Commit | Line | Data |
---|---|---|
de63b20e SS |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com> | |
6f5c67d7 | 3 | ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
7e9b07bd | 4 | ;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de> |
3d4f9d5c | 5 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
c285a400 JT |
6 | ;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se> |
7 | ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr> | |
6d32dd8c | 8 | ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org> |
61201e46 | 9 | ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> |
f339f277 | 10 | ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> |
60628f54 | 11 | ;;; Copyright © 2017, 2018 Clément Lassieur <clement@lassieur.org> |
d504de26 | 12 | ;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
a1714ff5 | 13 | ;;; Copyright © 2017 Jelle Licht <jlicht@fsfe.org> |
eb28a777 | 14 | ;;; Copyright © 2017 Eric Bavier <bavier@member.fsf.org> |
7f7fadb5 | 15 | ;;; Copyright © 2017 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
763269f9 | 16 | ;;; Copyright © 2017 Manolis Fragkiskos Ragkousis <manolis837@gmail.com> |
dcf12172 | 17 | ;;; Copyright © 2017 Rutger Helling <rhelling@mykolab.com> |
c06bf6a3 | 18 | ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com> |
649eb8b5 | 19 | ;;; Copyright © 2018 Konrad Hinsen <konrad.hinsen@fastmail.net> |
d4e0ebd0 | 20 | ;;; Copyright © 2018 Thomas Sigurdsen <tonton@riseup.net> |
20b51b17 | 21 | ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net> |
4715f92e | 22 | ;;; Copyright © 2018 Pierre Neidhardt <mail@ambrevar.xyz> |
037d1851 | 23 | ;;; Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net> |
de63b20e SS |
24 | ;;; |
25 | ;;; This file is part of GNU Guix. | |
26 | ;;; | |
27 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
28 | ;;; under the terms of the GNU General Public License as published by | |
29 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
30 | ;;; your option) any later version. | |
31 | ;;; | |
32 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
33 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
34 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
35 | ;;; GNU General Public License for more details. | |
36 | ;;; | |
37 | ;;; You should have received a copy of the GNU General Public License | |
38 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
39 | ||
40 | (define-module (gnu packages password-utils) | |
41 | #:use-module ((guix licenses) #:prefix license:) | |
e8647227 | 42 | #:use-module (guix build-system cmake) |
de63b20e SS |
43 | #:use-module (guix build-system gnu) |
44 | #:use-module (guix download) | |
e8647227 | 45 | #:use-module (guix packages) |
53dcbbec | 46 | #:use-module (gnu packages) |
c285a400 | 47 | #:use-module (gnu packages admin) |
81635fb6 | 48 | #:use-module (gnu packages aidc) |
c285a400 | 49 | #:use-module (gnu packages base) |
ac257f12 | 50 | #:use-module (gnu packages check) |
e8647227 | 51 | #:use-module (gnu packages compression) |
da1b30bd EF |
52 | #:use-module (gnu packages crypto) |
53 | #:use-module (gnu packages curl) | |
a1714ff5 | 54 | #:use-module (gnu packages freedesktop) |
f339f277 | 55 | #:use-module (gnu packages glib) |
e8647227 | 56 | #:use-module (gnu packages gnupg) |
eb28a777 | 57 | #:use-module (gnu packages gnuzilla) |
0050876b | 58 | #:use-module (gnu packages gtk) |
dd24e906 | 59 | #:use-module (gnu packages guile) |
eb28a777 | 60 | #:use-module (gnu packages kerberos) |
0751fddd | 61 | #:use-module (gnu packages libffi) |
c285a400 | 62 | #:use-module (gnu packages linux) |
3d4f9d5c | 63 | #:use-module (gnu packages man) |
eb28a777 | 64 | #:use-module (gnu packages multiprecision) |
7e9b07bd | 65 | #:use-module (gnu packages ncurses) |
c10aa278 | 66 | #:use-module (gnu packages opencl) |
eb4ffe9b | 67 | #:use-module (gnu packages perl) |
7e9b07bd | 68 | #:use-module (gnu packages pkg-config) |
3d4f9d5c | 69 | #:use-module (gnu packages python) |
20b51b17 | 70 | #:use-module (gnu packages python-web) |
177475cf | 71 | #:use-module (gnu packages suckless) |
7e9b07bd | 72 | #:use-module (gnu packages tls) |
e8647227 | 73 | #:use-module (gnu packages qt) |
c285a400 | 74 | #:use-module (gnu packages version-control) |
dd24e906 | 75 | #:use-module (gnu packages xdisorg) |
3d4f9d5c | 76 | #:use-module (gnu packages xorg) |
