[jackhill/guix/guix.git] / gnu / packages / security-token.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages security-token)
  #:use-module (gnu packages)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix packages)
  #:use-module (guix download)
  #:use-module (guix git-download)
  #:use-module (guix build-system gnu)
  #:use-module (guix build-system glib-or-gtk)
  #:use-module (gnu packages autotools)
  #:use-module (gnu packages curl)
  #:use-module (gnu packages check)
  #:use-module (gnu packages docbook)
  #:use-module (gnu packages documentation)
  #:use-module (gnu packages gettext)
  #:use-module (gnu packages graphviz)
  #:use-module (gnu packages gtk)
  #:use-module (gnu packages libusb)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages man)
  #:use-module (gnu packages networking)
  #:use-module (gnu packages cyrus-sasl)
  #:use-module (gnu packages popt)
  #:use-module (gnu packages readline)
  #:use-module (gnu packages tls)
  #:use-module (gnu packages tex)
  #:use-module (gnu packages perl)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages xml))

(define-public ccid
  (package
    (name "ccid")
    (version "1.4.30")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://ccid.apdu.fr/files/"
                    name "-" version ".tar.bz2"))
              (sha256
               (base32
                "0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc"))))
    (build-system gnu-build-system)
    (arguments
     `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
                                              "/pcsc/drivers"))
       #:phases
       (modify-phases %standard-phases
         (add-after 'unpack 'patch-Makefile
           (lambda _
             (substitute* "src/Makefile.in"
               (("/bin/echo") (which "echo")))
             #t)))))
    (native-inputs
     `(("pcsc-lite" ,pcsc-lite)         ; only required for headers
       ("perl" ,perl)
       ("pkg-config" ,pkg-config)))
    (inputs
     `(("libusb" ,libusb)))
    (home-page "https://ccid.apdu.fr/")
    (synopsis "PC/SC driver for USB smart card devices")
    (description
     "This package provides a PC/SC IFD handler implementation for devices
compliant with the CCID and ICCD protocols.  It supports a wide range of
readers and is needed to communicate with such devices through the
@command{pcscd} resource manager.")
    (license license:lgpl2.1+)))

(define-public eid-mw
  (package
    (name "eid-mw")
    (version "4.4.3")
    (source
     (origin
       (method git-fetch)
       (uri (git-reference
             (url "https://github.com/Fedict/eid-mw")
             (commit (string-append "v" version))))
       (sha256
        (base32 "1h90iz4l85drchpkmhlsvg7f9abhw6890fdr9x5n5ir3kxikwcdm"))))
    (build-system glib-or-gtk-build-system)
    (native-inputs
     `(("autoconf" ,autoconf)
       ("automake" ,automake)
       ("gettext" ,gnu-gettext)
       ("libtool" ,libtool)
       ("pkg-config" ,pkg-config)
       ("perl" ,perl)))
    (inputs
     `(("curl" ,curl)
       ("openssl" ,openssl)
       ("gtk+" ,gtk+)
       ("pcsc-lite" ,pcsc-lite)
       ("p11-kit" ,p11-kit)
       ("libproxy" ,libproxy)
       ("libxml2" ,libxml2)
       ("cyrus-sasl" ,cyrus-sasl)))
    (arguments
     `(#:phases
       (modify-phases %standard-phases
         (add-after 'unpack 'bootstrap
           (lambda _
             ;; configure.ac relies on ‘git --describe’ to get the version.
             ;; Patch it to just return the real version number directly.
             (substitute* "scripts/build-aux/genver.sh"
               (("/bin/sh") (which "sh"))
               (("\\$GITDESC") ,version))
             (invoke "sh" "./bootstrap.sh"))))))
    (synopsis "Belgian eID Middleware")
    (description "The Belgian eID Middleware is required to authenticate with
online services using the Belgian electronic identity card.")
