[jackhill/guix/guix.git] / gnu / packages / password-utils.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com>
;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de>
;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se>
;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages password-utils)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix build-system cmake)
  #:use-module (guix build-system gnu)
  #:use-module (guix download)
  #:use-module (guix packages)
  #:use-module (gnu packages)
  #:use-module (gnu packages admin)
  #:use-module (gnu packages base)
  #:use-module (gnu packages compression)
  #:use-module (gnu packages glib)
  #:use-module (gnu packages gnupg)
  #:use-module (gnu packages guile)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages man)
  #:use-module (gnu packages ncurses)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages python)
  #:use-module (gnu packages tls)
  #:use-module (gnu packages qt)
  #:use-module (gnu packages version-control)
  #:use-module (gnu packages xdisorg)
  #:use-module (gnu packages xorg)
  #:use-module (guix build-system python))

(define-public pwgen
  (package
    (name "pwgen")
    (version "2.07")
    (source
     (origin
       (method url-fetch)
       (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version
                           "/pwgen-" version ".tar.gz"))
       (sha256
        (base32 "0mhmw700kkh238fzivcwnwi94bj9f3h36yfh3k3j2v19b0zmjx7b"))))
    (build-system gnu-build-system)
    (arguments
     `(#:tests? #f)) ; no test suite
    (home-page "http://pwgen.sourceforge.net/")
    (synopsis "Password generator")
    (description "Pwgen generates passwords which can be easily memorized by a
human.")
    (license license:gpl2)))

(define-public keepassx
  (package
    (name "keepassx")
    (version "2.0.3")
    (source
     (origin
       (method url-fetch)
       (uri (string-append "https://www.keepassx.org/releases/" version
                           "/keepassx-" version ".tar.gz"))
       (sha256
        (base32
         "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3"))))
    (build-system cmake-build-system)
    (inputs
     `(("libgcrypt" ,libgcrypt)
       ("libxi" ,libxi)
       ("libxtst" ,libxtst)
       ("qt" ,qt-4)))
    (native-inputs
     `(("zlib" ,zlib)))
    (home-page "https://www.keepassx.org")
    (synopsis "Password manager")
    (description "KeePassX is a password manager or safe which helps you to
manage your passwords in a secure way.  You can put all your passwords in one
database, which is locked with one master key or a key-file which can be stored
on an external storage device.  The databases are encrypted using the
algorithms AES or Twofish.")
    ;; Non functional parts use various licences.
    (license license:gpl3)))

(define-public shroud
  (package
    (name "shroud")
    (version "0.1.1")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://files.dthompson.us/shroud/shroud-"
                                  version ".tar.gz"))
              (sha256
               (base32
                "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr"))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
       (modify-phases %standard-phases
         (add-after 'install 'wrap-shroud
           (lambda* (#:key outputs #:allow-other-keys)
             (let* ((out       (assoc-ref outputs "out"))
                    (ccachedir (string-append out "/lib/guile/2.0/ccache"))
                    (prog      (string-append out "/bin/shroud")))
               (wrap-program prog
                 `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir)))
               #t))))))
    (inputs
     `(("guile" ,guile-2.0)
       ("gnupg" ,gnupg)
       ("xclip" ,xclip)))
    (synopsis "GnuPG-based secret manager")
    (description "Shroud is a simple secret manager with a command line
interface.  The password database is stored as a Scheme s-expression and
encrypted with a GnuPG key.  Secrets consist of an arbitrary number of
key/value pairs, making Shroud suitable for more than just password storage.
