Commit | Line | Data |
---|---|---|
de63b20e SS |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2015 Steve Sprang <scs@stevesprang.com> | |
17d2e86d | 3 | ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il> |
7e9b07bd | 4 | ;;; Copyright © 2015 Aljosha Papsch <misc@rpapsch.de> |
3d4f9d5c | 5 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
c285a400 JT |
6 | ;;; Copyright © 2016 Jessica Tallon <tsyesika@tsyesika.se> |
7 | ;;; Copyright © 2016 Andreas Enge <andreas@enge.fr> | |
6d32dd8c | 8 | ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox.org> |
61201e46 | 9 | ;;; Copyright © 2016 Alex Griffin <a@ajgrf.com> |
f339f277 | 10 | ;;; Copyright © 2017 Leo Famulari <leo@famulari.name> |
de63b20e SS |
11 | ;;; |
12 | ;;; This file is part of GNU Guix. | |
13 | ;;; | |
14 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
15 | ;;; under the terms of the GNU General Public License as published by | |
16 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
17 | ;;; your option) any later version. | |
18 | ;;; | |
19 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
20 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | ;;; GNU General Public License for more details. | |
23 | ;;; | |
24 | ;;; You should have received a copy of the GNU General Public License | |
25 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
26 | ||
27 | (define-module (gnu packages password-utils) | |
28 | #:use-module ((guix licenses) #:prefix license:) | |
e8647227 | 29 | #:use-module (guix build-system cmake) |
de63b20e SS |
30 | #:use-module (guix build-system gnu) |
31 | #:use-module (guix download) | |
e8647227 | 32 | #:use-module (guix packages) |
53dcbbec | 33 | #:use-module (gnu packages) |
c285a400 JT |
34 | #:use-module (gnu packages admin) |
35 | #:use-module (gnu packages base) | |
e8647227 | 36 | #:use-module (gnu packages compression) |
f339f277 | 37 | #:use-module (gnu packages glib) |
e8647227 | 38 | #:use-module (gnu packages gnupg) |
dd24e906 | 39 | #:use-module (gnu packages guile) |
c285a400 | 40 | #:use-module (gnu packages linux) |
3d4f9d5c | 41 | #:use-module (gnu packages man) |
7e9b07bd AP |
42 | #:use-module (gnu packages ncurses) |
43 | #:use-module (gnu packages pkg-config) | |
3d4f9d5c | 44 | #:use-module (gnu packages python) |
7e9b07bd | 45 | #:use-module (gnu packages tls) |
e8647227 | 46 | #:use-module (gnu packages qt) |
c285a400 | 47 | #:use-module (gnu packages version-control) |
dd24e906 | 48 | #:use-module (gnu packages xdisorg) |
3d4f9d5c CAW |
49 | #:use-module (gnu packages xorg) |
50 | #:use-module (guix build-system python)) | |
de63b20e SS |
51 | |
52 | (define-public pwgen | |
53 | (package | |
54 | (name "pwgen") | |
55 | (version "2.07") | |
56 | (source | |
57 | (origin | |
58 | (method url-fetch) | |
de67e922 LF |
59 | (uri (string-append "mirror://sourceforge/pwgen/pwgen/" version |
60 | "/pwgen-" version ".tar.gz")) | |
de63b20e SS |
61 | (sha256 |
62 | (base32 "0mhmw700kkh238fzivcwnwi94bj9f3h36yfh3k3j2v19b0zmjx7b")))) | |
63 | (build-system gnu-build-system) | |
64 | (arguments | |
65 | `(#:tests? #f)) ; no test suite | |
66 | (home-page "http://pwgen.sourceforge.net/") | |
67 | (synopsis "Password generator") | |
68 | (description "Pwgen generates passwords which can be easily memorized by a | |
69 | human.") | |
70 | (license license:gpl2))) | |
e8647227 EF |
71 | |
72 | (define-public keepassx | |
73 | (package | |
74 | (name "keepassx") | |
a00fbe8a | 75 | (version "2.0.3") |