    (home-page "https://github.com/Fedict/eid-mw")
    (license license:lgpl3)))

(define-public libyubikey
  (package
    (name "libyubikey")
    (version "1.13")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-c/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
    (build-system gnu-build-system)
    (synopsis "Development kit for the YubiKey authentication device")
    (description
     "This package contains a C library and command-line tools that make up
the low-level development kit for the Yubico YubiKey authentication device.")
    (home-page "https://developers.yubico.com/yubico-c/")
    (license license:bsd-2)))

(define-public pcsc-lite
  (package
    (name "pcsc-lite")
    (version "1.8.23")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://pcsclite.apdu.fr/files/"
                    name "-" version ".tar.bz2"))
              (sha256
               (base32
                "1jc9ws5ra6v3plwraqixin0w0wfxj64drahrbkyrrwzghqjjc9ss"))))
    (build-system gnu-build-system)
    (arguments
     `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
                           "--disable-libsystemd")))
    (native-inputs
     `(("perl" ,perl)                   ; for pod2man
       ("pkg-config" ,pkg-config)))
    (inputs
     `(("libudev" ,eudev)))
    (home-page "https://pcsclite.apdu.fr/")
    (synopsis "Middleware to access a smart card using PC/SC")
    (description
     "pcsc-lite provides an interface to communicate with smartcards and
readers using the SCard API.  pcsc-lite is used to connect to the PC/SC daemon
from a client application and provide access to the desired reader.")
    (license (list license:bsd-3                ; pcsc-lite
                   license:isc                  ; src/strlcat.c src/strlcpy.c
                   license:gpl3+))))            ; src/spy/*

(define-public ykclient
  (package
    (name "ykclient")
    (version "2.15")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-c-client/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
    (build-system gnu-build-system)

    ;; There's just one test, and it requires network access to access
    ;; yubico.com, so skip it.
    (arguments '(#:tests? #f))

    (native-inputs `(("pkg-config" ,pkg-config)
                     ("help2man" ,help2man)))
    (inputs `(("curl" ,curl)))
    (synopsis "C library to validate one-time-password YubiKeys")
    (description
     "YubiKey C Client Library (libykclient) is a C library used to validate a
one-time-password (OTP) YubiKey against Yubico’s servers.  See the Yubico
website for more information about Yubico and the YubiKey.")
    (home-page "https://developers.yubico.com/yubico-c-client/")
    (license license:bsd-2)))

(define-public opensc
  (package
    (name "opensc")
    (version "0.19.0")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://github.com/OpenSC/OpenSC/releases/download/"
                    version "/opensc-" version ".tar.gz"))
              (sha256
               (base32
                "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
       (modify-phases %standard-phases
         ;; By setting an absolute path here, we arrange for OpenSC to
         ;; successfully dlopen libpcsclite.so.1 by default.  The user can
         ;; still override this if they want to, by specifying a custom OpenSC
         ;; configuration file at runtime.
         (add-after 'unpack 'set-default-libpcsclite.so.1-path
           (lambda* (#:key inputs #:allow-other-keys)
             (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
                                               "/lib/libpcsclite.so.1")))
               (substitute* "configure"
                 (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
                  (string-append
                   "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
               #t)))
         (add-before 'check 'disable-broken-test
           (lambda _
             ;; XXX: This test is fixed in git, remove this phase for >= 0.19.
             (substitute* "doc/tools/Makefile"
               (("TESTS = test-manpage.sh") "TESTS = "))
             #t)))))
    (inputs
     `(("readline" ,readline)
       ("openssl" ,openssl)
       ("pcsc-lite" ,pcsc-lite)
       ("ccid" ,ccid)))
    (native-inputs
     `(("libxslt" ,libxslt)
       ("docbook-xsl" ,docbook-xsl)
       ("pkg-config" ,pkg-config)))
    (home-page "https://github.com/OpenSC/OpenSC/wiki")
    (synopsis "Tools and libraries related to smart cards")
    (description
     "OpenSC is a set of software tools and libraries to work with smart
cards, with the focus on smart cards with cryptographic capabilities.  OpenSC
facilitate the use of smart cards in security applications such as
authentication, encryption and digital signatures.  OpenSC implements the PKCS
#15 standard and the PKCS #11 API.")
