HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: fzy: Update to 1.0.
[jackhill/guix/guix.git] / gnu / packages / password-utils.scm
CommitLineData
de63b20e
SS		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com>
6f5c67d7 3;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
7e9b07bd 4;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de>
3d4f9d5c 5;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
c285a400
JT		 6;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se>
7;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
6d32dd8c 8;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
61201e46 9;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
f339f277 10;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
60628f54 11;;; Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org>
d504de26 12;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
a1714ff5 13;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org>
eb28a777 14;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org>
7f7fadb5 15;;; Copyright © 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr>
763269f9 16;;; Copyright © 2017 Manolis Fragkiskos Ragkousis <manolis837@gmail.com>
dcf12172 17;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com>
c06bf6a3 18;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
649eb8b5 19;;; Copyright © 2018 Konrad Hinsen <konrad.hinsen@fastmail.net>
d4e0ebd0 20;;; Copyright © 2018 Thomas Sigurdsen <tonton@riseup.net>
20b51b17 21;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
4715f92e 22;;; Copyright © 2018 Pierre Neidhardt <mail@ambrevar.xyz>
037d1851 23;;; Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
de63b20e
SS		 24;;;
25;;; This file is part of GNU Guix.
26;;;
27;;; GNU Guix is free software; you can redistribute it and/or modify it
28;;; under the terms of the GNU General Public License as published by
29;;; the Free Software Foundation; either version 3 of the License, or (at
30;;; your option) any later version.
31;;;
32;;; GNU Guix is distributed in the hope that it will be useful, but
33;;; WITHOUT ANY WARRANTY; without even the implied warranty of
34;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
35;;; GNU General Public License for more details.
36;;;
37;;; You should have received a copy of the GNU General Public License
38;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
39
40(define-module (gnu packages password-utils)
41 #:use-module ((guix licenses) #:prefix license:)
e8647227 42 #:use-module (guix build-system cmake)
de63b20e
SS		 43 #:use-module (guix build-system gnu)
44 #:use-module (guix download)
e8647227 45 #:use-module (guix packages)
53dcbbec 46 #:use-module (gnu packages)
c285a400 47 #:use-module (gnu packages admin)
81635fb6 48 #:use-module (gnu packages aidc)
c285a400 49 #:use-module (gnu packages base)
ac257f12 50 #:use-module (gnu packages check)
e8647227 51 #:use-module (gnu packages compression)
da1b30bd
EF		 52 #:use-module (gnu packages crypto)
53 #:use-module (gnu packages curl)
a1714ff5 54 #:use-module (gnu packages freedesktop)
f339f277 55 #:use-module (gnu packages glib)
e8647227 56 #:use-module (gnu packages gnupg)
eb28a777 57 #:use-module (gnu packages gnuzilla)
0050876b 58 #:use-module (gnu packages gtk)
dd24e906 59 #:use-module (gnu packages guile)
eb28a777 60 #:use-module (gnu packages kerberos)
0751fddd 61 #:use-module (gnu packages libffi)
c285a400 62 #:use-module (gnu packages linux)
3d4f9d5c 63 #:use-module (gnu packages man)
eb28a777 64 #:use-module (gnu packages multiprecision)
7e9b07bd 65 #:use-module (gnu packages ncurses)
c10aa278 66 #:use-module (gnu packages opencl)
eb4ffe9b 67 #:use-module (gnu packages perl)
7e9b07bd 68 #:use-module (gnu packages pkg-config)
3d4f9d5c 69 #:use-module (gnu packages python)
20b51b17 70 #:use-module (gnu packages python-web)
177475cf 71 #:use-module (gnu packages suckless)
7e9b07bd 72 #:use-module (gnu packages tls)
e8647227 73 #:use-module (gnu packages qt)
c285a400 74 #:use-module (gnu packages version-control)
dd24e906 75 #:use-module (gnu packages xdisorg)
3d4f9d5c 76 #:use-module (gnu packages xorg)
d4e0ebd0 77 #:use-module (gnu packages xml)
3d4f9d5c 78 #:use-module (guix build-system python))
de63b20e
SS		 79
80(define-public pwgen
81 (package
82 (name "pwgen")
5a2c4b3b 83 (version "2.08")
de63b20e
SS		 84 (source
85 (origin
86 (method url-fetch)
de67e922
LF		 87 (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version
88 "/pwgen-" version ".tar.gz"))
de63b20e 89 (sha256
5a2c4b3b 90 (base32 "0yy90pqrr2pszzhb5hxjishq9qc7dqd290amiibqx9fm1b9kvc6s"))))
de63b20e
SS		 91 (build-system gnu-build-system)
92 (arguments
93 `(#:tests? #f)) ; no test suite
94 (home-page "http://pwgen.sourceforge.net/")
95 (synopsis "Password generator")
96 (description "Pwgen generates passwords which can be easily memorized by a
97human.")