d4e0ebd0 | 77 | #:use-module (gnu packages xml) |
3d4f9d5c | 78 | #:use-module (guix build-system python)) |
de63b20e SS |
79 | |
80 | (define-public pwgen | |
81 | (package | |
82 | (name "pwgen") | |
5a2c4b3b | 83 | (version "2.08") |
de63b20e SS |
84 | (source |
85 | (origin | |
86 | (method url-fetch) | |
de67e922 LF |
87 | (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version |
88 | "/pwgen-" version ".tar.gz")) | |
de63b20e | 89 | (sha256 |
5a2c4b3b | 90 | (base32 "0yy90pqrr2pszzhb5hxjishq9qc7dqd290amiibqx9fm1b9kvc6s")))) |
de63b20e SS |
91 | (build-system gnu-build-system) |
92 | (arguments | |
93 | `(#:tests? #f)) ; no test suite | |
94 | (home-page "http://pwgen.sourceforge.net/") | |
95 | (synopsis "Password generator") | |
96 | (description "Pwgen generates passwords which can be easily memorized by a | |
97 | human.") | |
98 | (license license:gpl2))) | |
e8647227 | 99 | |
99672f7b EF |
100 | (define-public keepassxc |
101 | (package | |
102 | (name "keepassxc") | |
0e5d66ab | 103 | (version "2.3.4") |
99672f7b EF |
104 | (source |
105 | (origin | |
106 | (method url-fetch) | |
107 | (uri (string-append "https://github.com/keepassxreboot/" name | |
108 | "/releases/download/" version "/keepassxc-" | |
109 | version "-src.tar.xz")) | |
110 | (sha256 | |
111 | (base32 | |
0e5d66ab | 112 | "02kq0a7a7hpw824n03apma00yq1c6dds224g15mrnnqqjn4af90c")))) |
99672f7b | 113 | (build-system cmake-build-system) |
da1b30bd EF |
114 | (arguments |
115 | '(#:configure-flags '("-DWITH_XC_NETWORKING=YES" | |
116 | "-DWITH_XC_BROWSER=YES" | |
0e5d66ab | 117 | "-DWITH_XC_SSHAGENT=YES"))) |
99672f7b | 118 | (inputs |
3374dcc7 | 119 | `(("argon2" ,argon2) |
0e5d66ab | 120 | ("curl" ,curl) ; XC_NETWORKING |
3374dcc7 | 121 | ("libgcrypt" ,libgcrypt) |
0e5d66ab | 122 | ("libsodium" ,libsodium) ; XC_BROWSER |
99672f7b EF |
123 | ("libxi" ,libxi) |
124 | ("libxtst" ,libxtst) | |
125 | ("qtbase" ,qtbase) | |
126 | ("qtx11extras" ,qtx11extras) | |
127 | ("zlib" ,zlib))) | |
128 | (native-inputs | |
129 | `(("qttools" ,qttools))) | |
130 | (home-page "https://www.keepassxc.org") | |
131 | (synopsis "Password manager") | |
132 | (description "KeePassXC is a password manager or safe which helps you to | |
133 | manage your passwords in a secure way. You can put all your passwords in one | |
134 | database, which is locked with one master key or a key-file which can be stored | |
135 | on an external storage device. The databases are encrypted using the | |
136 | algorithms AES or Twofish.") | |
0e5d66ab | 137 | ;; Non-functional parts use various licences. |
99672f7b EF |
138 | (license license:gpl3))) |
139 | ||
e8647227 EF |
140 | (define-public keepassx |
141 | (package | |
142 | (name "keepassx") | |
a00fbe8a | 143 | (version "2.0.3") |
e8647227 EF |
144 | (source |
145 | (origin | |
146 | (method url-fetch) | |
e5be0e01 EF |
147 | (uri (string-append "https://www.keepassx.org/releases/" version |
148 | "/keepassx-" version ".tar.gz")) | |
e8647227 | 149 | (sha256 |
2c5e4976 | 150 | (base32 |
a00fbe8a | 151 | "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3")))) |
e8647227 EF |
152 | (build-system cmake-build-system) |
153 | (inputs | |
154 | `(("libgcrypt" ,libgcrypt) | |
a00fbe8a | 155 | ("libxi" ,libxi) |
e8647227 EF |
156 | ("libxtst" ,libxtst) |
157 | ("qt" ,qt-4))) | |
158 | (native-inputs | |
159 | `(("zlib" ,zlib))) | |
160 | (home-page "https://www.keepassx.org") | |
161 | (synopsis "Password manager") | |
162 | (description "KeePassX is a password manager or safe which helps you to | |
163 | manage your passwords in a secure way. You can put all your passwords in one | |
164 | database, which is locked with one master key or a key-file which can be stored | |
165 | on an external storage device. The databases are encrypted using the | |
166 | algorithms AES or Twofish.") | |
167 | ;; Non functional parts use various licences. | |
b7ac10e6 EF |
168 | (license license:gpl3) |
169 | (properties `((superseded . ,keepassxc))))) | |
dd24e906 DT |
170 | |
171 | (define-public shroud | |
172 | (package | |
173 | (name "shroud") | |
b4aa6d3d | 174 | (version "0.1.1") |
dd24e906 DT |
175 | (source (origin |
176 | (method url-fetch) | |
a652eb93 | 177 | (uri (string-append "https://files.dthompson.us/shroud/shroud-" |
dd24e906 DT |
178 | version ".tar.gz")) |
179 | (sha256 | |
180 | (base32 | |
