[jackhill/guix/guix.git] / gnu / packages / gnupg.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages gnupg)
  #:use-module (guix licenses)
  #:use-module (gnu packages curl)
  #:use-module (gnu packages openldap)
  #:use-module (gnu packages perl)
  #:use-module (gnu packages pth)
  #:use-module (gnu packages python)
  #:use-module (gnu packages readline)
  #:use-module ((gnu packages compression) #:prefix guix:)
  #:use-module (gnu packages gtk)
  #:use-module (gnu packages glib)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages ncurses)
  #:use-module (guix packages)
  #:use-module (guix download)
  #:use-module (guix build-system gnu))

(define-public libgpg-error
  (package
    (name "libgpg-error")
    (version "1.13")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "02lv5h865f8if391xjp3njg04k0l4x2pwjkcdbzcwilail1skazq"))))
    (build-system gnu-build-system)
    (home-page "http://gnupg.org")
    (synopsis
     "Libgpg-error, a small library that defines common error values for all GnuPG components")
    (description
     "Libgpg-error is a small library that defines common error values
for all GnuPG components.  Among these are GPG, GPGSM, GPGME,
GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
Daemon and possibly more in the future.")
    (license lgpl2.0+)))

(define-public libgcrypt
  (package
    (name "libgcrypt")
    (version "1.6.2")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
                                 version ".tar.bz2"))
             (sha256
              (base32
               "0k2wi34qhp5hq71w1ab3kw1gfsx7xff79bvynqkxp35kls94826y"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error" ,libgpg-error)))
    (native-inputs
     ;; Needed here for the 'gpg-error' program.
     `(("libgpg-error" ,libgpg-error)))
    (arguments
     ;; The '--with-gpg-error-prefix' argument is needed because otherwise
     ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
     ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
     `(#:configure-flags
       (list (string-append "--with-gpg-error-prefix="
                            (assoc-ref %build-inputs "libgpg-error")))))
    (outputs '("out" "debug"))
    (home-page "http://gnupg.org/")
    (synopsis "Cryptographic function library")
    (description
     "Libgcrypt is a general-purpose cryptographic library.  It provides the
standard cryptographic building blocks such as symmetric ciphers, hash
algorithms, public key algorithms, large integer functions and random number
generation.")
    (license lgpl2.0+)))

(define-public libgcrypt-1.5
  (package (inherit libgcrypt)
    (version "1.5.4")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))

(define-public libassuan
  (package
    (name "libassuan")
    (version "2.1.2")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libassuan/libassuan-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "0yxp3mdsxg75aj3h2r94vzad5i1y2mh0df9pv76ggals6k4sgy1r"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
    (home-page "http://gnupg.org")
    (synopsis
     "Libassuan, the IPC library used by GnuPG and related software")
    (description
     "Libassuan is a small library implementing the so-called Assuan
protocol.  This protocol is used for IPC between most newer
GnuPG components.  Both, server and client side functions are
provided.")
    (license lgpl2.0+)))

(define-public libksba
  (package
    (name "libksba")
    (version "1.3.0")
    (source
     (origin
      (method url-fetch)
      (uri (string-append
            "mirror://gnupg/libksba/libksba-"
            version ".tar.bz2"))
      (sha256
       (base32
        "0w8rfb6yhcwkwzvjafrashcygy4hd9xwwmvlnkfd1m2h0paywqas"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error" ,libgpg-error)))
    (native-inputs
     `(("libgpg-error" ,libgpg-error)))
    (arguments
     `(#:configure-flags
       (list ,@(if (%current-target-system)
                   '("CC_FOR_BUILD=gcc")
                   '())
             (string-append "--with-gpg-error-prefix="
                            (assoc-ref %build-inputs "libgpg-error")))))
    (home-page "http://www.gnupg.org")
    (synopsis
     "Libksba is a CMS and X.509 access library under development")
    (description
     "KSBA (pronounced Kasbah) is a library to make X.509 certificates
as well as the CMS easily accessible by other applications.  Both
specifications are building blocks of S/MIME and TLS.")
    (license gpl3+)))