e8647227 EF |
76 | (source |
77 | (origin | |
78 | (method url-fetch) | |
e5be0e01 EF |
79 | (uri (string-append "https://www.keepassx.org/releases/" version |
80 | "/keepassx-" version ".tar.gz")) | |
e8647227 | 81 | (sha256 |
2c5e4976 | 82 | (base32 |
a00fbe8a | 83 | "1ia7cqx9ias38mnffsl7da7g1f66bcbjsi23k49sln0c6spb9zr3")))) |
e8647227 EF |
84 | (build-system cmake-build-system) |
85 | (inputs | |
86 | `(("libgcrypt" ,libgcrypt) | |
a00fbe8a | 87 | ("libxi" ,libxi) |
e8647227 EF |
88 | ("libxtst" ,libxtst) |
89 | ("qt" ,qt-4))) | |
90 | (native-inputs | |
91 | `(("zlib" ,zlib))) | |
92 | (home-page "https://www.keepassx.org") | |
93 | (synopsis "Password manager") | |
94 | (description "KeePassX is a password manager or safe which helps you to | |
95 | manage your passwords in a secure way. You can put all your passwords in one | |
96 | database, which is locked with one master key or a key-file which can be stored | |
97 | on an external storage device. The databases are encrypted using the | |
98 | algorithms AES or Twofish.") | |
99 | ;; Non functional parts use various licences. | |
100 | (license license:gpl3))) | |
dd24e906 DT |
101 | |
102 | (define-public shroud | |
103 | (package | |
104 | (name "shroud") | |
b4aa6d3d | 105 | (version "0.1.1") |
dd24e906 DT |
106 | (source (origin |
107 | (method url-fetch) | |
108 | (uri (string-append "http://files.dthompson.us/shroud/shroud-" | |
109 | version ".tar.gz")) | |
110 | (sha256 | |
111 | (base32 | |
b4aa6d3d | 112 | "1y43yhgy2zbrk5bqj3qyx9rkcz2bma9sinlrg7dip3jqms9gq4lr")))) |
dd24e906 | 113 | (build-system gnu-build-system) |
df0e8a23 SB |
114 | (arguments |
115 | '(#:phases | |
116 | (modify-phases %standard-phases | |
117 | (add-after 'install 'wrap-shroud | |
118 | (lambda* (#:key outputs #:allow-other-keys) | |
119 | (let* ((out (assoc-ref outputs "out")) | |
120 | (ccachedir (string-append out "/lib/guile/2.0/ccache")) | |
121 | (prog (string-append out "/bin/shroud"))) | |
122 | (wrap-program prog | |
123 | `("GUILE_LOAD_COMPILED_PATH" ":" prefix (,ccachedir))) | |
124 | #t)))))) | |
dd24e906 DT |
125 | (inputs |
126 | `(("guile" ,guile-2.0) | |
127 | ("gnupg" ,gnupg) | |
128 | ("xclip" ,xclip))) | |
129 | (synopsis "GnuPG-based secret manager") | |
130 | (description "Shroud is a simple secret manager with a command line | |
131 | interface. The password database is stored as a Scheme s-expression and | |
132 | encrypted with a GnuPG key. Secrets consist of an arbitrary number of | |
133 | key/value pairs, making Shroud suitable for more than just password storage. | |
134 | For copying and pasting secrets into web browsers and other graphical | |
135 | applications, there is xclip integration." ) | |
136 | (home-page "http://dthompson.us/pages/software/shroud.html") | |
137 | (license license:gpl3+))) | |
7e9b07bd AP |
138 | |
139 | (define-public yapet | |
140 | (package | |
141 | (name "yapet") | |
142 | (version "1.0") | |
143 | (source (origin | |
144 | (method url-fetch) | |
145 | (uri (string-append "http://www.guengel.ch/myapps/yapet/downloads/yapet-" | |
146 | version | |
147 | ".tar.bz2")) | |
148 | (sha256 | |
149 | (base32 | |
150 | "0ydbnqw6icdh07pnv2w6dhvq501bdfvrklv4xmyr8znca9d753if")))) | |
151 | (build-system gnu-build-system) | |
152 | (inputs | |
153 | `(("ncurses" ,ncurses) | |
154 | ("openssl" ,openssl))) | |
155 | (native-inputs | |
156 | `(("pkg-config" ,pkg-config))) | |
157 | (synopsis "Yet Another Password Encryption Tool") | |