98 (license license:gpl2)))
e8647227 99
99672f7b
EF		 100(define-public keepassxc
101 (package
102 (name "keepassxc")
0e5d66ab 103 (version "2.3.4")
99672f7b
EF		 104 (source
105 (origin
106 (method url-fetch)
107 (uri (string-append "https://github.com/keepassxreboot/" name
108 "/releases/download/" version "/keepassxc-"
109 version "-src.tar.xz"))
110 (sha256
111 (base32
0e5d66ab 112 "02kq0a7a7hpw824n03apma00yq1c6dds224g15mrnnqqjn4af90c"))))
99672f7b 113 (build-system cmake-build-system)
da1b30bd
EF		 114 (arguments
115 '(#:configure-flags '("-DWITH_XC_NETWORKING=YES"
116 "-DWITH_XC_BROWSER=YES"
0e5d66ab 117 "-DWITH_XC_SSHAGENT=YES")))
99672f7b 118 (inputs
3374dcc7 119 `(("argon2" ,argon2)
0e5d66ab 120 ("curl" ,curl) ; XC_NETWORKING
3374dcc7 121 ("libgcrypt" ,libgcrypt)
0e5d66ab 122 ("libsodium" ,libsodium) ; XC_BROWSER
99672f7b
EF		 123 ("libxi" ,libxi)
124 ("libxtst" ,libxtst)
125 ("qtbase" ,qtbase)
126 ("qtx11extras" ,qtx11extras)
127 ("zlib" ,zlib)))
128 (native-inputs
129 `(("qttools" ,qttools)))
130 (home-page "https://www.keepassxc.org")
131 (synopsis "Password manager")
132 (description "KeePassXC is a password manager or safe which helps you to
133manage your passwords in a secure way. You can put all your passwords in one
134database, which is locked with one master key or a key-file which can be stored
135on an external storage device. The databases are encrypted using the
136algorithms AES or Twofish.")
0e5d66ab 137 ;; Non-functional parts use various licences.
99672f7b
EF		 138 (license license:gpl3)))
139
e8647227
EF		 140(define-public keepassx
141 (package
142 (name "keepassx")
a00fbe8a 143 (version "2.0.3")
e8647227
EF		 144 (source
145 (origin
146 (method url-fetch)
e5be0e01
EF		 147 (uri (string-append "https://www.keepassx.org/releases/" version
148 "/keepassx-" version ".tar.gz"))
e8647227 149 (sha256
2c5e4976 150 (base32
a00fbe8a 151 "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3"))))
e8647227
EF		 152 (build-system cmake-build-system)
153 (inputs
154 `(("libgcrypt" ,libgcrypt)
a00fbe8a 155 ("libxi" ,libxi)
e8647227
EF		 156 ("libxtst" ,libxtst)
157 ("qt" ,qt-4)))
158 (native-inputs
159 `(("zlib" ,zlib)))
160 (home-page "https://www.keepassx.org")
161 (synopsis "Password manager")
162 (description "KeePassX is a password manager or safe which helps you to
163manage your passwords in a secure way. You can put all your passwords in one
164database, which is locked with one master key or a key-file which can be stored
165on an external storage device. The databases are encrypted using the
166algorithms AES or Twofish.")
167 ;; Non functional parts use various licences.