(define-public gnupg
  (package
    (name "gnupg")
    (version "2.0.26")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                  ".tar.bz2"))
              (sha256
               (base32
                "1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p"))))
    (build-system gnu-build-system)
    (inputs
     `(("bzip2" ,guix:bzip2)
       ("curl" ,curl)
       ("libassuan" ,libassuan)
       ("libgcrypt" ,libgcrypt)
       ("libgpg-error" ,libgpg-error)
       ("libksba" ,libksba)
       ("pth" ,pth)
       ("openldap" ,openldap)
       ("zlib" ,guix:zlib)
       ("readline" ,readline)))
   (arguments
    `(#:phases
       (alist-cons-before
        'configure 'patch-config-files
        (lambda _
          (substitute* "tests/openpgp/Makefile.in"
            (("/bin/sh") (which "bash"))))
       %standard-phases)))
    (home-page "http://gnupg.org/")
    (synopsis "GNU Privacy Guard")
    (description
     "The GNU Privacy Guard is a complete implementation of the OpenPGP
standard.  It is used to encrypt and sign data and communication.  It
features powerful key management and the ability to access public key
servers.  It includes several libraries: libassuan (IPC between GnuPG
components), libgpg-error (centralized GnuPG error values), and
libskba (working with X.509 certificates and CMS data).")
    (license gpl3+)))

(define-public gnupg-1
  (package (inherit gnupg)
    (version "1.4.18")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                  ".tar.bz2"))
              (sha256
               (base32
                "1233bppjvdpbbl425ii6l7xvgy0879ghhnmwrph5b6c4g3dgvddp"))))
    (inputs
     `(("zlib" ,guix:zlib)
       ("bzip2" ,guix:bzip2)
       ("curl" ,curl)
       ("readline" ,readline)
       ("libgpg-error" ,libgpg-error)))
    (arguments
     `(#:phases (alist-cons-after
                 'unpack 'patch-check-sh
                 (lambda _
                   (substitute* "checks/Makefile.in"
                     (("/bin/sh") (which "bash"))))
                 %standard-phases)))))

(define-public gpgme
  (package
    (name "gpgme")
    (version "1.5.1")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
                          ".tar.bz2"))
      (sha256
       (base32
        "1qqi9bxwxxsc4r15j7drclgp0w8jk9nj3h2fsivk4c7brvw3lbvc"))))
    (build-system gnu-build-system)
    (propagated-inputs
     ;; Needs to be propagated because gpgme.h includes gpg-error.h.
     `(("libgpg-error" ,libgpg-error)))
    (inputs
     `(("gnupg" ,gnupg)
       ("libassuan" ,libassuan)))
    (arguments '(#:make-flags '("GPG=gpg2")))
    (home-page "http://www.gnupg.org/related_software/gpgme/")
    (synopsis "library providing simplified access to GnuPG functionality")
    (description
     "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
easier for applications.  It provides a High-Level Crypto API for encryption,
decryption, signing, signature verification and key management.  Currently
it uses GnuPG as its backend but the API isn't restricted to this engine.

Because the direct use of GnuPG from an application can be a complicated
programming task, it is suggested that all software should try to use GPGME
instead.  This way bug fixes or improvements can be done at a central place
and every application benefits from this.")
    (license lgpl2.1+)))

(define-public pius
  (package
   (name "pius")
   (version "2.0.9")
   (source (origin
            (method url-fetch)
            (uri (string-append "mirror://sourceforge/pgpius/pius/"
                                version "/pius-"
                                version ".tar.bz2"))
            (sha256 (base32
                     "1g1jly3wl4ks6h8ydkygyl2c4i7v3z91rg42005m6vm70y1d8b3d"))))
   (build-system gnu-build-system)
   (inputs `(("perl" ,perl)
             ("python" ,python-2)           ; uses the Python 2 'print' syntax
             ("gpg" ,gnupg)))
   (arguments
    `(#:tests? #f
      #:phases
       (alist-delete
        'configure
       (alist-delete
        'build
       (alist-replace
        'install
        (lambda* (#:key inputs outputs #:allow-other-keys)
          (let* ((out (assoc-ref outputs "out"))
                 (gpg (string-append (assoc-ref inputs "gpg")
                                     "/bin/gpg2")))
            (mkdir out)
            (mkdir (string-append out "/bin"))
            (for-each (lambda (file)
                        (substitute* file
                          (("/usr/bin/gpg") gpg))
                        (copy-file file (string-append out "/bin/" file)))
                      '("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
       %standard-phases)))))
   (synopsis "Programs to simplify GnuPG key signing")
   (description
    "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
parties. It is the main utility and makes it possible to quickly and easily
sign each UID on a set of PGP keys. It is designed to take the pain out of
the sign-all-the-keys part of PGP Keysigning Party while adding security
to the process.