b4aa6d3d | 181 | "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr")))) |
dd24e906 | 182 | (build-system gnu-build-system) |
df0e8a23 SB |
183 | (arguments |
184 | '(#:phases | |
185 | (modify-phases %standard-phases | |
186 | (add-after 'install 'wrap-shroud | |
187 | (lambda* (#:key outputs #:allow-other-keys) | |
188 | (let* ((out (assoc-ref outputs "out")) | |
189 | (ccachedir (string-append out "/lib/guile/2.0/ccache")) | |
190 | (prog (string-append out "/bin/shroud"))) | |
191 | (wrap-program prog | |
192 | `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir))) | |
193 | #t)))))) | |
dd24e906 DT |
194 | (inputs |
195 | `(("guile" ,guile-2.0) | |
196 | ("gnupg" ,gnupg) | |
197 | ("xclip" ,xclip))) | |
198 | (synopsis "GnuPG-based secret manager") | |
199 | (description "Shroud is a simple secret manager with a command line | |
200 | interface. The password database is stored as a Scheme s-expression and | |
201 | encrypted with a GnuPG key. Secrets consist of an arbitrary number of | |
202 | key/value pairs, making Shroud suitable for more than just password storage. | |
203 | For copying and pasting secrets into web browsers and other graphical | |
204 | applications, there is xclip integration." ) | |
59d915ac | 205 | (home-page "https://dthompson.us/projects/shroud.html") |
dd24e906 | 206 | (license license:gpl3+))) |
7e9b07bd AP |
207 | |
208 | (define-public yapet | |
209 | (package | |
210 | (name "yapet") | |
3d63422c | 211 | (version "1.1") |
7e9b07bd AP |
212 | (source (origin |
213 | (method url-fetch) | |
214 | (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-" | |
215 | version | |
216 | ".tar.bz2")) | |
217 | (sha256 | |
218 | (base32 | |
3d63422c | 219 | "1lq46mpxdsbl6qw4cj58hp9q7jckmyvbsi08p5zr77rjgqadxyyy")))) |
7e9b07bd AP |
220 | (build-system gnu-build-system) |
221 | (inputs | |
222 | `(("ncurses" ,ncurses) | |
223 | ("openssl" ,openssl))) | |
224 | (native-inputs | |
225 | `(("pkg-config" ,pkg-config))) | |
226 | (synopsis "Yet Another Password Encryption Tool") | |
227 | (description "YAPET is a text based password manager using the Blowfish | |
228 | encryption algorithm. Because of its small footprint and very few library | |
229 | dependencies, it is suited for installing on desktop and server systems alike. | |
230 | The text based user interface allows you to run YAPET easily in a Secure Shell | |
231 | session. Two companion utilities enable users to convert CSV files to YAPET | |
232 | and vice versa.") | |
233 | (home-page "http://www.guengel.ch/myapps/yapet/") | |
234 | (license license:gpl3+))) | |
72029c8b SB |
235 | |
236 | (define-public cracklib | |
237 | (package | |
238 | (name "cracklib") | |
239 | (version "2.9.6") | |
240 | (source (origin | |
241 | (method url-fetch) | |
242 | (uri (string-append "https://github.com/cracklib/cracklib/" | |
243 | "releases/download/" name "-" version "/" | |
244 | name "-" version ".tar.gz")) | |
b0a56764 LF |
245 | (patches (search-patches "cracklib-CVE-2016-6318.patch" |
246 | "cracklib-fix-buffer-overflow.patch")) | |
72029c8b SB |
247 | (sha256 |
248 | (base32 | |
249 | "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp")))) | |
250 | (build-system gnu-build-system) | |
251 | (synopsis "Password checking library") | |
252 | (home-page "https://github.com/cracklib/cracklib") | |
253 | (description | |
254 | "CrackLib is a library containing a C function which may be used in a | |
b1a686bb TGR |
255 | @command{passwd}-like program. The idea is simple: try to prevent users from |
256 | choosing passwords that could easily be guessed (or \"cracked\") by filtering | |
257 | them out, at the source.") | |
72029c8b | 258 | (license license:lgpl2.1))) |
c2fb2076 SB |
259 | |
260 | (define-public libpwquality | |
261 | (package | |
262 | (name "libpwquality") | |
4a577fef | 263 | (version "1.4.0") |
c2fb2076 SB |
264 | (source (origin |
265 | (method url-fetch) | |
266 | (uri (list | |
c18594dd EJ |
267 | (string-append "https://github.com/" name "/" name |
268 | "/releases/download/" name "-" version | |
269 | "/" name "-" version ".tar.bz2") | |
c2fb2076 SB |
270 | (string-append "https://launchpad.net/libpwquality/trunk/" |
271 | version "/+download/" | |
272 | name "-" version ".tar.bz2"))) | |
273 | (sha256 | |
274 | (base32 | |
4a577fef | 275 | "0syyz8r54l8mqmbb0mw19qz4z2cx8gdgidicb8k2s5zjdh2gzrhx")))) |
c2fb2076 SB |