    (license license:lgpl2.1+)))

(define-public yubico-piv-tool
  (package
    (name "yubico-piv-tool")
    (version "1.6.1")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-piv-tool/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
    (build-system gnu-build-system)
    (inputs
     `(("gengetopt" ,gengetopt)
       ("perl" ,perl)
       ("pcsc-lite" ,pcsc-lite)
       ("openssl" ,openssl)))
    (native-inputs
     `(("doxygen" ,doxygen)
       ("graphviz" ,graphviz)
       ("help2man" ,help2man)
       ("check" ,check)
       ("texlive-bin" ,texlive-bin)
       ("pkg-config" ,pkg-config)))
    (home-page "https://developers.yubico.com/yubico-piv-tool/")
    (synopsis "Interact with the PIV application on a YubiKey")
    (description
     "The Yubico PIV tool is used for interacting with the Privilege and
Identification Card (PIV) application on a YubiKey.  With it you may generate
keys on the device, import keys and certificates, create certificate requests,
and other operations.  It includes a library and a command-line tool.")
    ;; The file ykcs11/pkcs11.h also declares an additional, very short free
    ;; license for that one file.  Please see it for details.  The vast
    ;; majority of files are licensed under bsd-2.
    (license license:bsd-2)))
Commit	Line	Data
6036453f LC	1	;;; GNU Guix --- Functional package management for GNU
6036453f LC	2	;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
58c5fb76	3	;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
a6b256af	4	;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
58fdab1d	5	;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
e84eb77a	6	;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
01c6607a	7	;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
79b43bc3	8	;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
a6706f30	9	;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
fab8a9f9	10	;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
6036453f LC	11	;;;
	12	;;; This file is part of GNU Guix.
	13	;;;
	14	;;; GNU Guix is free software; you can redistribute it and/or modify it
	15	;;; under the terms of the GNU General Public License as published by
	16	;;; the Free Software Foundation; either version 3 of the License, or (at
	17	;;; your option) any later version.
	18	;;;
	19	;;; GNU Guix is distributed in the hope that it will be useful, but
	20	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	21	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	;;; GNU General Public License for more details.
	23	;;;
	24	;;; You should have received a copy of the GNU General Public License
	25	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	26
f9c33960	27	(define-module (gnu packages security-token)
6036453f	28	#:use-module (gnu packages)
07b1fb86	29	#:use-module ((guix licenses) #:prefix license:)
6036453f LC	30	#:use-module (guix packages)
6036453f LC	31	#:use-module (guix download)
13151c32	32	#:use-module (guix git-download)
6036453f	33	#:use-module (guix build-system gnu)
e84eb77a TD	34	#:use-module (guix build-system glib-or-gtk)
e84eb77a TD	35	#:use-module (gnu packages autotools)
a6b256af	36	#:use-module (gnu packages curl)
ba8d8820	37	#:use-module (gnu packages check)
a6706f30	38	#:use-module (gnu packages docbook)
ba8d8820	39	#:use-module (gnu packages documentation)
e84eb77a	40	#:use-module (gnu packages gettext)
ba8d8820	41	#:use-module (gnu packages graphviz)