pius-keyring-mgr and pius-party-worksheet help organisers of
PGP keysigning parties.")
   (license gpl2)
   (home-page "http://www.phildev.net/pius/index.shtml")))

(define-public signing-party
  (package
   (name "signing-party")
   (version "1.1.4")
   (source (origin
            (method url-fetch)
            (uri (string-append "http://ftp.debian.org/debian/pool/main/s/signing-party/signing-party_"
                                version ".orig.tar.gz"))
            (sha256 (base32
                     "188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
   (build-system gnu-build-system)
   (inputs `(("perl" ,perl)))
   (arguments
    `(#:tests? #f
      #:phases
      (alist-cons-after
       'unpack 'remove-spurious-links
       (lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
      (alist-replace
       'configure
       (lambda* (#:key outputs #:allow-other-keys)
         (let ((out (assoc-ref outputs "out")))
           (substitute* "keyanalyze/Makefile"
             (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
           (substitute* "keyanalyze/Makefile"
             (("./configure") (string-append "./configure --prefix=" out)))
           (substitute* "keyanalyze/pgpring/configure"
             (("/bin/sh") (which "bash")))
           (substitute* "gpgwrap/Makefile"
             (("\\} clean") (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
                                      out "/bin/gpgwrap\n")))
           (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
                          "keylookup/Makefile" "sig2dot/Makefile"
                          "springgraph/Makefile")
             (("/usr") out))))
       (alist-replace
        'install
        (lambda* (#:key outputs #:allow-other-keys #:rest args)
          (let ((out (assoc-ref outputs "out"))
                (install (assoc-ref %standard-phases 'install)))
            (apply install args)
            (for-each
              (lambda (dir file)
                (copy-file (string-append dir "/" file)
                           (string-append out "/bin/" file)))
              '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
                "gpglist" "gpg-mailkeys" "gpgparticipants")
              '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
                "gpglist" "gpg-mailkeys" "gpgparticipants"))
            (for-each
              (lambda (dir file)
                (copy-file (string-append dir "/" file)
                           (string-append out "/share/man/man1/" file)))
              '("caff" "caff" "caff" "gpgdir"
                "gpg-key2ps" "gpglist" "gpg-mailkeys"
                "gpgparticipants" "gpgsigs" "gpgwrap/doc"
                "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
              '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
                "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
                "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
                "process_keys.1" "pgpring.1" "keyanalyze.1"))))
      %standard-phases)))))
   (synopsis "collection of scripts for simplifying gnupg key signing")
   (description
    "signing-party is a collection for all kinds of PGP/GnuPG related things,
including tools for signing keys, keyring analysis, and party preparation.

 * caff: CA - Fire and Forget signs and mails a key
 
 * pgp-clean: removes all non-self signatures from key

 * pgp-fixkey: removes broken packets from keys

 * gpg-mailkeys: simply mail out a signed key to its owner

 * gpg-key2ps: generate PostScript file with fingerprint paper strips

 * gpgdir: recursive directory encryption tool

 * gpglist: show who signed which of your UIDs

 * gpgsigs: annotates list of GnuPG keys with already done signatures

 * gpgparticipants: create list of party participants for the organiser

 * gpgwrap: a passphrase wrapper

 * keyanalyze: minimum signing distance (MSD) analysis on keyrings

 * keylookup: ncurses wrapper around gpg --search

 * sig2dot: converts a list of GnuPG signatures to a .dot file

 * springgraph: creates a graph from a .dot file")
   ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
   ;; and caff and gpgsigs: bsd-3, see
   ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
   (license gpl2)
   (home-page "http://pgp-tools.alioth.debian.org/")))

(define-public pinentry
  (package
    (name "pinentry")
    (version "0.8.3")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/pinentry/pinentry-"
                                  version ".tar.bz2"))
              (sha256
               (base32
                "1bd047crf7xb8g61mval8v6qww98rddlsw2dz6j8h8qbnl4hp2sn"))))
    (build-system gnu-build-system)
    (inputs
     `(("ncurses" ,ncurses)
       ("gtk+" ,gtk+-2)
       ("glib" ,glib)))
    (native-inputs
     `(("pkg-config" ,pkg-config)))
    (home-page "http://gnupg.org/aegypten2/")
    (synopsis "GnuPG's interface to passphrase input")
    (description
     "Pinentry provides a console and a GTK+ GUI that allows users to
enter a passphrase when `gpg' or `gpg2' is run and needs it.")
    (license gpl2+)))