276 | (build-system gnu-build-system) |
277 | (arguments | |
278 | ;; XXX: have RUNPATH issue. | |
279 | '(#:configure-flags '("--disable-python-bindings"))) | |
280 | (inputs | |
281 | `(("cracklib" ,cracklib))) | |
282 | (synopsis "Password quality checker") | |
c18594dd | 283 | (home-page "https://github.com/libpwquality/libpwquality") |
c2fb2076 SB |
284 | (description |
285 | "Libpwquality is a library for password quality checking and generation of | |
286 | random passwords that pass the checks.") | |
287 | (license license:gpl2+))) | |
3d4f9d5c CAW |
288 | |
289 | (define-public assword | |
290 | (package | |
291 | (name "assword") | |
d504de26 | 292 | (version "0.11") |
3d4f9d5c CAW |
293 | (source (origin |
294 | (method url-fetch) | |
295 | (uri (list | |
296 | (string-append | |
297 | "http://http.debian.net/debian/pool/main/a/assword/" | |
298 | "assword_" version ".orig.tar.gz"))) | |
299 | (sha256 | |
300 | (base32 | |
d504de26 | 301 | "03gkb6kvsghznbcw5l7nmrc6mn3ixkjd5jcs96ni4zs9l47jf7yp")))) |
3d4f9d5c | 302 | (arguments |
f339f277 | 303 | `(;; irritatingly, tests do run but not there are two problems: |
3d4f9d5c CAW |
304 | ;; - "import gtk" fails for unknown reasons here despite it the |
305 | ;; program working (indeed, I've found I have to do a logout and log | |
306 | ;; back in in after an install order for some mumbo jumbo environment | |
307 | ;; variable mess to work with pygtk and assword... what's up with | |
308 | ;; that?) | |
309 | ;; - even when the tests fail, they don't return a nonzero status, | |
310 | ;; so I'm not sure how to programmatically get that information | |
311 | #:tests? #f | |
312 | #:phases | |
313 | (modify-phases %standard-phases | |
0050876b SB |
314 | (add-after 'install 'wrap-assword |
315 | (lambda* (#:key outputs #:allow-other-keys) | |
316 | (let ((prog (string-append | |
317 | (assoc-ref outputs "out") | |
318 | "/bin/assword")) | |
319 | (gi-typelib-path (getenv "GI_TYPELIB_PATH"))) | |
320 | (wrap-program prog | |
321 | `("GI_TYPELIB_PATH" ":" prefix (,gi-typelib-path))) | |
322 | #t))) | |
3d4f9d5c CAW |
323 | (add-after 'install 'manpage |
324 | (lambda* (#:key outputs #:allow-other-keys) | |
325 | (and | |
f339f277 LF |
326 | ;; Without this substitution, it fails with |
327 | ;; ImportError: No module named 'gpg' | |
328 | (substitute* "Makefile" | |
329 | (("PYTHONPATH=.") "")) | |
3d4f9d5c CAW |
330 | (zero? (system* "make" "assword.1")) |
331 | (install-file | |
332 | "assword.1" | |
333 | (string-append (assoc-ref outputs "out") "/share/man/man1")))))))) | |
334 | (build-system python-build-system) | |
335 | (native-inputs | |
f339f277 | 336 | `(("txt2man" ,txt2man))) |
3d4f9d5c | 337 | (inputs |
0050876b SB |
338 | `(("gtk+" ,gtk+) |
339 | ("python-xdo" ,python-xdo) | |
f339f277 LF |
340 | ("python-gpg" ,python-gpg) |
341 | ("python-pygobject" ,python-pygobject))) | |
3d4f9d5c CAW |
342 | (propagated-inputs |
343 | `(("xclip" ,xclip))) | |
344 | (home-page "https://finestructure.net/assword/") | |
345 | (synopsis "Password manager") | |
346 | (description "assword is a simple password manager using GPG-wrapped | |
347 | JSON files. It has a command line interface as well as a very simple | |
348 | graphical interface, which can even \"type\" your passwords into | |
349 | any X11 window.") | |
350 | (license license:gpl3+))) | |
c285a400 JT |
351 | |
352 | (define-public password-store | |
353 | (package | |
354 | (name "password-store") | |
3e9aa5cf | 355 | (version "1.7.3") |
c285a400 JT |
356 | (source (origin |
357 | (method url-fetch) | |
358 | (uri | |
359 | (string-append "https://git.zx2c4.com/password-store/snapshot/" | |
360 | name "-" version ".tar.xz")) | |
361 | (sha256 | |
362 | (base32 | |
3e9aa5cf | 363 | "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b")))) |
c285a400 JT |
364 | (build-system gnu-build-system) |
365 | (arguments | |
366 | '(#:phases | |
367 | (modify-phases %standard-phases | |
368 | (delete 'configure) | |
619f98fa | 369 | (delete 'build) |
177475cf JL |
370 | (add-before 'install 'patch-passmenu-path |
371 | (lambda* (#:key inputs #:allow-other-keys) | |
372 | (substitute* "contrib/dmenu/passmenu" | |
373 | (("dmenu") (string-append (assoc-ref inputs "dmenu") | |
374 | "/bin/dmenu")) | |
375 | (("xdotool") (string-append (assoc-ref inputs "xdotool") | |
376 | "/bin/xdotool"))) | |
377 | #t)) | |