e84eb77a	42	#:use-module (gnu packages gtk)
58fdab1d	43	#:use-module (gnu packages libusb)
a6b256af	44	#:use-module (gnu packages linux)
6036453f	45	#:use-module (gnu packages man)
e84eb77a TD	46	#:use-module (gnu packages networking)
e84eb77a TD	47	#:use-module (gnu packages cyrus-sasl)
aa3ad4b1	48	#:use-module (gnu packages popt)
a6706f30	49	#:use-module (gnu packages readline)
e84eb77a	50	#:use-module (gnu packages tls)
ba8d8820	51	#:use-module (gnu packages tex)
a6b256af	52	#:use-module (gnu packages perl)
e84eb77a TD	53	#:use-module (gnu packages pkg-config)
e84eb77a TD	54	#:use-module (gnu packages xml))
6036453f	55
58fdab1d MB	56	(define-public ccid
	57	(package
	58	(name "ccid")
84c7fbfd	59	(version "1.4.30")
58fdab1d MB	60	(source (origin
	61	(method url-fetch)
	62	(uri (string-append
01c6607a TGR	63	"https://ccid.apdu.fr/files/"
01c6607a TGR	64	name "-" version ".tar.bz2"))
58fdab1d MB	65	(sha256
58fdab1d MB	66	(base32
84c7fbfd	67	"0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc"))))
58fdab1d MB	68	(build-system gnu-build-system)
	69	(arguments
	70	`(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
	71	"/pcsc/drivers"))
	72	#:phases
	73	(modify-phases %standard-phases
	74	(add-after 'unpack 'patch-Makefile
	75	(lambda _
	76	(substitute* "src/Makefile.in"
	77	(("/bin/echo") (which "echo")))
	78	#t)))))
	79	(native-inputs
84c7fbfd	80	`(("pcsc-lite" ,pcsc-lite) ; only required for headers
fab8a9f9	81	("perl" ,perl)
58fdab1d MB	82	("pkg-config" ,pkg-config)))
58fdab1d MB	83	(inputs
fab8a9f9	84	`(("libusb" ,libusb)))
01c6607a	85	(home-page "https://ccid.apdu.fr/")
58fdab1d MB	86	(synopsis "PC/SC driver for USB smart card devices")
	87	(description
	88	"This package provides a PC/SC IFD handler implementation for devices
	89	compliant with the CCID and ICCD protocols. It supports a wide range of
	90	readers and is needed to communicate with such devices through the
	91	@command{pcscd} resource manager.")
	92	(license license:lgpl2.1+)))
	93
e84eb77a TD	94	(define-public eid-mw
	95	(package
	96	(name "eid-mw")
9253b4ff	97	(version "4.4.3")
13151c32 TGR	98	(source
	99	(origin
	100	(method git-fetch)
	101	(uri (git-reference
	102	(url "https://github.com/Fedict/eid-mw")
	103	(commit (string-append "v" version))))
	104	(sha256
9253b4ff	105	(base32 "1h90iz4l85drchpkmhlsvg7f9abhw6890fdr9x5n5ir3kxikwcdm"))))
e84eb77a	106	(build-system glib-or-gtk-build-system)
74a83085	107	(native-inputs
e84eb77a TD	108	`(("autoconf" ,autoconf)
	109	("automake" ,automake)
	110	("gettext" ,gnu-gettext)
	111	("libtool" ,libtool)
	112	("pkg-config" ,pkg-config)
	113	("perl" ,perl)))
	114	(inputs
	115	`(("curl" ,curl)
	116	("openssl" ,openssl)
	117	("gtk+" ,gtk+)
	118	("pcsc-lite" ,pcsc-lite)
	119	("p11-kit" ,p11-kit)
	120	("libproxy" ,libproxy)
	121	("libxml2" ,libxml2)
	122	("cyrus-sasl" ,cyrus-sasl)))
	123	(arguments
	124	`(#:phases
	125	(modify-phases %standard-phases
080093ff TGR	126	(add-after 'unpack 'bootstrap
	127	(lambda _
	128	;; configure.ac relies on ‘git --describe’ to get the version.
	129	;; Patch it to just return the real version number directly.
	130	(substitute* "scripts/build-aux/genver.sh"
	131	(("/bin/sh") (which "sh"))
	132	(("\\$GITDESC") ,version))
	133	(invoke "sh" "./bootstrap.sh"))))))
e84eb77a TD	134	(synopsis "Belgian eID Middleware")
	135	(description "The Belgian eID Middleware is required to authenticate with
	136	online services using the Belgian electronic identity card.")
