l7nmrc6mn3ixkjd5jcs96ni4zs9l47jf7yp")))) |
3d4f9d5c | 308 | (arguments |
f339f277 | 309 | `(;; irritatingly, tests do run but not there are two problems: |
3d4f9d5c CAW |
310 | ;; - "import gtk" fails for unknown reasons here despite it the |
311 | ;; program working (indeed, I've found I have to do a logout and log | |
312 | ;; back in in after an install order for some mumbo jumbo environment | |
313 | ;; variable mess to work with pygtk and assword... what's up with | |
314 | ;; that?) | |
315 | ;; - even when the tests fail, they don't return a nonzero status, | |
316 | ;; so I'm not sure how to programmatically get that information | |
317 | #:tests? #f | |
318 | #:phases | |
319 | (modify-phases %standard-phases | |
0050876b SB |
320 | (add-after 'install 'wrap-assword |
321 | (lambda* (#:key outputs #:allow-other-keys) | |
322 | (let ((prog (string-append | |
323 | (assoc-ref outputs "out") | |
324 | "/bin/assword")) | |
325 | (gi-typelib-path (getenv "GI_TYPELIB_PATH"))) | |
326 | (wrap-program prog | |
327 | `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path))) | |
328 | #t))) | |
3d4f9d5c CAW |
329 | (add-after 'install 'manpage |
330 | (lambda* (#:key outputs #:allow-other-keys) | |
331 | (and | |
f339f277 LF |
332 | ;; Without this substitution, it fails with |
333 | ;; ImportError: No module named 'gpg' | |
334 | (substitute* "Makefile" | |
335 | (("PYTHONPATH=.") "")) | |
3d4f9d5c CAW |
336 | (zero? (system* "make" "assword.1")) |
337 | (install-file | |
338 | "assword.1" | |
339 | (string-append (assoc-ref outputs "out") "/share/man/man1")))))))) | |
340 | (build-system python-build-system) | |
341 | (native-inputs | |
f339f277 | 342 | `(("txt2man" ,txt2man))) |
3d4f9d5c | 343 | (inputs |
0050876b SB |
344 | `(("gtk+" ,gtk+) |
345 | ("python-xdo" ,python-xdo) | |
f339f277 LF |
346 | ("python-gpg" ,python-gpg) |
347 | ("python-pygobject" ,python-pygobject))) | |
3d4f9d5c CAW |
348 | (propagated-inputs |
349 | `(("xclip" ,xclip))) | |
350 | (home-page "https://finestructure.net/assword/") | |
351 | (synopsis "Password manager") | |
352 | (description "assword is a simple password manager using GPG-wrapped | |
353 | JSON files. It has a command line interface as well as a very simple | |
354 | graphical interface, which can even \"type\" your passwords into | |
355 | any X11 window.") | |
356 | (license license:gpl3+))) | |
c285a400 JT |
357 | |
358 | (define-public password-store | |
359 | (package | |
360 | (name "password-store") | |
3e9aa5cf | 361 | (version "1.7.3") |
c285a400 JT |
362 | (source (origin |
363 | (method url-fetch) | |
364 | (uri | |
365 | (string-append "https://git.zx2c4.com/password-store/snapshot/" | |
366 | name "-" version ".tar.xz")) | |
367 | (sha256 | |
368 | (base32 | |
3e9aa5cf | 369 | "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b")))) |
c285a400 JT |
370 | (build-system gnu-build-system) |
371 | (arguments | |
372 | '(#:phases | |
373 | (modify-phases %standard-phases | |
374 | (delete 'configure) | |
619f98fa | 375 | (delete 'build) |
177475cf JL |
376 | (add-before 'install 'patch-passmenu-path |
377 | (lambda* (#:key inputs #:allow-other-keys) | |
378 | (substitute* "contrib/dmenu/passmenu" | |
379 | (("dmenu") (string-append (assoc-ref inputs "dmenu") | |
380 | "/bin/dmenu")) | |
381 | (("xdotool") (string-append (assoc-ref inputs "xdotool") | |
382 | "/bin/xdotool"))) | |
383 | #t)) | |