378 | (add-after 'install 'install-passmenu | |
379 | (lambda* (#:key outputs #:allow-other-keys) | |
e9ce6425 TGR |
380 | (let* ((out (assoc-ref outputs "out")) |
381 | (bin (string-append out "/bin"))) | |
382 | (install-file "contrib/dmenu/passmenu" bin) | |
177475cf | 383 | #t))) |
61201e46 AG |
384 | (add-after 'install 'wrap-path |
385 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
386 | (let ((out (assoc-ref outputs "out")) | |
387 | (path (map (lambda (pkg) | |
388 | (string-append (assoc-ref inputs pkg) "/bin")) | |
81635fb6 | 389 | '("coreutils" "getopt" "git" "gnupg" "qrencode" |
61201e46 AG |
390 | "sed" "tree" "which" "xclip")))) |
391 | (wrap-program (string-append out "/bin/pass") | |
718c1278 MB |
392 | `("PATH" ":" prefix (,(string-join path ":")))) |
393 | #t))) | |
394 | (add-after 'wrap-path 'install-shell-completions | |
395 | (lambda* (#:key outputs #:allow-other-keys) | |
396 | (let* ((out (assoc-ref outputs "out")) | |
397 | (bashcomp (string-append out "/etc/bash_completion.d"))) | |
398 | ;; TODO: install fish and zsh completions. | |
399 | (mkdir-p bashcomp) | |
400 | (copy-file "src/completion/pass.bash-completion" | |
401 | (string-append bashcomp "/pass")) | |
402 | #t)))) | |
c285a400 | 403 | #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output)) |
a77f0360 CB |
404 | ;; Parallel tests may cause a race condition leading to a |
405 | ;; timeout in some circumstances. | |
406 | #:parallel-tests? #f | |
c285a400 | 407 | #:test-target "test")) |
61201e46 | 408 | (inputs |
177475cf JL |
409 | `(("dmenu" ,dmenu) |
410 | ("getopt" ,util-linux) | |
61201e46 AG |
411 | ("git" ,git) |
412 | ("gnupg" ,gnupg) | |
81635fb6 | 413 | ("qrencode" ,qrencode) |
61201e46 AG |
414 | ("sed" ,sed) |
415 | ("tree" ,tree) | |
416 | ("which" ,which) | |
177475cf JL |
417 | ("xclip" ,xclip) |
418 | ("xdotool" ,xdotool))) | |
62ab60aa | 419 | (home-page "https://www.passwordstore.org/") |
c285a400 JT |
420 | (synopsis "Encrypted password manager") |
421 | (description "Password-store is a password manager which uses GnuPG to | |
422 | store and retrieve passwords. The tool stores each password in its own | |
423 | GnuPG-encrypted file, allowing the program to be simple yet secure. | |
424 | Synchronization is possible using the integrated git support, which commits | |
425 | changes to your password database to a git repository that can be managed | |
426 | through the pass command.") | |
427 | (license license:gpl2+))) | |
6d32dd8c LG |
428 | |
429 | (define-public argon2 | |
430 | (package | |
431 | (name "argon2") | |
c06bf6a3 | 432 | (version "20171227") |
6d32dd8c LG |
433 | (source |
434 | (origin | |
435 | (method url-fetch) | |
436 | (uri | |
1feeb2e0 TGR |
437 | (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/" |
438 | version ".tar.gz")) | |
6d32dd8c LG |
439 | (file-name (string-append name "-" version ".tar.gz")) |
440 | (sha256 | |
441 | (base32 | |
c06bf6a3 | 442 | "1n6w5y3va7lrcym7cxr0nikapldqm80wxjdns584bvplq5r03spa")))) |
6d32dd8c LG |
443 | (build-system gnu-build-system) |
444 | (arguments | |
445 | `(#:test-target "test" | |
c06bf6a3 MB |
446 | #:make-flags '("CC=gcc" |
447 | "OPTTEST=1") ;disable CPU optimization | |
6d32dd8c LG |
448 | #:phases |
449 | (modify-phases %standard-phases | |
c06bf6a3 MB |
450 | (add-after 'unpack 'patch-Makefile |
451 | (lambda* (#:key outputs #:allow-other-keys) | |
452 | (let ((out (assoc-ref outputs "out"))) | |
453 | (substitute* "Makefile" | |
454 | (("PREFIX = /usr") (string-append "PREFIX = " out))) | |
037d1851 AB |
455 | (substitute* "libargon2.pc" |
456 | (("prefix=/usr") (string-append "prefix=" out)) | |
457 | (("@HOST_MULTIARCH@") "") | |
458 | (("@UPSTREAM_VER@") ,version)) | |
c06bf6a3 | 459 | #t))) |
037d1851 AB |
460 | (delete 'configure) |
461 | (add-after 'install 'install-argon2.pc | |
462 | (lambda* (#:key outputs #:allow-other-keys) | |
463 | (let ((out (assoc-ref outputs "out"))) | |
464 | (install-file "libargon2.pc" | |
465 | (string-append out "/lib/pkgconfig")) | |
466 | #t)))))) | |
6d32dd8c LG |
467 | (home-page "https://www.argon2.com/") |
468 | (synopsis "Password hashing library") | |
469 | (description "Argon2 provides a key derivation function that was declared | |
470 | winner of the 2015 Password Hashing Competition.") | |
c06bf6a3 MB |
471 | ;; Argon2 is dual licensed under CC0 and ASL 2.0. Some of the source |