For copying and pasting secrets into web browsers and other graphical
applications, there is xclip integration." )
    (home-page "http://dthompson.us/pages/software/shroud.html")
    (license license:gpl3+)))

(define-public yapet
  (package
    (name "yapet")
    (version "1.0")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-"
                                  version
                                  ".tar.bz2"))
              (sha256
               (base32
                "0ydbnqw6icdh07pnv2w6dhvq501bdfvrklv4xmyr8znca9d753if"))))
    (build-system gnu-build-system)
    (inputs
     `(("ncurses" ,ncurses)
       ("openssl" ,openssl)))
    (native-inputs
     `(("pkg-config" ,pkg-config)))
    (synopsis "Yet Another Password Encryption Tool")
    (description "YAPET is a text based password manager using the Blowfish
encryption algorithm.  Because of its small footprint and very few library
dependencies, it is suited for installing on desktop and server systems alike.
The text based user interface allows you to run YAPET easily in a Secure Shell
session.  Two companion utilities enable users to convert CSV files to YAPET
and vice versa.")
    (home-page "http://www.guengel.ch/myapps/yapet/")
    (license license:gpl3+)))

(define-public cracklib
  (package
    (name "cracklib")
    (version "2.9.6")
    (source (origin
              (method url-fetch)
              (uri (string-append "https://github.com/cracklib/cracklib/"
                                  "releases/download/" name "-" version "/"
                                  name "-" version ".tar.gz"))
              (patches (search-patches "cracklib-CVE-2016-6318.patch"
                                       "cracklib-fix-buffer-overflow.patch"))
              (sha256
               (base32
                "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp"))))
    (build-system gnu-build-system)
    (synopsis "Password checking library")
    (home-page "https://github.com/cracklib/cracklib")
    (description
     "CrackLib is a library containing a C function which may be used in a
passwd like program.  The idea is simple: try to prevent users from choosing
passwords that could be guessed by crack by filtering them out, at source.")
    (license license:lgpl2.1)))

(define-public libpwquality
  (package
    (name "libpwquality")
    (version "1.3.0")
    (source (origin
              (method url-fetch)
              (uri (list
                    (string-append "https://fedorahosted.org/releases/l/i/"
                                   name "/" name "-" version ".tar.bz2")
                    (string-append "https://launchpad.net/libpwquality/trunk/"
                                   version "/+download/"
                                   name "-" version ".tar.bz2")))
              (sha256
               (base32
                "0aidriag6h0syfm33nzdfdsqgrnsgihwjv3a5lgkqch3w68fmlkl"))))
    (build-system gnu-build-system)
    (arguments
     ;; XXX: have RUNPATH issue.
     '(#:configure-flags '("--disable-python-bindings")))
    (inputs
     `(("cracklib" ,cracklib)))
    (synopsis "Password quality checker")
    (home-page "https://fedorahosted.org/libpwquality/")
    (description
     "Libpwquality is a library for password quality checking and generation of
random passwords that pass the checks.")
    (license license:gpl2+)))

(define-public assword
  (package
    (name "assword")
    (version "0.10")
    (source (origin
              (method url-fetch)
              (uri (list
                    (string-append
                     "http://http.debian.net/debian/pool/main/a/assword/"
                     "assword_" version ".orig.tar.gz")))
              (sha256
               (base32
                "0l6170y6my1gprqkazvzabgjkrkr9v2q7z48vjflna4r323yqira"))))
    (arguments
     `(;; irritatingly, tests do run but not there are two problems:
       ;;  - "import gtk" fails for unknown reasons here despite it the
       ;;    program working (indeed, I've found I have to do a logout and log
       ;;    back in in after an install order for some mumbo jumbo environment
       ;;    variable mess to work with pygtk and assword... what's up with
       ;;    that?)