	137	(home-page "https://github.com/Fedict/eid-mw")
	138	(license license:lgpl3)))
	139
6036453f LC	140	(define-public libyubikey
	141	(package
	142	(name "libyubikey")
58c5fb76	143	(version "1.13")
6036453f LC	144	(source (origin
	145	(method url-fetch)
	146	(uri (string-append
	147	"https://developers.yubico.com/yubico-c/Releases/"
	148	name "-" version ".tar.gz"))
	149	(sha256
	150	(base32
58c5fb76	151	"009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
6036453f LC	152	(build-system gnu-build-system)
	153	(synopsis "Development kit for the YubiKey authentication device")
	154	(description
	155	"This package contains a C library and command-line tools that make up
	156	the low-level development kit for the Yubico YubiKey authentication device.")
	157	(home-page "https://developers.yubico.com/yubico-c/")
07b1fb86	158	(license license:bsd-2)))
6036453f	159
a6b256af MG	160	(define-public pcsc-lite
	161	(package
	162	(name "pcsc-lite")
972fa870	163	(version "1.8.23")
a6b256af MG	164	(source (origin
	165	(method url-fetch)
	166	(uri (string-append
01c6607a TGR	167	"https://pcsclite.apdu.fr/files/"
01c6607a TGR	168	name "-" version ".tar.bz2"))
a6b256af MG	169	(sha256
a6b256af MG	170	(base32
972fa870	171	"1jc9ws5ra6v3plwraqixin0w0wfxj64drahrbkyrrwzghqjjc9ss"))))
a6b256af MG	172	(build-system gnu-build-system)
a6b256af MG	173	(arguments
972fa870 MB	174	`(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
972fa870 MB	175	"--disable-libsystemd")))
a6b256af MG	176	(native-inputs
	177	`(("perl" ,perl) ; for pod2man
	178	("pkg-config" ,pkg-config)))
	179	(inputs
	180	`(("libudev" ,eudev)))
01c6607a	181	(home-page "https://pcsclite.apdu.fr/")
a6b256af MG	182	(synopsis "Middleware to access a smart card using PC/SC")
	183	(description
	184	"pcsc-lite provides an interface to communicate with smartcards and
	185	readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon
	186	from a client application and provide access to the desired reader.")
	187	(license (list license:bsd-3 ; pcsc-lite
a6b256af MG	188	license:isc ; src/strlcat.c src/strlcpy.c
	189	license:gpl3+)))) ; src/spy/*
	190
6036453f LC	191	(define-public ykclient
	192	(package
	193	(name "ykclient")
f6b1a8f7	194	(version "2.15")
6036453f LC	195	(source (origin
	196	(method url-fetch)
	197	(uri (string-append
	198	"https://developers.yubico.com/yubico-c-client/Releases/"
	199	name "-" version ".tar.gz"))
	200	(sha256
	201	(base32
f6b1a8f7	202	"05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
6036453f LC	203	(build-system gnu-build-system)
	204
	205	;; There's just one test, and it requires network access to access
	206	;; yubico.com, so skip it.
	207	(arguments '(#:tests? #f))
	208
	209	(native-inputs `(("pkg-config" ,pkg-config)
	210	("help2man" ,help2man)))
	211	(inputs `(("curl" ,curl)))
	212	(synopsis "C library to validate one-time-password YubiKeys")
	213	(description
	214	"YubiKey C Client Library (libykclient) is a C library used to validate a
	215	one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico
	216	website for more information about Yubico and the YubiKey.")