(define-public paperkey
  (package
    (name "paperkey")
    (version "1.3")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://www.jabberwocky.com/"
                                  "software/paperkey/paperkey-"
                                  version ".tar.gz"))
              (sha256
               (base32
                "1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
       (alist-cons-before
        'check 'patch-check-scripts
        (lambda _
          (substitute* '("checks/roundtrip.sh"
                         "checks/roundtrip-raw.sh")
            (("/bin/echo") "echo")))
        %standard-phases)))
    (home-page "http://www.jabberwocky.com/software/paperkey/")
    (synopsis "Backup OpenPGP keys to paper")
    (description
     "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
for printing with paper and ink, which have amazingly long retention
qualities.  To reconstruct a secret key, you re-enter those
bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
them to transform your existing public key into a secret key.")
    (license gpl2+)))
Commit	Line	Data
233e7676	1	;;; GNU Guix --- Functional package management for GNU
40d806af	2	;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
ea4d96c6	3	;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
4380a7b4	4	;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
5249045c	5	;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
8d1939e4	6	;;;
233e7676	7	;;; This file is part of GNU Guix.
8d1939e4	8	;;;
233e7676	9	;;; GNU Guix is free software; you can redistribute it and/or modify it
8d1939e4 LC	10	;;; under the terms of the GNU General Public License as published by
	11	;;; the Free Software Foundation; either version 3 of the License, or (at
	12	;;; your option) any later version.
	13	;;;
233e7676	14	;;; GNU Guix is distributed in the hope that it will be useful, but
8d1939e4 LC	15	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	16	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	;;; GNU General Public License for more details.
	18	;;;
	19	;;; You should have received a copy of the GNU General Public License
233e7676	20	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
8d1939e4	21
1ffa7090	22	(define-module (gnu packages gnupg)
4a44e743	23	#:use-module (guix licenses)
01e11826 AE	24	#:use-module (gnu packages curl)
01e11826 AE	25	#:use-module (gnu packages openldap)
ea4d96c6	26	#:use-module (gnu packages perl)
1ffa7090	27	#:use-module (gnu packages pth)
ea4d96c6	28	#:use-module (gnu packages python)
1ffa7090	29	#:use-module (gnu packages readline)
b5b73a82	30	#:use-module ((gnu packages compression) #:prefix guix:)
40d806af LC	31	#:use-module (gnu packages gtk)
	32	#:use-module (gnu packages glib)
	33	#:use-module (gnu packages pkg-config)
	34	#:use-module (gnu packages ncurses)
8d1939e4	35	#:use-module (guix packages)
87f5d366	36	#:use-module (guix download)
8d1939e4 LC	37	#:use-module (guix build-system gnu))
	38
	39	(define-public libgpg-error
	40	(package
	41	(name "libgpg-error")
473dad6f	42	(version "1.13")
8d1939e4 LC	43	(source
8d1939e4 LC	44	(origin
87f5d366	45	(method url-fetch)
0db342a5	46	(uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
8d1939e4 LC	47	version ".tar.bz2"))
	48	(sha256
	49	(base32
473dad6f	50	"02lv5h865f8if391xjp3njg04k0l4x2pwjkcdbzcwilail1skazq"))))
8d1939e4 LC	51	(build-system gnu-build-system)
	52	(home-page "http://gnupg.org")
	53	(synopsis
	54	"Libgpg-error, a small library that defines common error values for all GnuPG components")
	55	(description
	56	"Libgpg-error is a small library that defines common error values
	57	for all GnuPG components. Among these are GPG, GPGSM, GPGME,
	58	GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
	59	Daemon and possibly more in the future.")
4a44e743	60	(license lgpl2.0+)))