       ;;  - even when the tests fail, they don't return a nonzero status,
       ;;    so I'm not sure how to programmatically get that information
       #:tests? #f
       #:phases
       (modify-phases %standard-phases
         (add-after 'install 'manpage
           (lambda* (#:key outputs #:allow-other-keys)
             (and
              ;; Without this substitution, it fails with
              ;; ImportError: No module named 'gpg'
              (substitute* "Makefile"
                (("PYTHONPATH=.") ""))
              (zero? (system* "make" "assword.1"))
              (install-file
               "assword.1"
               (string-append (assoc-ref outputs "out") "/share/man/man1"))))))))
    (build-system python-build-system)
    (native-inputs
     `(("txt2man" ,txt2man)))
    (inputs
     `(("python-xdo" ,python-xdo)
       ("python-gpg" ,python-gpg)
       ("python-pygobject" ,python-pygobject)))
    (propagated-inputs
     `(("xclip" ,xclip)))
    (home-page "https://finestructure.net/assword/")
    (synopsis "Password manager")
    (description "assword is a simple password manager using GPG-wrapped
JSON files.  It has a command line interface as well as a very simple
graphical interface, which can even \"type\" your passwords into
any X11 window.")
    (license license:gpl3+)))

(define-public password-store
  (package
    (name "password-store")
    (version "1.6.5")
    (source (origin
              (method url-fetch)
              (uri
               (string-append "https://git.zx2c4.com/password-store/snapshot/"
                              name "-" version ".tar.xz"))
              (sha256
               (base32
                "05bk3lrp5jwg0v338lvylp7glpliydzz4jf5pjr6k3kagrv3jyik"))))
    (build-system gnu-build-system)
    (arguments
     '(#:phases
       (modify-phases %standard-phases
         (delete 'configure)
         (delete 'build)
         (add-after 'install 'wrap-path
           (lambda* (#:key inputs outputs #:allow-other-keys)
             (let ((out (assoc-ref outputs "out"))
                   (path (map (lambda (pkg)
                                (string-append (assoc-ref inputs pkg) "/bin"))
                              '("coreutils" "getopt" "git" "gnupg" "pwgen"
                                "sed" "tree" "which" "xclip"))))
               (wrap-program (string-append out "/bin/pass")
                 `("PATH" ":" prefix (,(string-join path ":"))))
               #t)))
         (add-after 'wrap-path 'install-shell-completions
           (lambda* (#:key outputs #:allow-other-keys)
             (let* ((out      (assoc-ref outputs "out"))
                    (bashcomp (string-append out "/etc/bash_completion.d")))
               ;; TODO: install fish and zsh completions.
               (mkdir-p bashcomp)
               (copy-file "src/completion/pass.bash-completion"
                          (string-append bashcomp "/pass"))
               #t))))
       #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output))
       ;; Parallel tests may cause a race condition leading to a
       ;; timeout in some circumstances.
       #:parallel-tests? #f
       #:test-target "test"))
    (inputs
     `(("getopt" ,util-linux)
       ("git" ,git)
       ("gnupg" ,gnupg)
       ("pwgen" ,pwgen)
       ("sed" ,sed)
       ("tree" ,tree)
       ("which" ,which)
       ("xclip" ,xclip)))
    (home-page "http://www.passwordstore.org/")
    (synopsis "Encrypted password manager")
    (description "Password-store is a password manager which uses GnuPG to
store and retrieve passwords.  The tool stores each password in its own
GnuPG-encrypted file, allowing the program to be simple yet secure.
Synchronization is possible using the integrated git support, which commits
changes to your password database to a git repository that can be managed
through the pass command.")
    (license license:gpl2+)))

(define-public argon2
  (package
    (name "argon2")
    (version "20161029")
    (source
     (origin
       (method url-fetch)
       (uri
        (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/"
                       version ".tar.gz"))
       (file-name (string-append name "-" version ".tar.gz"))
       (sha256
        (base32
         "1rymikbysasdadm325jx69i0q19d9srqkny69jwmhswlidr4j07y"))))
    (build-system gnu-build-system)
    (arguments
     `(#:test-target "test"
       #:make-flags '("CC=gcc")
       #:phases
       (modify-phases %standard-phases
         (delete 'configure)
         (replace 'install
           (lambda _
             (let ((out (assoc-ref %outputs "out")))
               (install-file "argon2" (string-append out "/bin"))
               (install-file "libargon2.a" (string-append out "/lib"))
               (install-file "libargon2.so" (string-append out "/lib"))
               (copy-recursively "include"
                                 (string-append out "/include"))))))))
    (home-page "https://www.argon2.com/")
    (synopsis "Password hashing library")
    (description "Argon2 provides a key derivation function that was declared
winner of the 2015 Password Hashing Competition.")