158 | (description "YAPET is a text based password manager using the Blowfish | |
159 | encryption algorithm. Because of its small footprint and very few library | |
160 | dependencies, it is suited for installing on desktop and server systems alike. | |
161 | The text based user interface allows you to run YAPET easily in a Secure Shell | |
162 | session. Two companion utilities enable users to convert CSV files to YAPET | |
163 | and vice versa.") | |
164 | (home-page "http://www.guengel.ch/myapps/yapet/") | |
165 | (license license:gpl3+))) | |
72029c8b SB |
166 | |
167 | (define-public cracklib | |
168 | (package | |
169 | (name "cracklib") | |
170 | (version "2.9.6") | |
171 | (source (origin | |
172 | (method url-fetch) | |
173 | (uri (string-append "https://github.com/cracklib/cracklib/" | |
174 | "releases/download/" name "-" version "/" | |
175 | name "-" version ".tar.gz")) | |
b0a56764 LF |
176 | (patches (search-patches "cracklib-CVE-2016-6318.patch" |
177 | "cracklib-fix-buffer-overflow.patch")) | |
72029c8b SB |
178 | (sha256 |
179 | (base32 | |
180 | "0hrkb0prf7n92w6rxgq0ilzkk6rkhpys2cfqkrbzswp27na7dkqp")))) | |
181 | (build-system gnu-build-system) | |
182 | (synopsis "Password checking library") | |
183 | (home-page "https://github.com/cracklib/cracklib") | |
184 | (description | |
185 | "CrackLib is a library containing a C function which may be used in a | |
186 | passwd like program. The idea is simple: try to prevent users from choosing | |
187 | passwords that could be guessed by crack by filtering them out, at source.") | |
188 | (license license:lgpl2.1))) | |
c2fb2076 SB |
189 | |
190 | (define-public libpwquality | |
191 | (package | |
192 | (name "libpwquality") | |
193 | (version "1.3.0") | |
194 | (source (origin | |
195 | (method url-fetch) | |
196 | (uri (list | |
197 | (string-append "https://fedorahosted.org/releases/l/i/" | |
198 | name "/" name "-" version ".tar.bz2") | |
199 | (string-append "https://launchpad.net/libpwquality/trunk/" | |
200 | version "/+download/" | |
201 | name "-" version ".tar.bz2"))) | |
202 | (sha256 | |
203 | (base32 | |
204 | "0aidriag6h0syfm33nzdfdsqgrnsgihwjv3a5lgkqch3w68fmlkl")))) | |
205 | (build-system gnu-build-system) | |
206 | (arguments | |
207 | ;; XXX: have RUNPATH issue. | |
208 | '(#:configure-flags '("--disable-python-bindings"))) | |
209 | (inputs | |
210 | `(("cracklib" ,cracklib))) | |
211 | (synopsis "Password quality checker") | |
212 | (home-page "https://fedorahosted.org/libpwquality/") | |
213 | (description | |
214 | "Libpwquality is a library for password quality checking and generation of | |
215 | random passwords that pass the checks.") | |
216 | (license license:gpl2+))) | |
3d4f9d5c CAW |
217 | |
218 | (define-public assword | |
219 | (package | |
220 | (name "assword") | |
f339f277 | 221 | (version "0.10") |
3d4f9d5c CAW |
222 | (source (origin |
223 | (method url-fetch) | |
224 | (uri (list | |
225 | (string-append | |
226 | "http://http.debian.net/debian/pool/main/a/assword/" | |
227 | "assword_" version ".orig.tar.gz"))) | |
228 | (sha256 | |
229 | (base32 | |
f339f277 | 230 | "0l6170y6my1gprqkazvzabgjkrkr9v2q7z48vjflna4r323yqira")))) |
3d4f9d5c | 231 | (arguments |
f339f277 | 232 | `(;; irritatingly, tests do run but not there are two problems: |
3d4f9d5c CAW |
233 | ;; - "import gtk" fails for unknown reasons here despite it the |
234 | ;; program working (indeed, I've found I have to do a logout and log | |