472 | ;; files are CC0 only; see README.md and LICENSE for details. | |
473 | (license (list license:cc0 license:asl2.0)))) | |
153e58c5 | 474 | |
a1714ff5 JL |
475 | (define-public pass-git-helper |
476 | (package | |
477 | (name "pass-git-helper") | |
478 | (version "0.3.1") | |
479 | (source | |
480 | (origin | |
481 | (method url-fetch) | |
482 | (uri (string-append "https://github.com/languitar/pass-git-helper/archive/release-" | |
483 | version ".tar.gz")) | |
484 | (sha256 | |
485 | (base32 | |
486 | "0lz5ncy44pz7z1j2nnyildx8sq33zi3xvg5nkwg25n11nasqh2xn")))) | |
487 | (build-system python-build-system) | |
488 | (arguments | |
489 | `(#:phases | |
490 | (modify-phases %standard-phases | |
491 | (add-before 'build 'patch-pass-path | |
492 | (lambda* (#:key inputs #:allow-other-keys) | |
493 | (let* ((password-store (assoc-ref inputs "password-store")) | |
494 | (pass (string-append password-store "/bin/pass"))) | |
495 | (substitute* "pass-git-helper" | |
496 | (("'pass'") (string-append "'" pass "'"))) | |
497 | #t)))))) | |
498 | (inputs | |
499 | `(("python-pyxdg" ,python-pyxdg) | |
500 | ("password-store" ,password-store))) | |
501 | (home-page "https://github.com/languitar/pass-git-helper") | |
502 | (synopsis "Git credential helper interfacing with pass") | |
503 | (description "pass-git-helper is a git credential helper which allows to | |
504 | use pass, the standard unix password manager, as the credential backend for | |
505 | your git repositories. This is achieved by explicitly defining mappings | |
506 | between hosts and entries in the password store.") | |
507 | (license license:lgpl3+))) | |
eb28a777 EB |
508 | |
509 | (define-public john-the-ripper-jumbo | |
510 | (let ((official-version "1.8.0") | |
511 | (jumbo-version "1")) | |
512 | (package | |
513 | (name "john-the-ripper-jumbo") | |
514 | (version (string-append official-version "-" jumbo-version)) | |
515 | (source | |
516 | (origin | |
517 | (method url-fetch) | |
518 | (uri (string-append "http://www.openwall.com/john/j/john-" | |
519 | official-version "-jumbo-" jumbo-version ".tar.xz")) | |
520 | (sha256 | |
521 | (base32 | |
522 | "08q92sfdvkz47rx6qjn7qv57cmlpy7i7rgddapq5384mb413vjds")) | |
523 | (patches | |
524 | (list (origin | |
525 | (method url-fetch) | |
526 | (uri (string-append "https://github.com/magnumripper/" | |
527 | "JohnTheRipper/commit/" | |
528 | "e2e868db3e153b3f959e119a51703d4afb99c624.patch")) | |
529 | (file-name "john-the-ripper-jumbo-gcc5-inline.patch") | |
530 | (sha256 | |
531 | (base32 | |
532 | "1shvcf1y2097115mxhzdkm64dr106a8zr6pqjqyh171q5ng5vfra"))) | |
533 | (origin | |
534 | (method url-fetch) | |
535 | (uri (string-append "https://github.com/magnumripper/" | |
536 | "JohnTheRipper/commit/" | |
537 | "480e95b0e449863be3e1a5b0bc634a67df28b618.patch")) | |
538 | (file-name "john-the-ripper-jumbo-non-x86.patch") | |
539 | (sha256 | |
540 | (base32 | |
541 | "1ffd9dvhk0sb6ss8dv5yalh01lz30i7rilqilf2xv68gax2hyjqx"))))))) | |
542 | (build-system gnu-build-system) | |
543 | (inputs | |
544 | `(("gmp" ,gmp) | |
545 | ("krb5" ,mit-krb5) | |
546 | ("libpcap" ,libpcap) | |
547 | ("nss" ,nss) | |
548 | ("openssl" ,openssl) | |
549 | ("zlib" ,zlib))) | |
550 | (arguments | |
551 | `(#:configure-flags | |
552 | (list (string-append | |
553 | "CFLAGS=-O2 -g " | |
554 | "-DJOHN_SYSTEMWIDE=1 " | |
555 | "-DJOHN_SYSTEMWIDE_EXEC='\"" %output "/libexec/john\"' " | |
556 | "-DJOHN_SYSTEMWIDE_HOME='\"" %output "/share/john\"'") | |
557 | ;; For now, do not test for instruction set in configure, and | |
558 | ;; do not pass '-march=native' to gcc: | |
559 | "--disable-native-tests" | |
560 | "--disable-native-macro") | |
561 | #:tests? #f ;tests try to create '.john' in the build user's $HOME | |
562 | #:phases | |
563 | (modify-phases %standard-phases | |
564 | (add-before 'configure 'chdir-src | |
565 | (lambda _ (chdir "src"))) | |
566 | (replace 'install | |
567 | (lambda _ | |
568 | (let ((bindir (string-append %output "/bin")) | |
569 | (docdir (string-append %output "/share/doc/john")) | |
570 | (execdir (string-append %output "/libexec/john")) | |
571 | (homedir (string-append %output "/share/john")) | |
572 | (install-file-to (lambda (dir) | |
573 | (lambda (f) (install-file f dir)))) | |
574 | (symlink? (lambda (_ s) (eq? (stat:type s) 'symlink)))) | |
575 | (with-directory-excursion "../run" | |