384 | (add-after 'install 'install-passmenu | |
385 | (lambda* (#:key outputs #:allow-other-keys) | |
386 | (let ((out (assoc-ref outputs "out"))) | |
387 | (copy-file "contrib/dmenu/passmenu" | |
388 | (string-append out "/bin/passmenu")) | |
389 | #t))) | |
61201e46 AG |
390 | (add-after 'install 'wrap-path |
391 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
392 | (let ((out (assoc-ref outputs "out")) | |
393 | (path (map (lambda (pkg) | |
394 | (string-append (assoc-ref inputs pkg) "/bin")) | |
81635fb6 | 395 | '("coreutils" "getopt" "git" "gnupg" "qrencode" |
61201e46 AG |
396 | "sed" "tree" "which" "xclip")))) |
397 | (wrap-program (string-append out "/bin/pass") | |
718c1278 MB |
398 | `("PATH" ":" prefix (,(string-join path ":")))) |
399 | #t))) | |
400 | (add-after 'wrap-path 'install-shell-completions | |
401 | (lambda* (#:key outputs #:allow-other-keys) | |
402 | (let* ((out (assoc-ref outputs "out")) | |
403 | (bashcomp (string-append out "/etc/bash_completion.d"))) | |
404 | ;; TODO: install fish and zsh completions. | |
405 | (mkdir-p bashcomp) | |
406 | (copy-file "src/completion/pass.bash-completion" | |
407 | (string-append bashcomp "/pass")) | |
408 | #t)))) | |
c285a400 | 409 | #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output)) |
a77f0360 CB |
410 | ;; Parallel tests may cause a race condition leading to a |
411 | ;; timeout in some circumstances. | |
412 | #:parallel-tests? #f | |
c285a400 | 413 | #:test-target "test")) |
61201e46 | 414 | (inputs |
177475cf JL |
415 | `(("dmenu" ,dmenu) |
416 | ("getopt" ,util-linux) | |
61201e46 AG |
417 | ("git" ,git) |
418 | ("gnupg" ,gnupg) | |
81635fb6 | 419 | ("qrencode" ,qrencode) |
61201e46 AG |
420 | ("sed" ,sed) |
421 | ("tree" ,tree) | |
422 | ("which" ,which) | |
177475cf JL |
423 | ("xclip" ,xclip) |
424 | ("xdotool" ,xdotool))) | |
62ab60aa | 425 | (home-page "https://www.passwordstore.org/") |
c285a400 JT |
426 | (synopsis "Encrypted password manager") |
427 | (description "Password-store is a password manager which uses GnuPG to | |
428 | store and retrieve passwords. The tool stores each password in its own | |
429 | GnuPG-encrypted file, allowing the program to be simple yet secure. | |
430 | Synchronization is possible using the integrated git support, which commits | |
431 | changes to your password database to a git repository that can be managed | |
432 | through the pass command.") | |
433 | (license license:gpl2+))) | |
6d32dd8c LG |
434 | |
435 | (define-public argon2 | |
436 | (package | |
437 | (name "argon2") | |
c06bf6a3 | 438 | (version "20171227") |
6d32dd8c LG |
439 | (source |
440 | (origin | |
441 | (method url-fetch) | |
442 | (uri | |
1feeb2e0 TGR |
443 | (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/" |
444 | version ".tar.gz")) | |
6d32dd8c LG |
445 | (file-name (string-append name "-" version ".tar.gz")) |
446 | (sha256 | |
447 | (base32 | |
c06bf6a3 | 448 | "1n6w5y3va7lrcym7cxr0nikapldqm80wxjdns584bvplq5r03spa")))) |
6d32dd8c LG |
449 | (build-system gnu-build-system) |
450 | (arguments | |
451 | `(#:test-target "test" | |
c06bf6a3 MB |
452 | #:make-flags '("CC=gcc" |
453 | "OPTTEST=1") ;disable CPU optimization | |
6d32dd8c LG |
454 | #:phases |
455 | (modify-phases %standard-phases | |
c06bf6a3 MB |
456 | (add-after 'unpack 'patch-Makefile |
457 | (lambda* (#:key outputs #:allow-other-keys) | |
458 | (let ((out (assoc-ref outputs "out"))) | |