8d1939e4 LC	61
	62	(define-public libgcrypt
	63	(package
	64	(name "libgcrypt")
bcac69f6	65	(version "1.6.2")
84a3e3b7 LC	66	(source (origin
	67	(method url-fetch)
	68	(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
	69	version ".tar.bz2"))
	70	(sha256
	71	(base32
bcac69f6	72	"0k2wi34qhp5hq71w1ab3kw1gfsx7xff79bvynqkxp35kls94826y"))))
8d1939e4 LC	73	(build-system gnu-build-system)
	74	(propagated-inputs
	75	`(("libgpg-error" ,libgpg-error)))
e766f699 JD	76	(native-inputs
	77	;; Needed here for the 'gpg-error' program.
	78	`(("libgpg-error" ,libgpg-error)))
	79	(arguments
	80	;; The '--with-gpg-error-prefix' argument is needed because otherwise
	81	;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
	82	;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
	83	`(#:configure-flags
	84	(list (string-append "--with-gpg-error-prefix="
	85	(assoc-ref %build-inputs "libgpg-error")))))
40fed2d8	86	(outputs '("out" "debug"))
8d1939e4	87	(home-page "http://gnupg.org/")
f50d2669	88	(synopsis "Cryptographic function library")
8d1939e4	89	(description
a22dc0c4 LC	90	"Libgcrypt is a general-purpose cryptographic library. It provides the
	91	standard cryptographic building blocks such as symmetric ciphers, hash
	92	algorithms, public key algorithms, large integer functions and random number
	93	generation.")
4a44e743	94	(license lgpl2.0+)))
8d1939e4	95
a53421fd AE	96	(define-public libgcrypt-1.5
a53421fd AE	97	(package (inherit libgcrypt)
460f97f8	98	(version "1.5.4")
a53421fd AE	99	(source
	100	(origin
	101	(method url-fetch)
	102	(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
	103	version ".tar.bz2"))
	104	(sha256
	105	(base32
460f97f8	106	"0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))
a53421fd	107
8d1939e4 LC	108	(define-public libassuan
	109	(package
	110	(name "libassuan")
05681d73	111	(version "2.1.2")
8d1939e4 LC	112	(source
8d1939e4 LC	113	(origin
87f5d366	114	(method url-fetch)
0db342a5	115	(uri (string-append "mirror://gnupg/libassuan/libassuan-"
8d1939e4 LC	116	version ".tar.bz2"))
	117	(sha256
	118	(base32
05681d73	119	"0yxp3mdsxg75aj3h2r94vzad5i1y2mh0df9pv76ggals6k4sgy1r"))))
8d1939e4 LC	120	(build-system gnu-build-system)
	121	(propagated-inputs
	122	`(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
	123	(home-page "http://gnupg.org")
	124	(synopsis
	125	"Libassuan, the IPC library used by GnuPG and related software")
	126	(description
	127	"Libassuan is a small library implementing the so-called Assuan
	128	protocol. This protocol is used for IPC between most newer
	129	GnuPG components. Both, server and client side functions are
	130	provided.")
4a44e743	131	(license lgpl2.0+)))
8d1939e4 LC	132
	133	(define-public libksba
	134	(package
	135	(name "libksba")
98fbd7ce	136	(version "1.3.0")
8d1939e4 LC	137	(source
8d1939e4 LC	138	(origin
87f5d366	139	(method url-fetch)
8d1939e4	140	(uri (string-append
0db342a5	141	"mirror://gnupg/libksba/libksba-"
8d1939e4 LC	142	version ".tar.bz2"))
	143	(sha256
	144	(base32
98fbd7ce	145	"0w8rfb6yhcwkwzvjafrashcygy4hd9xwwmvlnkfd1m2h0paywqas"))))
8d1939e4 LC	146	(build-system gnu-build-system)
	147	(propagated-inputs
	148	`(("libgpg-error" ,libgpg-error)))
e766f699 JD	149	(native-inputs
	150	`(("libgpg-error" ,libgpg-error)))
	151	(arguments
	152	`(#:configure-flags
	153	(list ,@(if (%current-target-system)
	154	'("CC_FOR_BUILD=gcc")
	155	'())
	156	(string-append "--with-gpg-error-prefix="
	157	(assoc-ref %build-inputs "libgpg-error")))))
8d1939e4 LC	158	(home-page "http://www.gnupg.org")
	159	(synopsis
	160	"Libksba is a CMS and X.509 access library under development")
	161	(description
	162	"KSBA (pronounced Kasbah) is a library to make X.509 certificates
	163	as well as the CMS easily accessible by other applications. Both
	164	specifications are building blocks of S/MIME and TLS.")