576 | (for-each (install-file-to execdir) | |
577 | (cons* "mailer" "benchmark-unify" | |
578 | (find-files "." ".*\\.(py|rb|pl)"))) | |
579 | (for-each (install-file-to homedir) | |
580 | (append (find-files "." "(stats|dictionary.*)") | |
581 | (find-files "." "(.*\\.chr|.*\\.lst)") | |
582 | (find-files "." ".*\\.conf"))) | |
583 | (for-each (install-file-to bindir) | |
584 | '("tgtsnarf" "genmkvpwd" "mkvcalcproba" | |
585 | "raw2dyna" "luks2john" "vncpcap2john" | |
586 | "uaf2john" "calc_stat" "wpapcap2john" | |
587 | "cprepair" "relbench" "SIPdump" "john")) | |
588 | (for-each (lambda (f) ;install symlinked aliases | |
589 | (symlink "john" | |
590 | (string-append bindir "/" (basename f)))) | |
591 | (find-files "." symlink?))) | |
592 | (copy-recursively "../doc" docdir) | |
593 | #t)))))) | |
594 | (home-page "http://www.openwall.com/john/") | |
595 | (synopsis "Password cracker") | |
596 | (description "John the Ripper is a fast password cracker. Its primary | |
597 | purpose is to detect weak Unix passwords. Besides several @code{crypt} | |
598 | password hash types most commonly found on various Unix systems, supported out | |
599 | of the box are Windows LM hashes, plus lots of other hashes and ciphers. This | |
600 | is the community-enhanced, \"jumbo\" version of John the Ripper.") | |
601 | (license license:gpl2+)))) | |
649eb8b5 KH |
602 | |
603 | (define-public sala | |
604 | (package | |
605 | (name "sala") | |
606 | (version "1.3") | |
607 | (source | |
608 | (origin | |
609 | (method url-fetch) | |
610 | (uri (pypi-uri "sala" version)) | |
611 | (sha256 | |
612 | (base32 | |
613 | "13qgmc3i2a0cqp8jqrfl93lnphfagb32pgfikc1gza2a14asxzi8")))) | |
614 | (build-system python-build-system) | |
615 | (arguments | |
616 | ;; Sala is supposed to work with Python 3.2 or higher, | |
617 | ;; but it doesn't work with Python 3.6. Better stick | |
618 | ;; to Python 2, which works fine. | |
619 | `(#:python ,python-2)) | |
620 | (propagated-inputs | |
621 | `(("gnupg" ,gnupg) | |
622 | ("pwgen" ,pwgen))) | |
623 | (home-page "http://www.digip.org/sala/") | |
624 | (synopsis "Encrypted plaintext password store") | |
625 | (description | |
626 | "Store passwords and other bits of sensitive plain-text information | |
627 | to encrypted files on a directory hierarchy. The information is protected | |
628 | by GnuPG's symmetrical encryption.") | |
629 | (license license:expat))) | |
d4e0ebd0 T |
630 | |
631 | (define-public fpm2 | |
632 | (package | |
633 | (name "fpm2") | |
634 | (version "0.79") | |
635 | (source (origin | |
636 | (method url-fetch) | |
637 | (uri (string-append "https://als.regnet.cz/fpm2/download/fpm2-" | |
638 | version ".tar.bz2")) | |
639 | (sha256 | |
640 | (base32 | |
641 | "19sdy1lygfhkg5nxi2w9a4d9kwvw24nxp0ix0p0lz91qpvk9qpnm")))) | |
642 | (build-system gnu-build-system) | |
643 | (inputs `(("gtk2" ,gtk+-2) | |
644 | ("gnupg" ,gnupg) | |
645 | ("libxml2" ,libxml2))) | |
646 | (native-inputs `(("pkg-config" ,pkg-config) | |
647 | ("intltool" ,intltool))) | |
648 | (arguments | |
649 | `(#:phases | |
650 | (modify-phases %standard-phases | |
651 | (add-before 'configure 'pre-configure | |
652 | ;; The file po/POTFILES.in ends up missing for some reason in | |
653 | ;; both nix and guix builds. Adding the file with contents | |
654 | ;; found during troubleshooting. | |
655 | (lambda _ | |
656 | (call-with-output-file "po/POTFILES.in" | |
657 | (lambda (port) | |
658 | (format port "data/fpm2.desktop.in | |
659 | data/fpm2.desktop.in.in | |
660 | fpm2.glade | |
661 | src/callbacks.c | |
662 | src/fpm.c | |
663 | src/fpm_file.c | |
664 | src/interface.c | |
665 | src/support.c | |
666 | fpm2.glade | |
667 | "))) | |
668 | #t))))) | |
669 | (synopsis "Manage, generate and store passwords encrypted") | |
670 | (description "FPM2 is GTK2 port from Figaro's Password Manager | |
671 | originally developed by John Conneely, with some new enhancements. | |
672 | ||
673 | Upstream development seems to have stopped. It is therefore recommended | |
674 | to use a different password manager.") | |
675 | (home-page "https://als.regnet.cz/fpm2/") | |
676 | (license license:gpl2+))) | |
20b51b17 AI |
677 | |
678 | (define-public pass-rotate | |
679 | (package | |
680 | (name "pass-rotate") | |
681 | (version "0.1") | |
682 | (source | |
683 | (origin | |
684 | (method url-fetch) | |