b7ac10e6
EF		 168 (license license:gpl3)
169 (properties `((superseded . ,keepassxc)))))
dd24e906
DT		 170
171(define-public shroud
172 (package
173 (name "shroud")
b4aa6d3d 174 (version "0.1.1")
dd24e906
DT		 175 (source (origin
176 (method url-fetch)
a652eb93 177 (uri (string-append "https://files.dthompson.us/shroud/shroud-"
dd24e906
DT		 178 version ".tar.gz"))
179 (sha256
180 (base32
b4aa6d3d 181 "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr"))))
dd24e906 182 (build-system gnu-build-system)
df0e8a23
SB		 183 (arguments
184 '(#:phases
185 (modify-phases %standard-phases
186 (add-after 'install 'wrap-shroud
187 (lambda* (#:key outputs #:allow-other-keys)
188 (let* ((out (assoc-ref outputs "out"))
189 (ccachedir (string-append out "/lib/guile/2.0/ccache"))
190 (prog (string-append out "/bin/shroud")))
191 (wrap-program prog
192 `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir)))
193 #t))))))
dd24e906
DT		 194 (inputs
195 `(("guile" ,guile-2.0)
196 ("gnupg" ,gnupg)
197 ("xclip" ,xclip)))
198 (synopsis "GnuPG-based secret manager")
199 (description "Shroud is a simple secret manager with a command line
200interface. The password database is stored as a Scheme s-expression and
201encrypted with a GnuPG key. Secrets consist of an arbitrary number of
202key/value pairs, making Shroud suitable for more than just password storage.
203For copying and pasting secrets into web browsers and other graphical
204applications, there is xclip integration." )
59d915ac 205 (home-page "https://dthompson.us/projects/shroud.html")
dd24e906 206 (license license:gpl3+)))
7e9b07bd
AP		 207
208(define-public yapet
209 (package
210 (name "yapet")
3d63422c 211 (version "1.1")
7e9b07bd
AP		 212 (source (origin
213 (method url-fetch)
214 (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-"
215 version
216 ".tar.bz2"))
217 (sha256
218 (base32
3d63422c 219 "1lq46mpxdsbl6qw4cj58hp9q7jckmyvbsi08p5zr77rjgqadxyyy"))))
7e9b07bd
AP		 220 (build-system gnu-build-system)
221 (inputs
222 `(("ncurses" ,ncurses)
223 ("openssl" ,openssl)))
224 (native-inputs
225 `(("pkg-config" ,pkg-config)))
226 (synopsis "Yet Another Password Encryption Tool")
227 (description "YAPET is a text based password manager using the Blowfish
228encryption algorithm. Because of its small footprint and very few library
229dependencies, it is suited for installing on desktop and server systems alike.
230The text based user interface allows you to run YAPET easily in a Secure Shell
231session. Two companion utilities enable users to convert CSV files to YAPET
232and vice versa.")
233 (home-page "http://www.guengel.ch/myapps/yapet/")
234 (license license:gpl3+)))
72029c8b
SB		 235
236(define-public cracklib
237 (package
238 (name "cracklib")
239 (version "2.9.6")
240 (source (origin
241 (method url-fetch)
242 (uri (string-append "https://github.com/cracklib/cracklib/"
243 "releases/download/" name "-" version "/"
244 name "-" version ".tar.gz"))
b0a56764
LF		 245 (patches (search-patches "cracklib-CVE-2016-6318.patch"
246 "cracklib-fix-buffer-overflow.patch"))
72029c8b
SB		 247 (sha256
248 (base32
249 "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp"))))
250 (build-system gnu-build-system)
251 (synopsis "Password checking library")
252 (home-page "https://github.com/cracklib/cracklib")
253 (description
254 "CrackLib is a library containing a C function which may be used in a
b1a686bb
TGR		 255@command{passwd}-like program. The idea is simple: try to prevent users from
256choosing passwords that could easily be guessed (or \"cracked\") by filtering
257them out, at the source.")
72029c8b 258 (license license:lgpl2.1)))
c2fb2076
SB		 259
260(define-public libpwquality
261 (package
262 (name "libpwquality")
4a577fef 263 (version "1.4.0")
c2fb2076
SB		 264 (source (origin
265 (method url-fetch)
266 (uri (list
c18594dd
EJ		 267 (string-append "https://github.com/" name "/" name
268 "/releases/download/" name "-" version
269 "/" name "-" version ".tar.bz2")
c2fb2076
SB		 270 (string-append "https://launchpad.net/libpwquality/trunk/"
271 version "/+download/"
272 name "-" version ".tar.bz2")))
273 (sha256
274 (base32
4a577fef 275 "0syyz8r54l8mqmbb0mw19qz4z2cx8gdgidicb8k2s5zjdh2gzrhx"))))
c2fb2076
SB		 276 (build-system gnu-build-system)
277 (arguments
278 ;; XXX: have RUNPATH issue.
279 '(#:configure-flags '("--disable-python-bindings")))
280 (inputs
281 `(("cracklib" ,cracklib)))
282 (synopsis "Password quality checker")
c18594dd 283 (home-page "https://github.com/libpwquality/libpwquality")
c2fb2076
SB		 284 (description
285 "Libpwquality is a library for password quality checking and generation of
286random passwords that pass the checks.")