4a44e743	165	(license gpl3+)))
8d1939e4 LC	166
	167	(define-public gnupg
	168	(package
	169	(name "gnupg")
e69a4dd0	170	(version "2.0.26")
58970d6a LC	171	(source (origin
	172	(method url-fetch)
	173	(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
	174	".tar.bz2"))
	175	(sha256
	176	(base32
e69a4dd0	177	"1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p"))))
8d1939e4 LC	178	(build-system gnu-build-system)
8d1939e4 LC	179	(inputs
f1be8061	180	`(("bzip2" ,guix:bzip2)
01e11826	181	("curl" ,curl)
8d1939e4 LC	182	("libassuan" ,libassuan)
8d1939e4 LC	183	("libgcrypt" ,libgcrypt)
01e11826	184	("libgpg-error" ,libgpg-error)
8d1939e4 LC	185	("libksba" ,libksba)
8d1939e4 LC	186	("pth" ,pth)
01e11826	187	("openldap" ,openldap)
4a44e743	188	("zlib" ,guix:zlib)
8d1939e4	189	("readline" ,readline)))
30e9cbb4 AE	190	(arguments
30e9cbb4 AE	191	`(#:phases
d4bf49b1 EB	192	(alist-cons-before
	193	'configure 'patch-config-files
	194	(lambda _
	195	(substitute* "tests/openpgp/Makefile.in"
	196	(("/bin/sh") (which "bash"))))
30e9cbb4	197	%standard-phases)))
8d1939e4	198	(home-page "http://gnupg.org/")
f50d2669	199	(synopsis "GNU Privacy Guard")
8d1939e4	200	(description
a22dc0c4 LC	201	"The GNU Privacy Guard is a complete implementation of the OpenPGP
	202	standard. It is used to encrypt and sign data and communication. It
	203	features powerful key management and the ability to access public key
79c311b8	204	servers. It includes several libraries: libassuan (IPC between GnuPG
58970d6a LC	205	components), libgpg-error (centralized GnuPG error values), and
58970d6a LC	206	libskba (working with X.509 certificates and CMS data).")
4a44e743	207	(license gpl3+)))
ea4d96c6	208
5249045c MW	209	(define-public gnupg-1
5249045c MW	210	(package (inherit gnupg)
8ee380ba	211	(version "1.4.18")
58970d6a LC	212	(source (origin
	213	(method url-fetch)
	214	(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
	215	".tar.bz2"))
	216	(sha256
	217	(base32
8ee380ba	218	"1233bppjvdpbbl425ii6l7xvgy0879ghhnmwrph5b6c4g3dgvddp"))))
5249045c MW	219	(inputs
	220	`(("zlib" ,guix:zlib)
	221	("bzip2" ,guix:bzip2)
	222	("curl" ,curl)
	223	("readline" ,readline)
	224	("libgpg-error" ,libgpg-error)))
	225	(arguments
	226	`(#:phases (alist-cons-after
	227	'unpack 'patch-check-sh
	228	(lambda _
	229	(substitute* "checks/Makefile.in"
	230	(("/bin/sh") (which "bash"))))
	231	%standard-phases)))))
	232
09d5c166 AE	233	(define-public gpgme
	234	(package
	235	(name "gpgme")
e6a83df1	236	(version "1.5.1")
09d5c166 AE	237	(source
	238	(origin
	239	(method url-fetch)
	240	(uri (string-append "mirror://gnupg/gpgme/gpgme-" version
	241	".tar.bz2"))
	242	(sha256
	243	(base32
e6a83df1	244	"1qqi9bxwxxsc4r15j7drclgp0w8jk9nj3h2fsivk4c7brvw3lbvc"))))
09d5c166	245	(build-system gnu-build-system)
68640c3c MW	246	(propagated-inputs
	247	;; Needs to be propagated because gpgme.h includes gpg-error.h.
	248	`(("libgpg-error" ,libgpg-error)))
09d5c166 AE	249	(inputs
09d5c166 AE	250	`(("gnupg" ,gnupg)
68640c3c	251	("libassuan" ,libassuan)))
e6a83df1	252	(arguments '(#:make-flags '("GPG=gpg2")))
09d5c166 AE	253	(home-page "http://www.gnupg.org/related_software/gpgme/")
	254	(synopsis "library providing simplified access to GnuPG functionality")
	255	(description
	256	"GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
	257	easier for applications. It provides a High-Level Crypto API for encryption,
	258	decryption, signing, signature verification and key management. Currently
	259	it uses GnuPG as its backend but the API isn't restricted to this engine.
	260
	261	Because the direct use of GnuPG from an application can be a complicated
	262	programming task, it is suggested that all software should try to use GPGME
	263	instead. This way bug fixes or improvements can be done at a central place
	264	and every application benefits from this.")