459 | (substitute* "Makefile" | |
460 | (("PREFIX = /usr") (string-append "PREFIX = " out))) | |
461 | #t))) | |
462 | (delete 'configure)))) | |
6d32dd8c LG |
463 | (home-page "https://www.argon2.com/") |
464 | (synopsis "Password hashing library") | |
465 | (description "Argon2 provides a key derivation function that was declared | |
466 | winner of the 2015 Password Hashing Competition.") | |
c06bf6a3 MB |
467 | ;; Argon2 is dual licensed under CC0 and ASL 2.0. Some of the source |
468 | ;; files are CC0 only; see README.md and LICENSE for details. | |
469 | (license (list license:cc0 license:asl2.0)))) | |
153e58c5 | 470 | |
a1714ff5 JL |
471 | (define-public pass-git-helper |
472 | (package | |
473 | (name "pass-git-helper") | |
474 | (version "0.3.1") | |
475 | (source | |
476 | (origin | |
477 | (method url-fetch) | |
478 | (uri (string-append "https://github.com/languitar/pass-git-helper/archive/release-" | |
479 | version ".tar.gz")) | |
480 | (sha256 | |
481 | (base32 | |
482 | "0lz5ncy44pz7z1j2nnyildx8sq33zi3xvg5nkwg25n11nasqh2xn")))) | |
483 | (build-system python-build-system) | |
484 | (arguments | |
485 | `(#:phases | |
486 | (modify-phases %standard-phases | |
487 | (add-before 'build 'patch-pass-path | |
488 | (lambda* (#:key inputs #:allow-other-keys) | |
489 | (let* ((password-store (assoc-ref inputs "password-store")) | |
490 | (pass (string-append password-store "/bin/pass"))) | |
491 | (substitute* "pass-git-helper" | |
492 | (("'pass'") (string-append "'" pass "'"))) | |
493 | #t)))))) | |
494 | (inputs | |
495 | `(("python-pyxdg" ,python-pyxdg) | |
496 | ("password-store" ,password-store))) | |
497 | (home-page "https://github.com/languitar/pass-git-helper") | |
498 | (synopsis "Git credential helper interfacing with pass") | |
499 | (description "pass-git-helper is a git credential helper which allows to | |
500 | use pass, the standard unix password manager, as the credential backend for | |
501 | your git repositories. This is achieved by explicitly defining mappings | |
502 | between hosts and entries in the password store.") | |
503 | (license license:lgpl3+))) | |
eb28a777 EB |
504 | |
505 | (define-public john-the-ripper-jumbo | |
506 | (let ((official-version "1.8.0") | |
507 | (jumbo-version "1")) | |
508 | (package | |
509 | (name "john-the-ripper-jumbo") | |
510 | (version (string-append official-version "-" jumbo-version)) | |
511 | (source | |
512 | (origin | |
513 | (method url-fetch) | |
514 | (uri (string-append "http://www.openwall.com/john/j/john-" | |
515 | official-version "-jumbo-" jumbo-version ".tar.xz")) | |
516 | (sha256 | |
517 | (base32 | |
518 | "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds")) | |
519 | (patches | |
520 | (list (origin | |
521 | (method url-fetch) | |
522 | (uri (string-append "https://github.com/magnumripper/" | |
523 | "JohnTheRipper/commit/" | |
524 | "e2e868db3e153b3f959e119a51703d4afb99c624.patch")) | |
525 | (file-name "john-the-ripper-jumbo-gcc5-inline.patch") | |
526 | (sha256 | |
527 | (base32 | |
528 | "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra"))) | |
529 | (origin | |
530 | (method url-fetch) | |
531 | (uri (string-append "https://github.com/magnumripper/" | |
532 | "JohnTheRipper/commit/" | |
533 | "480e95b0e449863be3e1a5b0bc634a67df28b618.patch")) | |
534 | (file-name "john-the-ripper-jumbo-non-x86.patch") | |
535 | (sha256 | |
536 | (base32 | |