287 (license license:gpl2+)))
3d4f9d5c
CAW		 288
289(define-public assword
290 (package
291 (name "assword")
d504de26 292 (version "0.11")
3d4f9d5c
CAW		 293 (source (origin
294 (method url-fetch)
295 (uri (list
296 (string-append
297 "http://http.debian.net/debian/pool/main/a/assword/"
298 "assword_" version ".orig.tar.gz")))
299 (sha256
300 (base32
d504de26 301 "03gkb6kvsghznbcw5l7nmrc6mn3ixkjd5jcs96ni4zs9l47jf7yp"))))
3d4f9d5c 302 (arguments
f339f277 303 `(;; irritatingly, tests do run but not there are two problems:
3d4f9d5c
CAW		 304 ;; - "import gtk" fails for unknown reasons here despite it the
305 ;; program working (indeed, I've found I have to do a logout and log
306 ;; back in in after an install order for some mumbo jumbo environment
307 ;; variable mess to work with pygtk and assword... what's up with
308 ;; that?)
309 ;; - even when the tests fail, they don't return a nonzero status,
310 ;; so I'm not sure how to programmatically get that information
311 #:tests? #f
312 #:phases
313 (modify-phases %standard-phases
0050876b
SB		 314 (add-after 'install 'wrap-assword
315 (lambda* (#:key outputs #:allow-other-keys)
316 (let ((prog (string-append
317 (assoc-ref outputs "out")
318 "/bin/assword"))
319 (gi-typelib-path (getenv "GI_TYPELIB_PATH")))
320 (wrap-program prog
321 `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path)))
322 #t)))
3d4f9d5c
CAW		 323 (add-after 'install 'manpage
324 (lambda* (#:key outputs #:allow-other-keys)
325 (and
f339f277
LF		 326 ;; Without this substitution, it fails with
327 ;; ImportError: No module named 'gpg'
328 (substitute* "Makefile"
329 (("PYTHONPATH=.") ""))
3d4f9d5c
CAW		 330 (zero? (system* "make" "assword.1"))
331 (install-file
332 "assword.1"
333 (string-append (assoc-ref outputs "out") "/share/man/man1"))))))))
334 (build-system python-build-system)
335 (native-inputs
f339f277 336 `(("txt2man" ,txt2man)))
3d4f9d5c 337 (inputs
0050876b
SB		 338 `(("gtk+" ,gtk+)
339 ("python-xdo" ,python-xdo)
f339f277
LF		 340 ("python-gpg" ,python-gpg)
341 ("python-pygobject" ,python-pygobject)))
3d4f9d5c
CAW		 342 (propagated-inputs
343 `(("xclip" ,xclip)))
344 (home-page "https://finestructure.net/assword/")
345 (synopsis "Password manager")
346 (description "assword is a simple password manager using GPG-wrapped
347JSON files. It has a command line interface as well as a very simple
348graphical interface, which can even \"type\" your passwords into
349any X11 window.")
350 (license license:gpl3+)))
c285a400
JT		 351
352(define-public password-store
353 (package
354 (name "password-store")
3e9aa5cf 355 (version "1.7.3")
c285a400
JT		 356 (source (origin
357 (method url-fetch)
358 (uri
359 (string-append "https://git.zx2c4.com/password-store/snapshot/"
360 name "-" version ".tar.xz"))
361 (sha256
362 (base32
3e9aa5cf 363 "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b"))))
c285a400
JT		 364 (build-system gnu-build-system)
365 (arguments
366 '(#:phases
367 (modify-phases %standard-phases
368 (delete 'configure)
619f98fa 369 (delete 'build)
177475cf
JL		 370 (add-before 'install 'patch-passmenu-path
371 (lambda* (#:key inputs #:allow-other-keys)
372 (substitute* "contrib/dmenu/passmenu"
373 (("dmenu") (string-append (assoc-ref inputs "dmenu")
374 "/bin/dmenu"))
375 (("xdotool") (string-append (assoc-ref inputs "xdotool")
376 "/bin/xdotool")))
377 #t))
378 (add-after 'install 'install-passmenu
379 (lambda* (#:key outputs #:allow-other-keys)
e9ce6425
TGR		 380 (let* ((out (assoc-ref outputs "out"))
381 (bin (string-append out "/bin")))
382 (install-file "contrib/dmenu/passmenu" bin)
177475cf 383 #t)))
61201e46
AG		 384 (add-after 'install 'wrap-path
385 (lambda* (#:key inputs outputs #:allow-other-keys)
386 (let ((out (assoc-ref outputs "out"))
387 (path (map (lambda (pkg)
388 (string-append (assoc-ref inputs pkg) "/bin"))
81635fb6 389 '("coreutils" "getopt" "git" "gnupg" "qrencode"
61201e46
AG		 390 "sed" "tree" "which" "xclip"))))
391 (wrap-program (string-append out "/bin/pass")
718c1278
MB		 392 `("PATH" ":" prefix (,(string-join path ":"))))
393 #t)))
394 (add-after 'wrap-path 'install-shell-completions
395 (lambda* (#:key outputs #:allow-other-keys)
396 (let* ((out (assoc-ref outputs "out"))
397 (bashcomp (string-append out "/etc/bash_completion.d")))
398 ;; TODO: install fish and zsh completions.