	265	(license lgpl2.1+)))
	266
ea4d96c6 AE	267	(define-public pius
	268	(package
	269	(name "pius")
	270	(version "2.0.9")
	271	(source (origin
	272	(method url-fetch)
	273	(uri (string-append "mirror://sourceforge/pgpius/pius/"
	274	version "/pius-"
	275	version ".tar.bz2"))
	276	(sha256 (base32
	277	"1g1jly3wl4ks6h8ydkygyl2c4i7v3z91rg42005m6vm70y1d8b3d"))))
	278	(build-system gnu-build-system)
	279	(inputs `(("perl" ,perl)
94e3029a	280	("python" ,python-2) ; uses the Python 2 'print' syntax
9eed6f9b	281	("gpg" ,gnupg)))
ea4d96c6 AE	282	(arguments
	283	`(#:tests? #f
	284	#:phases
d4bf49b1	285	(alist-delete
ea4d96c6	286	'configure
d4bf49b1	287	(alist-delete
ea4d96c6	288	'build
ea4d96c6 AE	289	(alist-replace
ea4d96c6 AE	290	'install
9eed6f9b LC	291	(lambda* (#:key inputs outputs #:allow-other-keys)
	292	(let* ((out (assoc-ref outputs "out"))
	293	(gpg (string-append (assoc-ref inputs "gpg")
	294	"/bin/gpg2")))
ea4d96c6 AE	295	(mkdir out)
ea4d96c6 AE	296	(mkdir (string-append out "/bin"))
9eed6f9b LC	297	(for-each (lambda (file)
	298	(substitute* file
	299	(("/usr/bin/gpg") gpg))
	300	(copy-file file (string-append out "/bin/" file)))
	301	'("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
ea4d96c6	302	%standard-phases)))))
9eed6f9b	303	(synopsis "Programs to simplify GnuPG key signing")
ea4d96c6 AE	304	(description
	305	"Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
	306	parties. It is the main utility and makes it possible to quickly and easily
	307	sign each UID on a set of PGP keys. It is designed to take the pain out of
	308	the sign-all-the-keys part of PGP Keysigning Party while adding security
	309	to the process.
	310
	311	pius-keyring-mgr and pius-party-worksheet help organisers of
	312	PGP keysigning parties.")
	313	(license gpl2)
	314	(home-page "http://www.phildev.net/pius/index.shtml")))
96be765c AE	315
	316	(define-public signing-party
	317	(package
	318	(name "signing-party")
	319	(version "1.1.4")
	320	(source (origin
	321	(method url-fetch)
	322	(uri (string-append "http://ftp.debian.org/debian/pool/main/s/signing-party/signing-party_"
	323	version ".orig.tar.gz"))
	324	(sha256 (base32
	325	"188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
	326	(build-system gnu-build-system)
	327	(inputs `(("perl" ,perl)))
	328	(arguments
	329	`(#:tests? #f
	330	#:phases
d4bf49b1 EB	331	(alist-cons-after
	332	'unpack 'remove-spurious-links
	333	(lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
96be765c AE	334	(alist-replace
	335	'configure
	336	(lambda* (#:key outputs #:allow-other-keys)
	337	(let ((out (assoc-ref outputs "out")))
	338	(substitute* "keyanalyze/Makefile"
	339	(("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
	340	(substitute* "keyanalyze/Makefile"
	341	(("./configure") (string-append "./configure --prefix=" out)))
	342	(substitute* "keyanalyze/pgpring/configure"
	343	(("/bin/sh") (which "bash")))
	344	(substitute* "gpgwrap/Makefile"
	345	(("\\} clean") (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
	346	out "/bin/gpgwrap\n")))
	347	(substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
	348	"keylookup/Makefile" "sig2dot/Makefile"
	349	"springgraph/Makefile")
	350	(("/usr") out))))
	351	(alist-replace
	352	'install
	353	(lambda* (#:key outputs #:allow-other-keys #:rest args)
	354	(let ((out (assoc-ref outputs "out"))
	355	(install (assoc-ref %standard-phases 'install)))
	356	(apply install args)
	357	(for-each
	358	(lambda (dir file)
	359	(copy-file (string-append dir "/" file)
	360	(string-append out "/bin/" file)))
	361	'("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
	362	"gpglist" "gpg-mailkeys" "gpgparticipants")
	363	'("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
	364	"gpglist" "gpg-mailkeys" "gpgparticipants"))
	365	(for-each
	366	(lambda (dir file)