    (license license:cc0)))

(define-public python-bcrypt
  (package
    (name "python-bcrypt")
    (version "3.1.0")
    (source
      (origin
        (method url-fetch)
        (uri (pypi-uri "bcrypt" version))
        (sha256
         (base32
          "1giy0dvd8gvq6flxh44np1v2nqwsji5qsnrz038mgwzgp7c20j75"))))
        (build-system python-build-system)
    (native-inputs
     `(("python-pycparser" ,python-pycparser)
       ("python-pytest" ,python-pytest)))
    (propagated-inputs
     `(("python-cffi" ,python-cffi)
       ("python-six" ,python-six)))
    (home-page "https://github.com/pyca/bcrypt/")
    (synopsis
     "Modern password hashing library")
    (description
     "Bcrypt is a Python module which provides a password hashing method based
on the Blowfish password hashing algorithm, as described in
@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
Password Scheme\"} by Niels Provos and David Mazieres.")
    (license license:asl2.0)))

(define-public python2-bcrypt
  (package-with-python2 python-bcrypt))
Commit	Line	Data
de63b20e SS	1	;;; GNU Guix --- Functional package management for GNU
de63b20e SS	2	;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com>
17d2e86d	3	;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
7e9b07bd	4	;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de>
3d4f9d5c	5	;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
c285a400 JT	6	;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se>
c285a400 JT	7	;;; Copyright © 2016 Andreas Enge <andreas@enge.fr>
6d32dd8c	8	;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org>
61201e46	9	;;; Copyright © 2016 Alex Griffin <a@ajgrf.com>
f339f277	10	;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
de63b20e SS	11	;;;
	12	;;; This file is part of GNU Guix.
	13	;;;
	14	;;; GNU Guix is free software; you can redistribute it and/or modify it
	15	;;; under the terms of the GNU General Public License as published by
	16	;;; the Free Software Foundation; either version 3 of the License, or (at
	17	;;; your option) any later version.
	18	;;;
	19	;;; GNU Guix is distributed in the hope that it will be useful, but
	20	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	21	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	;;; GNU General Public License for more details.
	23	;;;
	24	;;; You should have received a copy of the GNU General Public License
	25	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	26
	27	(define-module (gnu packages password-utils)
	28	#:use-module ((guix licenses) #:prefix license:)
e8647227	29	#:use-module (guix build-system cmake)
de63b20e SS	30	#:use-module (guix build-system gnu)
de63b20e SS	31	#:use-module (guix download)
e8647227	32	#:use-module (guix packages)
53dcbbec	33	#:use-module (gnu packages)
c285a400 JT	34	#:use-module (gnu packages admin)
c285a400 JT	35	#:use-module (gnu packages base)
e8647227	36	#:use-module (gnu packages compression)
f339f277	37	#:use-module (gnu packages glib)
e8647227	38	#:use-module (gnu packages gnupg)
dd24e906	39	#:use-module (gnu packages guile)
c285a400	40	#:use-module (gnu packages linux)
3d4f9d5c	41	#:use-module (gnu packages man)
7e9b07bd AP	42	#:use-module (gnu packages ncurses)
7e9b07bd AP	43	#:use-module (gnu packages pkg-config)
3d4f9d5c	44	#:use-module (gnu packages python)
7e9b07bd	45	#:use-module (gnu packages tls)
e8647227	46	#:use-module (gnu packages qt)
c285a400	47	#:use-module (gnu packages version-control)
dd24e906	48	#:use-module (gnu packages xdisorg)
3d4f9d5c CAW	49	#:use-module (gnu packages xorg)
3d4f9d5c CAW	50	#:use-module (guix build-system python))
de63b20e SS	51
	52	(define-public pwgen
	53	(package
	54	(name "pwgen")
	55	(version "2.07")
	56	(source
	57	(origin
	58	(method url-fetch)
de67e922 LF	59	(uri (string-append "mirror://sourceforge/pwgen/pwgen/" version
de67e922 LF	60	"/pwgen-" version ".tar.gz"))
de63b20e SS	61	(sha256
	62	(base32 "0mhmw700kkh238fzivcwnwi94bj9f3h36yfh3k3j2v19b0zmjx7b"))))
	63	(build-system gnu-build-system)
	64	(arguments
	65	`(#:tests? #f)) ; no test suite
	66	(home-page "http://pwgen.sourceforge.net/")
	67	(synopsis "Password generator")
	68	(description "Pwgen generates passwords which can be easily memorized by a
	69	human.")