399 (mkdir-p bashcomp)
400 (copy-file "src/completion/pass.bash-completion"
401 (string-append bashcomp "/pass"))
402 #t))))
c285a400 403 #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output))
a77f0360
CB		 404 ;; Parallel tests may cause a race condition leading to a
405 ;; timeout in some circumstances.
406 #:parallel-tests? #f
c285a400 407 #:test-target "test"))
61201e46 408 (inputs
177475cf
JL		 409 `(("dmenu" ,dmenu)
410 ("getopt" ,util-linux)
61201e46
AG		 411 ("git" ,git)
412 ("gnupg" ,gnupg)
81635fb6 413 ("qrencode" ,qrencode)
61201e46
AG		 414 ("sed" ,sed)
415 ("tree" ,tree)
416 ("which" ,which)
177475cf
JL		 417 ("xclip" ,xclip)
418 ("xdotool" ,xdotool)))
62ab60aa 419 (home-page "https://www.passwordstore.org/")
c285a400
JT		 420 (synopsis "Encrypted password manager")
421 (description "Password-store is a password manager which uses GnuPG to
422store and retrieve passwords. The tool stores each password in its own
423GnuPG-encrypted file, allowing the program to be simple yet secure.
424Synchronization is possible using the integrated git support, which commits
425changes to your password database to a git repository that can be managed
426through the pass command.")
427 (license license:gpl2+)))
6d32dd8c
LG		 428
429(define-public argon2
430 (package
431 (name "argon2")
c06bf6a3 432 (version "20171227")
6d32dd8c
LG		 433 (source
434 (origin
435 (method url-fetch)
436 (uri
1feeb2e0
TGR		 437 (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/"
438 version ".tar.gz"))
6d32dd8c
LG		 439 (file-name (string-append name "-" version ".tar.gz"))
440 (sha256
441 (base32
c06bf6a3 442 "1n6w5y3va7lrcym7cxr0nikapldqm80wxjdns584bvplq5r03spa"))))
6d32dd8c
LG		 443 (build-system gnu-build-system)
444 (arguments
445 `(#:test-target "test"
c06bf6a3
MB		 446 #:make-flags '("CC=gcc"
447 "OPTTEST=1") ;disable CPU optimization
6d32dd8c
LG		 448 #:phases
449 (modify-phases %standard-phases
c06bf6a3
MB		 450 (add-after 'unpack 'patch-Makefile
451 (lambda* (#:key outputs #:allow-other-keys)
452 (let ((out (assoc-ref outputs "out")))
453 (substitute* "Makefile"
454 (("PREFIX = /usr") (string-append "PREFIX = " out)))
037d1851
AB		 455 (substitute* "libargon2.pc"
456 (("prefix=/usr") (string-append "prefix=" out))
457 (("@HOST_MULTIARCH@") "")
458 (("@UPSTREAM_VER@") ,version))
c06bf6a3 459 #t)))
037d1851
AB		 460 (delete 'configure)
461 (add-after 'install 'install-argon2.pc
462 (lambda* (#:key outputs #:allow-other-keys)
463 (let ((out (assoc-ref outputs "out")))
464 (install-file "libargon2.pc"
465 (string-append out "/lib/pkgconfig"))
466 #t))))))
6d32dd8c
LG		 467 (home-page "https://www.argon2.com/")
468 (synopsis "Password hashing library")
469 (description "Argon2 provides a key derivation function that was declared
470winner of the 2015 Password Hashing Competition.")
c06bf6a3
MB		 471 ;; Argon2 is dual licensed under CC0 and ASL 2.0. Some of the source
472 ;; files are CC0 only; see README.md and LICENSE for details.