537 | "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx"))))))) | |
538 | (build-system gnu-build-system) | |
539 | (inputs | |
540 | `(("gmp" ,gmp) | |
541 | ("krb5" ,mit-krb5) | |
542 | ("libpcap" ,libpcap) | |
543 | ("nss" ,nss) | |
544 | ("openssl" ,openssl) | |
545 | ("zlib" ,zlib))) | |
546 | (arguments | |
547 | `(#:configure-flags | |
548 | (list (string-append | |
549 | "CFLAGS=-O2 -g " | |
550 | "-DJOHN_SYSTEMWIDE=1 " | |
551 | "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' " | |
552 | "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'") | |
553 | ;; For now, do not test for instruction set in configure, and | |
554 | ;; do not pass '-march=native' to gcc: | |
555 | "--disable-native-tests" | |
556 | "--disable-native-macro") | |
557 | #:tests? #f ;tests try to create '.john' in the build user's $HOME | |
558 | #:phases | |
559 | (modify-phases %standard-phases | |
560 | (add-before 'configure 'chdir-src | |
561 | (lambda _ (chdir "src"))) | |
562 | (replace 'install | |
563 | (lambda _ | |
564 | (let ((bindir (string-append %output "/bin")) | |
565 | (docdir (string-append %output "/share/doc/john")) | |
566 | (execdir (string-append %output "/libexec/john")) | |
567 | (homedir (string-append %output "/share/john")) | |
568 | (install-file-to (lambda (dir) | |
569 | (lambda (f) (install-file f dir)))) | |
570 | (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink)))) | |
571 | (with-directory-excursion "../run" | |
572 | (for-each (install-file-to execdir) | |
573 | (cons* "mailer" "benchmark-unify" | |
574 | (find-files "." ".*\\.(py|rb|pl)"))) | |
575 | (for-each (install-file-to homedir) | |
576 | (append (find-files "." "(stats|dictionary.*)") | |
577 | (find-files "." "(.*\\.chr|.*\\.lst)") | |
578 | (find-files "." ".*\\.conf"))) | |
579 | (for-each (install-file-to bindir) | |
580 | '("tgtsnarf" "genmkvpwd" "mkvcalcproba" | |
581 | "raw2dyna" "luks2john" "vncpcap2john" | |
582 | "uaf2john" "calc_stat" "wpapcap2john" | |
583 | "cprepair" "relbench" "SIPdump" "john")) | |
584 | (for-each (lambda (f) ;install symlinked aliases | |
585 | (symlink "john" | |
586 | (string-append bindir "/" (basename f)))) | |
587 | (find-files "." symlink?))) | |
588 | (copy-recursively "../doc" docdir) | |
589 | #t)))))) | |
590 | (home-page "http://www.openwall.com/john/") | |
591 | (synopsis "Password cracker") | |
592 | (description "John the Ripper is a fast password cracker. Its primary | |
593 | purpose is to detect weak Unix passwords. Besides several @code{crypt} | |
594 | password hash types most commonly found on various Unix systems, supported out | |
595 | of the box are Windows LM hashes, plus lots of other hashes and ciphers. This | |
596 | is the community-enhanced, \"jumbo\" version of John the Ripper.") | |
597 | (license license:gpl2+)))) | |
649eb8b5 KH |
598 | |
599 | (define-public sala | |
600 | (package | |
601 | (name "sala") | |
602 | (version "1.3") | |
603 | (source | |
604 | (origin | |
605 | (method url-fetch) | |
606 | (uri (pypi-uri "sala" version)) | |
607 | (sha256 | |
608 | (base32 | |
609 | "13qgmc3i2a0cqp8jqrfl93lnphfagb32pgfikc1gza2a14asxzi8")))) | |
610 | (build-system python-build-system) | |
611 | (arguments | |
612 | ;; Sala is supposed to work with Python 3.2 or higher, | |
613 | ;; but it doesn't work with Python 3.6. Better stick | |
614 | ;; to Python 2, which works fine. | |
615 | `(#:python ,python-2)) | |