	217	(home-page "https://developers.yubico.com/yubico-c-client/")
07b1fb86	218	(license license:bsd-2)))
a6706f30 CM	219
	220	(define-public opensc
	221	(package
	222	(name "opensc")
508d5c5f	223	(version "0.19.0")
a6706f30 CM	224	(source (origin
	225	(method url-fetch)
	226	(uri (string-append
	227	"https://github.com/OpenSC/OpenSC/releases/download/"
	228	version "/opensc-" version ".tar.gz"))
	229	(sha256
	230	(base32
508d5c5f	231	"09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
a6706f30 CM	232	(build-system gnu-build-system)
	233	(arguments
	234	`(#:phases
	235	(modify-phases %standard-phases
	236	;; By setting an absolute path here, we arrange for OpenSC to
	237	;; successfully dlopen libpcsclite.so.1 by default. The user can
	238	;; still override this if they want to, by specifying a custom OpenSC
	239	;; configuration file at runtime.
	240	(add-after 'unpack 'set-default-libpcsclite.so.1-path
	241	(lambda* (#:key inputs #:allow-other-keys)
	242	(let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
	243	"/lib/libpcsclite.so.1")))
	244	(substitute* "configure"
	245	(("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
	246	(string-append
	247	"DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
5799e5ae MB	248	#t)))
	249	(add-before 'check 'disable-broken-test
	250	(lambda _
	251	;; XXX: This test is fixed in git, remove this phase for >= 0.19.
	252	(substitute* "doc/tools/Makefile"
	253	(("TESTS = test-manpage.sh") "TESTS = "))
	254	#t)))))
a6706f30 CM	255	(inputs
	256	`(("readline" ,readline)
	257	("openssl" ,openssl)
	258	("pcsc-lite" ,pcsc-lite)
	259	("ccid" ,ccid)))
	260	(native-inputs
	261	`(("libxslt" ,libxslt)
	262	("docbook-xsl" ,docbook-xsl)
	263	("pkg-config" ,pkg-config)))
	264	(home-page "https://github.com/OpenSC/OpenSC/wiki")
	265	(synopsis "Tools and libraries related to smart cards")
	266	(description
	267	"OpenSC is a set of software tools and libraries to work with smart
	268	cards, with the focus on smart cards with cryptographic capabilities. OpenSC
	269	facilitate the use of smart cards in security applications such as
	270	authentication, encryption and digital signatures. OpenSC implements the PKCS
	271	#15 standard and the PKCS #11 API.")
	272	(license license:lgpl2.1+)))
ba8d8820 CM	273
	274	(define-public yubico-piv-tool
	275	(package
	276	(name "yubico-piv-tool")
574e2ee8	277	(version "1.6.1")
ba8d8820 CM	278	(source (origin
	279	(method url-fetch)
	280	(uri (string-append
	281	"https://developers.yubico.com/yubico-piv-tool/Releases/"
	282	name "-" version ".tar.gz"))
	283	(sha256
	284	(base32
574e2ee8	285	"10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
ba8d8820 CM	286	(build-system gnu-build-system)
ba8d8820 CM	287	(inputs
aa3ad4b1 MB	288	`(("gengetopt" ,gengetopt)
aa3ad4b1 MB	289	("perl" ,perl)
ba8d8820 CM	290	("pcsc-lite" ,pcsc-lite)
	291	("openssl" ,openssl)))
	292	(native-inputs
	293	`(("doxygen" ,doxygen)
	294	("graphviz" ,graphviz)
aa3ad4b1	295	("help2man" ,help2man)
ba8d8820 CM	296	("check" ,check)
	297	("texlive-bin" ,texlive-bin)
	298	("pkg-config" ,pkg-config)))
	299	(home-page "https://developers.yubico.com/yubico-piv-tool/")
	300	(synopsis "Interact with the PIV application on a YubiKey")
	301	(description
	302	"The Yubico PIV tool is used for interacting with the Privilege and
	303	Identification Card (PIV) application on a YubiKey. With it you may generate
	304	keys on the device, import keys and certificates, create certificate requests,
	305	and other operations. It includes a library and a command-line tool.")
	306	;; The file ykcs11/pkcs11.h also declares an additional, very short free
	307	;; license for that one file. Please see it for details. The vast
	308	;; majority of files are licensed under bsd-2.
	309	(license license:bsd-2)))