473 (license (list license:cc0 license:asl2.0))))
153e58c5 474
a1714ff5
JL		 475(define-public pass-git-helper
476 (package
477 (name "pass-git-helper")
478 (version "0.3.1")
479 (source
480 (origin
481 (method url-fetch)
482 (uri (string-append "https://github.com/languitar/pass-git-helper/archive/release-"
483 version ".tar.gz"))
484 (sha256
485 (base32
486 "0lz5ncy44pz7z1j2nnyildx8sq33zi3xvg5nkwg25n11nasqh2xn"))))
487 (build-system python-build-system)
488 (arguments
489 `(#:phases
490 (modify-phases %standard-phases
491 (add-before 'build 'patch-pass-path
492 (lambda* (#:key inputs #:allow-other-keys)
493 (let* ((password-store (assoc-ref inputs "password-store"))
494 (pass (string-append password-store "/bin/pass")))
495 (substitute* "pass-git-helper"
496 (("'pass'") (string-append "'" pass "'")))
497 #t))))))
498 (inputs
499 `(("python-pyxdg" ,python-pyxdg)
500 ("password-store" ,password-store)))
501 (home-page "https://github.com/languitar/pass-git-helper")
502 (synopsis "Git credential helper interfacing with pass")
503 (description "pass-git-helper is a git credential helper which allows to
504use pass, the standard unix password manager, as the credential backend for
505your git repositories. This is achieved by explicitly defining mappings
506between hosts and entries in the password store.")
507 (license license:lgpl3+)))
eb28a777
EB		 508
509(define-public john-the-ripper-jumbo
510 (let ((official-version "1.8.0")
511 (jumbo-version "1"))
512 (package
513 (name "john-the-ripper-jumbo")
514 (version (string-append official-version "-" jumbo-version))
515 (source
516 (origin
517 (method url-fetch)
518 (uri (string-append "http://www.openwall.com/john/j/john-"
519 official-version "-jumbo-" jumbo-version ".tar.xz"))
520 (sha256
521 (base32
522 "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds"))
523 (patches
524 (list (origin
525 (method url-fetch)
526 (uri (string-append "https://github.com/magnumripper/"
527 "JohnTheRipper/commit/"
528 "e2e868db3e153b3f959e119a51703d4afb99c624.patch"))
529 (file-name "john-the-ripper-jumbo-gcc5-inline.patch")
530 (sha256
531 (base32
532 "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra")))
533 (origin
534 (method url-fetch)
535 (uri (string-append "https://github.com/magnumripper/"
536 "JohnTheRipper/commit/"
537 "480e95b0e449863be3e1a5b0bc634a67df28b618.patch"))
538 (file-name "john-the-ripper-jumbo-non-x86.patch")
539 (sha256
540 (base32
541 "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx")))))))
542 (build-system gnu-build-system)
543 (inputs
544 `(("gmp" ,gmp)
545 ("krb5" ,mit-krb5)
546 ("libpcap" ,libpcap)
547 ("nss" ,nss)
548 ("openssl" ,openssl)
549 ("zlib" ,zlib)))
550 (arguments
551 `(#:configure-flags
552 (list (string-append
553 "CFLAGS=-O2 -g "
554 "-DJOHN_SYSTEMWIDE=1 "
555 "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' "
556 "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'")
557 ;; For now, do not test for instruction set in configure, and
558 ;; do not pass '-march=native' to gcc:
559 "--disable-native-tests"
560 "--disable-native-macro")
561 #:tests? #f ;tests try to create '.john' in the build user's $HOME
562 #:phases
563 (modify-phases %standard-phases
564 (add-before 'configure 'chdir-src
565 (lambda _ (chdir "src")))
566 (replace 'install
567 (lambda _
568 (let ((bindir (string-append %output "/bin"))
569 (docdir (string-append %output "/share/doc/john"))
570 (execdir (string-append %output "/libexec/john"))
571 (homedir (string-append %output "/share/john"))
572 (install-file-to (lambda (dir)
573 (lambda (f) (install-file f dir))))
574 (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink))))
575 (with-directory-excursion "../run"
576 (for-each (install-file-to execdir)
577 (cons* "mailer" "benchmark-unify"
578 (find-files "." ".*\\.(py|rb|pl)")))
579 (for-each (install-file-to homedir)
580 (append (find-files "." "(stats|dictionary.*)")
581 (find-files "." "(.*\\.chr|.*\\.lst)")
582 (find-files "." ".*\\.conf")))
583 (for-each (install-file-to bindir)
584 '("tgtsnarf" "genmkvpwd" "mkvcalcproba"
585 "raw2dyna" "luks2john" "vncpcap2john"
586 "uaf2john" "calc_stat" "wpapcap2john"
587 "cprepair" "relbench" "SIPdump" "john"))
588 (for-each (lambda (f) ;install symlinked aliases
589 (symlink "john"
590 (string-append bindir "/" (basename f))))
591 (find-files "." symlink?)))