685 | (uri (string-append "https://github.com/SirCmpwn/pass-rotate/archive/" | |
686 | version ".tar.gz")) | |
687 | (sha256 | |
688 | (base32 | |
689 | "1svm5nj8bczv2dg8lh2zqqhbsrljqsw9680r03qwgl9vlci90210")) | |
690 | (file-name (string-append name "-" version ".tar.gz")))) | |
691 | (build-system python-build-system) | |
692 | (inputs | |
693 | `(("python-beautifulsoup4" ,python-beautifulsoup4) | |
694 | ("python-docopt" ,python-docopt) | |
695 | ("python-html5lib" ,python-html5lib) | |
696 | ("python-requests" ,python-requests))) | |
697 | (home-page "https://github.com/SirCmpwn/pass-rotate") | |
698 | (synopsis "Rotate password on online services") | |
699 | (description "pass-rotate is a command line utility and python library for | |
700 | rotating passwords on various web services. It makes it easier to rotate your | |
701 | passwords, one at a time or in bulk, when security events or routine upkeep of | |
702 | your online accounts makes it necessary.") | |
703 | (license license:expat))) | |
c10aa278 PN |
704 | |
705 | (define-public hashcat | |
706 | (package | |
707 | (name "hashcat") | |
708 | (version "4.1.0") | |
709 | (source | |
710 | (origin | |
711 | (method url-fetch) | |
712 | (uri (string-append "https://hashcat.net/files/hashcat-" | |
713 | version ".tar.gz")) | |
714 | (sha256 | |
715 | (base32 | |
716 | "170i2y32ykgzb1qf1wz3klwn31c09bviz4x3bnrwia65adqrj8xx")))) | |
717 | (native-inputs | |
718 | `(("opencl-headers" ,opencl-headers))) | |
719 | (build-system gnu-build-system) | |
720 | (arguments | |
721 | '(#:tests? #f ;no tests | |
722 | #:make-flags (list (string-append "PREFIX=" %output)) | |
723 | #:phases | |
724 | (modify-phases %standard-phases | |
725 | (delete 'configure)))) | |
726 | (home-page "https://hashcat.net/hashcat/") | |
727 | (synopsis "Advanced password recovery utility") | |
728 | (description "Hashcat is an password recovery utility, supporting five | |
729 | unique modes of attack for over 200 highly-optimized hashing algorithms. | |
730 | Hashcat currently supports CPUs, GPUs, and other hardware accelerators on | |
731 | Linux, Windows, and macOS, and has facilities to help enable distributed | |
732 | password cracking.") | |
733 | (license license:expat))) | |
eb4ffe9b PN |
734 | |
735 | (define-public hashcat-utils | |
736 | (package | |
737 | (name "hashcat-utils") | |
738 | (version "1.8") | |
739 | (source | |
740 | (origin | |
741 | (method url-fetch) | |
742 | (uri (string-append "https://github.com/hashcat/hashcat-utils/releases/download/v" | |
743 | version "/hashcat-utils-1.8.7z")) | |
744 | (sha256 | |
745 | (base32 | |
746 | "1x80rngjz7gkhwplhw1iqr0wzb6hjkrjfld2kz9kmgp5dr9nys1p")))) | |
747 | (native-inputs | |
748 | `(("p7zip" ,p7zip))) | |
749 | (inputs | |
750 | `(("perl" ,perl))) | |
751 | (build-system gnu-build-system) | |
752 | (arguments | |
753 | `(#:tests? #f ;no tests | |
754 | #:make-flags (list "CC=gcc" | |
755 | ;; Upstream bug(?): "make all" seems to remove the | |
756 | ;; Perl scripts from the source. | |
757 | "native") | |
758 | #:phases | |
759 | (modify-phases %standard-phases | |
760 | (replace 'unpack | |
761 | (lambda* (#:key source #:allow-other-keys) | |
762 | (invoke "7z" "x" source) | |
763 | (chdir (string-append "hashcat-utils-" ,version "/src")) | |
764 | #t)) | |
765 | (delete 'configure) | |
766 | (replace 'install | |
767 | (lambda* (#:key outputs #:allow-other-keys) | |
768 | (let ((out (string-append (assoc-ref outputs "out") "/bin"))) | |
769 | (mkdir-p out) | |
770 | (for-each (lambda (file) | |
771 | (copy-file file (string-append out "/" (basename file ".bin")))) | |
772 | (find-files "." "\\.bin$")) | |
773 | (for-each (lambda (file) | |
774 | (copy-file file (string-append out "/" (basename file ".pl")))) | |
775 | (find-files "../bin" "\\.pl$")) | |
776 | #t)))))) | |
777 | (home-page "https://github.com/hashcat/hashcat-utils/") | |
778 | (synopsis "Small utilities that are useful in advanced password cracking") | |
779 | (description "Hashcat-utils are a set of small utilities that are useful | |
780 | in advanced password cracking. They all are packed into multiple stand-alone | |
781 | binaries. All of these utils are designed to execute only one specific | |
782 | function. Since they all work with @code{STDIN} and @code{STDOUT} you can | |
783 | group them into chains.") | |
784 | (license license:expat))) |