	70	(license license:gpl2)))
e8647227 EF	71
	72	(define-public keepassx
	73	(package
	74	(name "keepassx")
a00fbe8a	75	(version "2.0.3")
e8647227 EF	76	(source
	77	(origin
	78	(method url-fetch)
e5be0e01 EF	79	(uri (string-append "https://www.keepassx.org/releases/" version
e5be0e01 EF	80	"/keepassx-" version ".tar.gz"))
e8647227	81	(sha256
2c5e4976	82	(base32
a00fbe8a	83	"1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3"))))
e8647227 EF	84	(build-system cmake-build-system)
	85	(inputs
	86	`(("libgcrypt" ,libgcrypt)
a00fbe8a	87	("libxi" ,libxi)
e8647227 EF	88	("libxtst" ,libxtst)
	89	("qt" ,qt-4)))
	90	(native-inputs
	91	`(("zlib" ,zlib)))
	92	(home-page "https://www.keepassx.org")
	93	(synopsis "Password manager")
	94	(description "KeePassX is a password manager or safe which helps you to
	95	manage your passwords in a secure way. You can put all your passwords in one
	96	database, which is locked with one master key or a key-file which can be stored
	97	on an external storage device. The databases are encrypted using the
	98	algorithms AES or Twofish.")
	99	;; Non functional parts use various licences.
	100	(license license:gpl3)))
dd24e906 DT	101
	102	(define-public shroud
	103	(package
	104	(name "shroud")
b4aa6d3d	105	(version "0.1.1")
dd24e906 DT	106	(source (origin
	107	(method url-fetch)
	108	(uri (string-append "http://files.dthompson.us/shroud/shroud-"
	109	version ".tar.gz"))
	110	(sha256
	111	(base32
b4aa6d3d	112	"1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr"))))
dd24e906	113	(build-system gnu-build-system)
df0e8a23 SB	114	(arguments
	115	'(#:phases
	116	(modify-phases %standard-phases
	117	(add-after 'install 'wrap-shroud
	118	(lambda* (#:key outputs #:allow-other-keys)
	119	(let* ((out (assoc-ref outputs "out"))
	120	(ccachedir (string-append out "/lib/guile/2.0/ccache"))
	121	(prog (string-append out "/bin/shroud")))
	122	(wrap-program prog
	123	`("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir)))
	124	#t))))))
dd24e906 DT	125	(inputs
	126	`(("guile" ,guile-2.0)
	127	("gnupg" ,gnupg)
	128	("xclip" ,xclip)))
	129	(synopsis "GnuPG-based secret manager")
	130	(description "Shroud is a simple secret manager with a command line
	131	interface. The password database is stored as a Scheme s-expression and
	132	encrypted with a GnuPG key. Secrets consist of an arbitrary number of
	133	key/value pairs, making Shroud suitable for more than just password storage.