592 (copy-recursively "../doc" docdir)
593 #t))))))
594 (home-page "http://www.openwall.com/john/")
595 (synopsis "Password cracker")
596 (description "John the Ripper is a fast password cracker. Its primary
597purpose is to detect weak Unix passwords. Besides several @code{crypt}
598password hash types most commonly found on various Unix systems, supported out
599of the box are Windows LM hashes, plus lots of other hashes and ciphers. This
600is the community-enhanced, \"jumbo\" version of John the Ripper.")
601 (license license:gpl2+))))
649eb8b5
KH		 602
603(define-public sala
604 (package
605 (name "sala")
606 (version "1.3")
607 (source
608 (origin
609 (method url-fetch)
610 (uri (pypi-uri "sala" version))
611 (sha256
612 (base32
613 "13qgmc3i2a0cqp8jqrfl93lnphfagb32pgfikc1gza2a14asxzi8"))))
614 (build-system python-build-system)
615 (arguments
616 ;; Sala is supposed to work with Python 3.2 or higher,
617 ;; but it doesn't work with Python 3.6. Better stick
618 ;; to Python 2, which works fine.
619 `(#:python ,python-2))
620 (propagated-inputs
621 `(("gnupg" ,gnupg)
622 ("pwgen" ,pwgen)))
623 (home-page "http://www.digip.org/sala/")
624 (synopsis "Encrypted plaintext password store")
625 (description
626 "Store passwords and other bits of sensitive plain-text information
627to encrypted files on a directory hierarchy. The information is protected
628by GnuPG's symmetrical encryption.")
629 (license license:expat)))
d4e0ebd0
T		 630
631(define-public fpm2
632 (package
633 (name "fpm2")
634 (version "0.79")
635 (source (origin
636 (method url-fetch)
637 (uri (string-append "https://als.regnet.cz/fpm2/download/fpm2-"
638 version ".tar.bz2"))
639 (sha256
640 (base32
641 "19sdy1lygfhkg5nxi2w9a4d9kwvw24nxp0ix0p0lz91qpvk9qpnm"))))
642 (build-system gnu-build-system)
643 (inputs `(("gtk2" ,gtk+-2)
644 ("gnupg" ,gnupg)
645 ("libxml2" ,libxml2)))
646 (native-inputs `(("pkg-config" ,pkg-config)
647 ("intltool" ,intltool)))
648 (arguments
649 `(#:phases
650 (modify-phases %standard-phases
651 (add-before 'configure 'pre-configure
652 ;; The file po/POTFILES.in ends up missing for some reason in
653 ;; both nix and guix builds. Adding the file with contents
654 ;; found during troubleshooting.
655 (lambda _
656 (call-with-output-file "po/POTFILES.in"
657 (lambda (port)
658 (format port "data/fpm2.desktop.in
659data/fpm2.desktop.in.in
660fpm2.glade
661src/callbacks.c
662src/fpm.c
663src/fpm_file.c
664src/interface.c
665src/support.c
666fpm2.glade
667")))
668 #t)))))
669 (synopsis "Manage, generate and store passwords encrypted")
670 (description "FPM2 is GTK2 port from Figaro's Password Manager
671originally developed by John Conneely, with some new enhancements.
672
673Upstream development seems to have stopped. It is therefore recommended
674to use a different password manager.")