235 | ;; back in in after an install order for some mumbo jumbo environment | |
236 | ;; variable mess to work with pygtk and assword... what's up with | |
237 | ;; that?) | |
238 | ;; - even when the tests fail, they don't return a nonzero status, | |
239 | ;; so I'm not sure how to programmatically get that information | |
240 | #:tests? #f | |
241 | #:phases | |
242 | (modify-phases %standard-phases | |
243 | (add-after 'install 'manpage | |
244 | (lambda* (#:key outputs #:allow-other-keys) | |
245 | (and | |
f339f277 LF |
246 | ;; Without this substitution, it fails with |
247 | ;; ImportError: No module named 'gpg' | |
248 | (substitute* "Makefile" | |
249 | (("PYTHONPATH=.") "")) | |
3d4f9d5c CAW |
250 | (zero? (system* "make" "assword.1")) |
251 | (install-file | |
252 | "assword.1" | |
253 | (string-append (assoc-ref outputs "out") "/share/man/man1")))))))) | |
254 | (build-system python-build-system) | |
255 | (native-inputs | |
f339f277 | 256 | `(("txt2man" ,txt2man))) |
3d4f9d5c | 257 | (inputs |
f339f277 LF |
258 | `(("python-xdo" ,python-xdo) |
259 | ("python-gpg" ,python-gpg) | |
260 | ("python-pygobject" ,python-pygobject))) | |
3d4f9d5c CAW |
261 | (propagated-inputs |
262 | `(("xclip" ,xclip))) | |
263 | (home-page "https://finestructure.net/assword/") | |
264 | (synopsis "Password manager") | |
265 | (description "assword is a simple password manager using GPG-wrapped | |
266 | JSON files. It has a command line interface as well as a very simple | |
267 | graphical interface, which can even \"type\" your passwords into | |
268 | any X11 window.") | |
269 | (license license:gpl3+))) | |
c285a400 JT |
270 | |
271 | (define-public password-store | |
272 | (package | |
273 | (name "password-store") | |
274 | (version "1.6.5") | |
275 | (source (origin | |
276 | (method url-fetch) | |
277 | (uri | |
278 | (string-append "https://git.zx2c4.com/password-store/snapshot/" | |
279 | name "-" version ".tar.xz")) | |
280 | (sha256 | |
281 | (base32 | |
282 | "05bk3lrp5jwg0v338lvylp7glpliydzz4jf5pjr6k3kagrv3jyik")))) | |
283 | (build-system gnu-build-system) | |
284 | (arguments | |
285 | '(#:phases | |
286 | (modify-phases %standard-phases | |
287 | (delete 'configure) | |
619f98fa | 288 | (delete 'build) |
61201e46 AG |
289 | (add-after 'install 'wrap-path |
290 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
291 | (let ((out (assoc-ref outputs "out")) | |
292 | (path (map (lambda (pkg) | |
293 | (string-append (assoc-ref inputs pkg) "/bin")) | |
294 | '("coreutils" "getopt" "git" "gnupg" "pwgen" | |
295 | "sed" "tree" "which" "xclip")))) | |
296 | (wrap-program (string-append out "/bin/pass") | |
718c1278 MB |
297 | `("PATH" ":" prefix (,(string-join path ":")))) |
298 | #t))) | |
299 | (add-after 'wrap-path 'install-shell-completions | |
300 | (lambda* (#:key outputs #:allow-other-keys) | |
301 | (let* ((out (assoc-ref outputs "out")) | |
302 | (bashcomp (string-append out "/etc/bash_completion.d"))) | |
303 | ;; TODO: install fish and zsh completions. | |
304 | (mkdir-p bashcomp) | |
305 | (copy-file "src/completion/pass.bash-completion" | |
306 | (string-append bashcomp "/pass")) | |
307 | #t)))) | |
c285a400 | 308 | #:make-flags (list "CC=gcc" (string-append "PREFIX=" %output)) |
a77f0360 CB |
309 | ;; Parallel tests may cause a race condition leading to a |
310 | ;; timeout in some circumstances. | |
311 | #:parallel-tests? #f | |
c285a400 | 312 | #:test-target "test")) |
61201e46 AG |
313 | (inputs |