	134	For copying and pasting secrets into web browsers and other graphical
	135	applications, there is xclip integration." )
	136	(home-page "http://dthompson.us/pages/software/shroud.html")
	137	(license license:gpl3+)))
7e9b07bd AP	138
	139	(define-public yapet
	140	(package
	141	(name "yapet")
	142	(version "1.0")
	143	(source (origin
	144	(method url-fetch)
	145	(uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-"
	146	version
	147	".tar.bz2"))
	148	(sha256
	149	(base32
	150	"0ydbnqw6icdh07pnv2w6dhvq501bdfvrklv4xmyr8znca9d753if"))))
	151	(build-system gnu-build-system)
	152	(inputs
	153	`(("ncurses" ,ncurses)
	154	("openssl" ,openssl)))
	155	(native-inputs
	156	`(("pkg-config" ,pkg-config)))
	157	(synopsis "Yet Another Password Encryption Tool")
	158	(description "YAPET is a text based password manager using the Blowfish
	159	encryption algorithm. Because of its small footprint and very few library
	160	dependencies, it is suited for installing on desktop and server systems alike.
	161	The text based user interface allows you to run YAPET easily in a Secure Shell
	162	session. Two companion utilities enable users to convert CSV files to YAPET
	163	and vice versa.")
	164	(home-page "http://www.guengel.ch/myapps/yapet/")
	165	(license license:gpl3+)))
72029c8b SB	166
	167	(define-public cracklib
	168	(package
	169	(name "cracklib")
	170	(version "2.9.6")
	171	(source (origin
	172	(method url-fetch)
	173	(uri (string-append "https://github.com/cracklib/cracklib/"
	174	"releases/download/" name "-" version "/"
	175	name "-" version ".tar.gz"))
b0a56764 LF	176	(patches (search-patches "cracklib-CVE-2016-6318.patch"
b0a56764 LF	177	"cracklib-fix-buffer-overflow.patch"))
72029c8b SB	178	(sha256
	179	(base32
	180	"0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp"))))
	181	(build-system gnu-build-system)
	182	(synopsis "Password checking library")
	183	(home-page "https://github.com/cracklib/cracklib")
	184	(description
	185	"CrackLib is a library containing a C function which may be used in a
	186	passwd like program. The idea is simple: try to prevent users from choosing
	187	passwords that could be guessed by crack by filtering them out, at source.")
	188	(license license:lgpl2.1)))
c2fb2076 SB	189
	190	(define-public libpwquality
	191	(package
	192	(name "libpwquality")
	193	(version "1.3.0")
	194	(source (origin
	195	(method url-fetch)
	196	(uri (list
	197	(string-append "https://fedorahosted.org/releases/l/i/"
	198	name "/" name "-" version ".tar.bz2")
	199	(string-append "https://launchpad.net/libpwquality/trunk/"
	200	version "/+download/"
	201	name "-" version ".tar.bz2")))
	202	(sha256
	203	(base32
	204	"0aidriag6h0syfm33nzdfdsqgrnsgihwjv3a5lgkqch3w68fmlkl"))))
	205	(build-system gnu-build-system)
	206	(arguments
	207	;; XXX: have RUNPATH issue.
	208	'(#:configure-flags '("--disable-python-bindings")))
	209	(inputs
	210	`(("cracklib" ,cracklib)))
	211	(synopsis "Password quality checker")
	212	(home-page "https://fedorahosted.org/libpwquality/")
	213	(description
	214	"Libpwquality is a library for password quality checking and generation of
	215	random passwords that pass the checks.")