	367	(copy-file (string-append dir "/" file)
	368	(string-append out "/share/man/man1/" file)))
	369	'("caff" "caff" "caff" "gpgdir"
	370	"gpg-key2ps" "gpglist" "gpg-mailkeys"
	371	"gpgparticipants" "gpgsigs" "gpgwrap/doc"
	372	"keyanalyze" "keyanalyze/pgpring" "keyanalyze")
	373	'("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
	374	"gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
	375	"gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
	376	"process_keys.1" "pgpring.1" "keyanalyze.1"))))
	377	%standard-phases)))))
	378	(synopsis "collection of scripts for simplifying gnupg key signing")
	379	(description
	380	"signing-party is a collection for all kinds of PGP/GnuPG related things,
	381	including tools for signing keys, keyring analysis, and party preparation.
	382
	383	* caff: CA - Fire and Forget signs and mails a key
	384
	385	* pgp-clean: removes all non-self signatures from key
	386
	387	* pgp-fixkey: removes broken packets from keys
	388
	389	* gpg-mailkeys: simply mail out a signed key to its owner
	390
	391	* gpg-key2ps: generate PostScript file with fingerprint paper strips
	392
	393	* gpgdir: recursive directory encryption tool
	394
	395	* gpglist: show who signed which of your UIDs
	396
	397	* gpgsigs: annotates list of GnuPG keys with already done signatures
398
399	* gpgparticipants: create list of party participants for the organiser
400
401	* gpgwrap: a passphrase wrapper
402
403	* keyanalyze: minimum signing distance (MSD) analysis on keyrings
404
405	* keylookup: ncurses wrapper around gpg --search
406
407	* sig2dot: converts a list of GnuPG signatures to a .dot file
408
409	* springgraph: creates a graph from a .dot file")
410	;; gpl2+ for almost all programs, except for keyanalyze: gpl2
411	;; and caff and gpgsigs: bsd-3, see
412	;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
413	(license gpl2)
414	(home-page "http://pgp-tools.alioth.debian.org/")))
40d806af LC	415
	416	(define-public pinentry
	417	(package
	418	(name "pinentry")
	419	(version "0.8.3")
	420	(source (origin
	421	(method url-fetch)
	422	(uri (string-append "mirror://gnupg/pinentry/pinentry-"
	423	version ".tar.bz2"))
	424	(sha256
	425	(base32
	426	"1bd047crf7xb8g61mval8v6qww98rddlsw2dz6j8h8qbnl4hp2sn"))))
	427	(build-system gnu-build-system)
	428	(inputs
	429	`(("ncurses" ,ncurses)
	430	("gtk+" ,gtk+-2)
	431	("glib" ,glib)))
	432	(native-inputs
	433	`(("pkg-config" ,pkg-config)))
	434	(home-page "http://gnupg.org/aegypten2/")
	435	(synopsis "GnuPG's interface to passphrase input")
	436	(description
	437	"Pinentry provides a console and a GTK+ GUI that allows users to
	438	enter a passphrase when `gpg' or `gpg2' is run and needs it.")
	439	(license gpl2+)))
4380a7b4 EB	440
	441	(define-public paperkey
	442	(package
	443	(name "paperkey")
	444	(version "1.3")
	445	(source (origin
	446	(method url-fetch)
	447	(uri (string-append "http://www.jabberwocky.com/"
	448	"software/paperkey/paperkey-"
	449	version ".tar.gz"))
	450	(sha256
	451	(base32
	452	"1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
	453	(build-system gnu-build-system)
	454	(arguments
	455	`(#:phases
d4bf49b1 EB	456	(alist-cons-before
	457	'check 'patch-check-scripts
	458	(lambda _
	459	(substitute* '("checks/roundtrip.sh"
	460	"checks/roundtrip-raw.sh")
	461	(("/bin/echo") "echo")))
4380a7b4 EB	462	%standard-phases)))
	463	(home-page "http://www.jabberwocky.com/software/paperkey/")
	464	(synopsis "Backup OpenPGP keys to paper")
	465	(description
	466	"Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
	467	for printing with paper and ink, which have amazingly long retention
	468	qualities. To reconstruct a secret key, you re-enter those
	469	bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
	470	them to transform your existing public key into a secret key.")
	471	(license gpl2+)))