314 | `(("getopt" ,util-linux) | |
315 | ("git" ,git) | |
316 | ("gnupg" ,gnupg) | |
317 | ("pwgen" ,pwgen) | |
318 | ("sed" ,sed) | |
319 | ("tree" ,tree) | |
320 | ("which" ,which) | |
321 | ("xclip" ,xclip))) | |
c285a400 JT |
322 | (home-page "http://www.passwordstore.org/") |
323 | (synopsis "Encrypted password manager") | |
324 | (description "Password-store is a password manager which uses GnuPG to | |
325 | store and retrieve passwords. The tool stores each password in its own | |
326 | GnuPG-encrypted file, allowing the program to be simple yet secure. | |
327 | Synchronization is possible using the integrated git support, which commits | |
328 | changes to your password database to a git repository that can be managed | |
329 | through the pass command.") | |
330 | (license license:gpl2+))) | |
6d32dd8c LG |
331 | |
332 | (define-public argon2 | |
333 | (package | |
334 | (name "argon2") | |
1feeb2e0 | 335 | (version "20161029") |
6d32dd8c LG |
336 | (source |
337 | (origin | |
338 | (method url-fetch) | |
339 | (uri | |
1feeb2e0 TGR |
340 | (string-append "https://github.com/P-H-C/phc-winner-argon2/archive/" |
341 | version ".tar.gz")) | |
6d32dd8c LG |
342 | (file-name (string-append name "-" version ".tar.gz")) |
343 | (sha256 | |
344 | (base32 | |
1feeb2e0 | 345 | "1rymikbysasdadm325jx69i0q19d9srqkny69jwmhswlidr4j07y")))) |
6d32dd8c LG |
346 | (build-system gnu-build-system) |
347 | (arguments | |
348 | `(#:test-target "test" | |
349 | #:make-flags '("CC=gcc") | |
350 | #:phases | |
351 | (modify-phases %standard-phases | |
352 | (delete 'configure) | |
353 | (replace 'install | |
354 | (lambda _ | |
355 | (let ((out (assoc-ref %outputs "out"))) | |
356 | (install-file "argon2" (string-append out "/bin")) | |
357 | (install-file "libargon2.a" (string-append out "/lib")) | |
358 | (install-file "libargon2.so" (string-append out "/lib")) | |
359 | (copy-recursively "include" | |
360 | (string-append out "/include")))))))) | |
361 | (home-page "https://www.argon2.com/") | |
362 | (synopsis "Password hashing library") | |
363 | (description "Argon2 provides a key derivation function that was declared | |
364 | winner of the 2015 Password Hashing Competition.") | |
365 | (license license:cc0))) | |
153e58c5 EF |
366 | |
367 | (define-public python-bcrypt | |
368 | (package | |
369 | (name "python-bcrypt") | |
370 | (version "3.1.0") | |
371 | (source | |
372 | (origin | |
373 | (method url-fetch) | |
374 | (uri (pypi-uri "bcrypt" version)) | |
375 | (sha256 | |
376 | (base32 | |
377 | "1giy0dvd8gvq6flxh44np1v2nqwsji5qsnrz038mgwzgp7c20j75")))) | |
378 | (build-system python-build-system) | |
379 | (native-inputs | |
380 | `(("python-pycparser" ,python-pycparser) | |
381 | ("python-pytest" ,python-pytest))) | |
f22efa01 | 382 | (propagated-inputs |
153e58c5 EF |
383 | `(("python-cffi" ,python-cffi) |
384 | ("python-six" ,python-six))) | |
385 | (home-page "https://github.com/pyca/bcrypt/") | |
386 | (synopsis | |
387 | "Modern password hashing library") | |
388 | (description | |
389 | "Bcrypt is a Python module which provides a password hashing method based | |
390 | on the Blowfish password hashing algorithm, as described in | |
391 | @url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable | |
392 | Password Scheme\"} by Niels Provos and David Mazieres.") | |
393 | (license license:asl2.0))) | |
394 | ||
395 | (define-public python2-bcrypt | |
5c31f4aa | 396 | (package-with-python2 python-bcrypt)) |