	216	(license license:gpl2+)))
3d4f9d5c CAW	217
	218	(define-public assword
	219	(package
	220	(name "assword")
f339f277	221	(version "0.10")
3d4f9d5c CAW	222	(source (origin
	223	(method url-fetch)
	224	(uri (list
	225	(string-append
	226	"http://http.debian.net/debian/pool/main/a/assword/"
	227	"assword_" version ".orig.tar.gz")))
	228	(sha256
	229	(base32
f339f277	230	"0l6170y6my1gprqkazvzabgjkrkr9v2q7z48vjflna4r323yqira"))))
3d4f9d5c	231	(arguments
f339f277	232	`(;; irritatingly, tests do run but not there are two problems:
3d4f9d5c CAW	233	;; - "import gtk" fails for unknown reasons here despite it the
	234	;; program working (indeed, I've found I have to do a logout and log
	235	;; back in in after an install order for some mumbo jumbo environment
	236	;; variable mess to work with pygtk and assword... what's up with
	237	;; that?)
	238	;; - even when the tests fail, they don't return a nonzero status,
	239	;; so I'm not sure how to programmatically get that information
	240	#:tests? #f
	241	#:phases
	242	(modify-phases %standard-phases
	243	(add-after 'install 'manpage
	244	(lambda* (#:key outputs #:allow-other-keys)
	245	(and
f339f277 LF	246	;; Without this substitution, it fails with
	247	;; ImportError: No module named 'gpg'
	248	(substitute* "Makefile"
	249	(("PYTHONPATH=.") ""))
3d4f9d5c CAW	250	(zero? (system* "make" "assword.1"))
	251	(install-file
	252	"assword.1"
	253	(string-append (assoc-ref outputs "out") "/share/man/man1"))))))))
	254	(build-system python-build-system)
	255	(native-inputs
f339f277	256	`(("txt2man" ,txt2man)))
3d4f9d5c	257	(inputs
f339f277 LF	258	`(("python-xdo" ,python-xdo)
	259	("python-gpg" ,python-gpg)
	260	("python-pygobject" ,python-pygobject)))
3d4f9d5c CAW	261	(propagated-inputs
	262	`(("xclip" ,xclip)))
	263	(home-page "https://finestructure.net/assword/")
	264	(synopsis "Password manager")
	265	(description "assword is a simple password manager using GPG-wrapped
	266	JSON files. It has a command line interface as well as a very simple
	267	graphical interface, which can even \"type\" your passwords into
	268	any X11 window.")
	269	(license license:gpl3+)))
c285a400 JT	270
	271	(define-public password-store
	272	(package
	273	(name "password-store")
	274	(version "1.6.5")
	275	(source (origin
	276	(method url-fetch)
	277	(uri
	278	(string-append "https://git.zx2c4.com/password-store/snapshot/"
	279	name "-" version ".tar.xz"))
	280	(sha256
	281	(base32
	282	"05bk3lrp5jwg0v338lvylp7glpliydzz4jf5pjr6k3kagrv3jyik"))))
	283	(build-system gnu-build-system)
	284	(arguments
	285	'(#:phases
	286	(modify-phases %standard-phases
	287	(delete 'configure)
619f98fa	288	(delete 'build)
61201e46 AG	289	(add-after 'install 'wrap-path
	290	(lambda* (#:key inputs outputs #:allow-other-keys)
	291	(let ((out (assoc-ref outputs "out"))
	292	(path (map (lambda (pkg)
	293	(string-append (assoc-ref inputs pkg) "/bin"))
	294	'("coreutils" "getopt" "git" "gnupg" "pwgen"
	295	"sed" "tree" "which" "xclip"))))
	296	(wrap-program (string-append out "/bin/pass")
718c1278 MB	297	`("PATH" ":" prefix (,(string-join path ":"))))
	298	#t)))
	299	(add-after 'wrap-path 'install-shell-completions
	300	(lambda* (#:key outputs #:allow-other-keys)
	301	(let* ((out (assoc-ref outputs "out"))
	302	(bashcomp (string-append out "/etc/bash_completion.d")))
	303	;; TODO: install fish and zsh completions.
	304	(mkdir-p bashcomp)
	305	(copy-file "src/completion/pass.bash-completion"
	306	(string-append bashcomp "/pass"))
	307	#t))))
c285a400	308	#:make-flags (list "CC=gcc" (string-append "PREFIX=" %output))
a77f0360 CB	309	;; Parallel tests may cause a race condition leading to a
	310	;; timeout in some circumstances.