616 | (propagated-inputs | |
617 | `(("gnupg" ,gnupg) | |
618 | ("pwgen" ,pwgen))) | |
619 | (home-page "http://www.digip.org/sala/") | |
620 | (synopsis "Encrypted plaintext password store") | |
621 | (description | |
622 | "Store passwords and other bits of sensitive plain-text information | |
623 | to encrypted files on a directory hierarchy. The information is protected | |
624 | by GnuPG's symmetrical encryption.") | |
625 | (license license:expat))) | |
d4e0ebd0 T |
626 | |
627 | (define-public fpm2 | |
628 | (package | |
629 | (name "fpm2") | |
630 | (version "0.79") | |
631 | (source (origin | |
632 | (method url-fetch) | |
633 | (uri (string-append "https://als.regnet.cz/fpm2/download/fpm2-" | |
634 | version ".tar.bz2")) | |
635 | (sha256 | |
636 | (base32 | |
637 | "19sdy1lygfhkg5nxi2w9a4d9kwvw24nxp0ix0p0lz91qpvk9qpnm")))) | |
638 | (build-system gnu-build-system) | |
639 | (inputs `(("gtk2" ,gtk+-2) | |
640 | ("gnupg" ,gnupg) | |
641 | ("libxml2" ,libxml2))) | |
642 | (native-inputs `(("pkg-config" ,pkg-config) | |
643 | ("intltool" ,intltool))) | |
644 | (arguments | |
645 | `(#:phases | |
646 | (modify-phases %standard-phases | |
647 | (add-before 'configure 'pre-configure | |
648 | ;; The file po/POTFILES.in ends up missing for some reason in | |
649 | ;; both nix and guix builds. Adding the file with contents | |
650 | ;; found during troubleshooting. | |
651 | (lambda _ | |
652 | (call-with-output-file "po/POTFILES.in" | |
653 | (lambda (port) | |
654 | (format port "data/fpm2.desktop.in | |
655 | data/fpm2.desktop.in.in | |
656 | fpm2.glade | |
657 | src/callbacks.c | |
658 | src/fpm.c | |
659 | src/fpm_file.c | |
660 | src/interface.c | |
661 | src/support.c | |
662 | fpm2.glade | |
663 | "))) | |
664 | #t))))) | |
665 | (synopsis "Manage, generate and store passwords encrypted") | |
666 | (description "FPM2 is GTK2 port from Figaro's Password Manager | |
667 | originally developed by John Conneely, with some new enhancements. | |
668 | ||
669 | Upstream development seems to have stopped. It is therefore recommended | |
670 | to use a different password manager.") | |
671 | (home-page "https://als.regnet.cz/fpm2/") | |
672 | (license license:gpl2+))) | |
20b51b17 AI |
673 | |
674 | (define-public pass-rotate | |
675 | (package | |
676 | (name "pass-rotate") | |
677 | (version "0.1") | |
678 | (source | |
679 | (origin | |
680 | (method url-fetch) | |
681 | (uri (string-append "https://github.com/SirCmpwn/pass-rotate/archive/" | |
682 | version ".tar.gz")) | |
683 | (sha256 | |
684 | (base32 | |
685 | "1svm5nj8bczv2dg8lh2zqqhbsrljqsw9680r03qwgl9vlci90210")) | |
686 | (file-name (string-append name "-" version ".tar.gz")))) | |
687 | (build-system python-build-system) | |
688 | (inputs | |
689 | `(("python-beautifulsoup4" ,python-beautifulsoup4) | |
690 | ("python-docopt" ,python-docopt) | |
691 | ("python-html5lib" ,python-html5lib) | |
692 | ("python-requests" ,python-requests))) | |
693 | (home-page "https://github.com/SirCmpwn/pass-rotate") | |
694 | (synopsis "Rotate password on online services") | |
695 | (description "pass-rotate is a command line utility and python library for | |
696 | rotating passwords on various web services. It makes it easier to rotate your | |
697 | passwords, one at a time or in bulk, when security events or routine upkeep of | |
698 | your online accounts makes it necessary.") | |
699 | (license license:expat))) |