675 (home-page "https://als.regnet.cz/fpm2/")
676 (license license:gpl2+)))
20b51b17
AI		 677
678(define-public pass-rotate
679 (package
680 (name "pass-rotate")
681 (version "0.1")
682 (source
683 (origin
684 (method url-fetch)
685 (uri (string-append "https://github.com/SirCmpwn/pass-rotate/archive/"
686 version ".tar.gz"))
687 (sha256
688 (base32
689 "1svm5nj8bczv2dg8lh2zqqhbsrljqsw9680r03qwgl9vlci90210"))
690 (file-name (string-append name "-" version ".tar.gz"))))
691 (build-system python-build-system)
692 (inputs
693 `(("python-beautifulsoup4" ,python-beautifulsoup4)
694 ("python-docopt" ,python-docopt)
695 ("python-html5lib" ,python-html5lib)
696 ("python-requests" ,python-requests)))
697 (home-page "https://github.com/SirCmpwn/pass-rotate")
698 (synopsis "Rotate password on online services")
699 (description "pass-rotate is a command line utility and python library for
700rotating passwords on various web services. It makes it easier to rotate your
701passwords, one at a time or in bulk, when security events or routine upkeep of
702your online accounts makes it necessary.")
703 (license license:expat)))
c10aa278
PN		 704
705(define-public hashcat
706 (package
707 (name "hashcat")
708 (version "4.1.0")
709 (source
710 (origin
711 (method url-fetch)
712 (uri (string-append "https://hashcat.net/files/hashcat-"
713 version ".tar.gz"))
714 (sha256
715 (base32
716 "170i2y32ykgzb1qf1wz3klwn31c09bviz4x3bnrwia65adqrj8xx"))))
717 (native-inputs
718 `(("opencl-headers" ,opencl-headers)))
719 (build-system gnu-build-system)
720 (arguments
721 '(#:tests? #f ;no tests
722 #:make-flags (list (string-append "PREFIX=" %output))
723 #:phases
724 (modify-phases %standard-phases
725 (delete 'configure))))
726 (home-page "https://hashcat.net/hashcat/")
727 (synopsis "Advanced password recovery utility")
728 (description "Hashcat is an password recovery utility, supporting five
729unique modes of attack for over 200 highly-optimized hashing algorithms.
730Hashcat currently supports CPUs, GPUs, and other hardware accelerators on
731Linux, Windows, and macOS, and has facilities to help enable distributed
732password cracking.")
733 (license license:expat)))
eb4ffe9b
PN		 734
735(define-public hashcat-utils
736 (package
737 (name "hashcat-utils")
738 (version "1.8")
739 (source
740 (origin
741 (method url-fetch)
742 (uri (string-append "https://github.com/hashcat/hashcat-utils/releases/download/v"
743 version "/hashcat-utils-1.8.7z"))
744 (sha256
745 (base32
746 "1x80rngjz7gkhwplhw1iqr0wzb6hjkrjfld2kz9kmgp5dr9nys1p"))))
747 (native-inputs
748 `(("p7zip" ,p7zip)))
749 (inputs
750 `(("perl" ,perl)))
751 (build-system gnu-build-system)
752 (arguments
753 `(#:tests? #f ;no tests
754 #:make-flags (list "CC=gcc"
755 ;; Upstream bug(?): "make all" seems to remove the
756 ;; Perl scripts from the source.
757 "native")
758 #:phases
759 (modify-phases %standard-phases
760 (replace 'unpack
761 (lambda* (#:key source #:allow-other-keys)
762 (invoke "7z" "x" source)
763 (chdir (string-append "hashcat-utils-" ,version "/src"))
764 #t))
765 (delete 'configure)
766 (replace 'install
767 (lambda* (#:key outputs #:allow-other-keys)
768 (let ((out (string-append (assoc-ref outputs "out") "/bin")))
769 (mkdir-p out)
770 (for-each (lambda (file)
771 (copy-file file (string-append out "/" (basename file ".bin"))))
772 (find-files "." "\\.bin$"))
773 (for-each (lambda (file)
774 (copy-file file (string-append out "/" (basename file ".pl"))))
775 (find-files "../bin" "\\.pl$"))
776 #t))))))
777 (home-page "https://github.com/hashcat/hashcat-utils/")
778 (synopsis "Small utilities that are useful in advanced password cracking")
779 (description "Hashcat-utils are a set of small utilities that are useful
780in advanced password cracking. They all are packed into multiple stand-alone
781binaries. All of these utils are designed to execute only one specific
782function. Since they all work with @code{STDIN} and @code{STDOUT} you can
783group them into chains.")
784 (license license:expat)))
jackhill's copy of GNU Guix: https://guix.gnu.org/