	311	#:parallel-tests? #f
c285a400	312	#:test-target "test"))
61201e46 AG	313	(inputs
	314	`(("getopt" ,util-linux)
	315	("git" ,git)
	316	("gnupg" ,gnupg)
	317	("pwgen" ,pwgen)
	318	("sed" ,sed)
	319	("tree" ,tree)
	320	("which" ,which)
	321	("xclip" ,xclip)))
c285a400 JT	322	(home-page "http://www.passwordstore.org/")
	323	(synopsis "Encrypted password manager")
	324	(description "Password-store is a password manager which uses GnuPG to
	325	store and retrieve passwords. The tool stores each password in its own
	326	GnuPG-encrypted file, allowing the program to be simple yet secure.
	327	Synchronization is possible using the integrated git support, which commits
	328	changes to your password database to a git repository that can be managed
	329	through the pass command.")
	330	(license license:gpl2+)))
6d32dd8c LG	331
	332	(define-public argon2
	333	(package
	334	(name "argon2")
1feeb2e0	335	(version "20161029")
6d32dd8c LG	336	(source
	337	(origin
	338	(method url-fetch)
	339	(uri
1feeb2e0 TGR	340	(string-append "https://github.com/P-H-C/phc-winner-argon2/archive/"
1feeb2e0 TGR	341	version ".tar.gz"))
6d32dd8c LG	342	(file-name (string-append name "-" version ".tar.gz"))
	343	(sha256
	344	(base32
1feeb2e0	345	"1rymikbysasdadm325jx69i0q19d9srqkny69jwmhswlidr4j07y"))))
6d32dd8c LG	346	(build-system gnu-build-system)
	347	(arguments
	348	`(#:test-target "test"
	349	#:make-flags '("CC=gcc")
	350	#:phases
	351	(modify-phases %standard-phases
	352	(delete 'configure)
	353	(replace 'install
	354	(lambda _
	355	(let ((out (assoc-ref %outputs "out")))
	356	(install-file "argon2" (string-append out "/bin"))
	357	(install-file "libargon2.a" (string-append out "/lib"))
	358	(install-file "libargon2.so" (string-append out "/lib"))
	359	(copy-recursively "include"
	360	(string-append out "/include"))))))))
	361	(home-page "https://www.argon2.com/")
	362	(synopsis "Password hashing library")
	363	(description "Argon2 provides a key derivation function that was declared
	364	winner of the 2015 Password Hashing Competition.")
	365	(license license:cc0)))
153e58c5 EF	366
	367	(define-public python-bcrypt
	368	(package
	369	(name "python-bcrypt")
	370	(version "3.1.0")
	371	(source
	372	(origin
	373	(method url-fetch)
	374	(uri (pypi-uri "bcrypt" version))
	375	(sha256
	376	(base32
	377	"1giy0dvd8gvq6flxh44np1v2nqwsji5qsnrz038mgwzgp7c20j75"))))
	378	(build-system python-build-system)
	379	(native-inputs
	380	`(("python-pycparser" ,python-pycparser)
	381	("python-pytest" ,python-pytest)))
f22efa01	382	(propagated-inputs
153e58c5 EF	383	`(("python-cffi" ,python-cffi)
	384	("python-six" ,python-six)))
	385	(home-page "https://github.com/pyca/bcrypt/")
	386	(synopsis
	387	"Modern password hashing library")
	388	(description
	389	"Bcrypt is a Python module which provides a password hashing method based
	390	on the Blowfish password hashing algorithm, as described in
	391	@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
	392	Password Scheme\"} by Niels Provos and David Mazieres.")
	393	(license license:asl2.0)))
	394
	395	(define-public python2-bcrypt
5c31f4aa	396	(package-with-python2 python-bcrypt))