HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: wine: Update to 3.0.3.
[jackhill/guix/guix.git] / gnu / packages / crypto.scm
CommitLineData
80b77646
DT		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2014 David Thompson <davet@gnu.org>
d96e162a 3;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
b6beda1d 4;;; Copyright © 2016, 2017, 2018 Leo Famulari <leo@famulari.name>
893d963a 5;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
c6220b13 6;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
4a78fd46 7;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
d56c55ff 8;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org>
de98f4ed 9;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
fa58a0a6 10;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
a21eb019 11;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
84be0e9a 12;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
80b77646
DT		 13;;;
14;;; This file is part of GNU Guix.
15;;;
16;;; GNU Guix is free software; you can redistribute it and/or modify it
17;;; under the terms of the GNU General Public License as published by
18;;; the Free Software Foundation; either version 3 of the License, or (at
19;;; your option) any later version.
20;;;
21;;; GNU Guix is distributed in the hope that it will be useful, but
22;;; WITHOUT ANY WARRANTY; without even the implied warranty of
23;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24;;; GNU General Public License for more details.
25;;;
26;;; You should have received a copy of the GNU General Public License
27;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
28
29(define-module (gnu packages crypto)
30 #:use-module (gnu packages)
2e3f1851
EB		 31 #:use-module (gnu packages admin)
32 #:use-module (gnu packages aidc)
b6f87ec0 33 #:use-module (gnu packages attr)
893d963a 34 #:use-module (gnu packages autotools)
fb8a5d63 35 #:use-module (gnu packages boost)
47de00af 36 #:use-module (gnu packages check)
de98f4ed 37 #:use-module (gnu packages compression)
2e3f1851 38 #:use-module (gnu packages cryptsetup)
b6beda1d 39 #:use-module (gnu packages databases)
fb8a5d63 40 #:use-module (gnu packages gettext)
2e3f1851
EB		 41 #:use-module (gnu packages gnupg)
42 #:use-module (gnu packages image)
8a68b71d 43 #:use-module (gnu packages kerberos)
f1876bfc 44 #:use-module (gnu packages libbsd)
0751fddd 45 #:use-module (gnu packages libffi)
fb8a5d63 46 #:use-module (gnu packages linux)
893d963a
LG		 47 #:use-module (gnu packages nettle)
48 #:use-module (gnu packages password-utils)
fb8a5d63 49 #:use-module (gnu packages perl)
5ccde207 50 #:use-module (gnu packages perl-check)
b6beda1d
LF		 51 #:use-module (gnu packages pkg-config)
52 #:use-module (gnu packages python)
893d963a 53 #:use-module (gnu packages readline)
2e3f1851 54 #:use-module (gnu packages search)
893d963a 55 #:use-module (gnu packages serialization)
19b2ea1b 56 #:use-module (gnu packages shells)
b6f87ec0 57 #:use-module (gnu packages tcl)
893d963a 58 #:use-module (gnu packages tls)
b6f87ec0 59 #:use-module (gnu packages xml)
7fb18f57 60 #:use-module ((guix licenses) #:prefix license:)
80b77646
DT		 61 #:use-module (guix packages)
62 #:use-module (guix download)
6fabb196 63 #:use-module (guix git-download)
b6f87ec0 64 #:use-module (guix build-system cmake)
09c36743 65 #:use-module (guix build-system gnu)
fa58a0a6
EF		 66 #:use-module (guix build-system perl)
67 #:use-module (srfi srfi-1)
68 #:use-module (srfi srfi-26))
80b77646
DT		 69
70(define-public libsodium
71 (package
72 (name "libsodium")
7bd9af73 73 (version "1.0.16")
80b77646
DT		 74 (source (origin
75 (method url-fetch)
4150ac88 76 (uri (list (string-append
bee98a9f 77 "https://download.libsodium.org/libsodium/"
4150ac88
LF		 78 "releases/libsodium-" version ".tar.gz")
79 (string-append
80 "https://download.libsodium.org/libsodium/"
81 "releases/old/libsodium-" version ".tar.gz")))
80b77646
DT		 82 (sha256
83 (base32
7bd9af73 84 "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf"))))
80b77646
DT		 85 (build-system gnu-build-system)
86 (synopsis "Portable NaCl-based crypto library")
87 (description
35b9e423 88 "Sodium is a new easy-to-use high-speed software library for network
80b77646 89communication, encryption, decryption, signatures, etc.")
7fb18f57 90 (license license:isc)
bee98a9f 91 (home-page "https://libsodium.org")))
f1876bfc 92
32977915
CB		 93(define-public libmd
94 (package
95 (name "libmd")
f1d7e14a 96 (version "1.0.0")
32977915
CB		 97 (source (origin
98 (method url-fetch)
f1d7e14a
MB		 99 (uri
100 (list
101 (string-append "https://archive.hadrons.org/software/libmd/libmd-"
102 version ".tar.xz")
103 (string-append "https://libbsd.freedesktop.org/releases/libmd-"
104 version ".tar.xz")))
32977915
CB		 105 (sha256
106 (base32
f1d7e14a 107 "1iv45npzv0gncjgcpx5m081861zdqxw667ysghqb8721yrlyl6pj"))))
32977915
CB		 108 (build-system gnu-build-system)
109 (synopsis "Message Digest functions from BSD systems")
110 (description
111 "The currently provided message digest algorithms are:
112@itemize
113@item MD2
114@item MD4
115@item MD5
116@item RIPEMD-160
117@item SHA-1
118@item SHA-2 (SHA-256, SHA-384 and SHA-512)
119@end itemize")
120 (license (list license:bsd-3
121 license:bsd-2
122 license:isc
123 license:public-domain))
124 (home-page "https://www.hadrons.org/software/libmd/")))
125
f1876bfc
LF		 126(define-public signify
127 (package
128 (name "signify")
c2311644 129 (version "24")
f1876bfc
LF		 130 (source (origin
131 (method url-fetch)
132 (uri (string-append "https://github.com/aperezdc/signify/"
133 "archive/v" version ".tar.gz"))
134 (file-name (string-append name "-" version ".tar.gz"))
135 (sha256
136 (base32
c2311644 137 "0594vyvkq176xxzaz9xbq8qs0xdnr8s9gkd1prblwpdvnzmw0xvc"))))
f1876bfc
LF		 138 (build-system gnu-build-system)
139 ;; TODO Build with libwaive (described in README.md), to implement something
140 ;; like OpenBSD's pledge().
141 (arguments
142 `(#:tests? #f ; no test suite
143 #:make-flags
144 (list "CC=gcc"
145 (string-append "PREFIX=" (assoc-ref %outputs "out")))
146 #:phases
147 (modify-phases %standard-phases
148 (delete 'configure))))
149 (native-inputs
150 `(("pkg-config" ,pkg-config)))
151 (inputs
152 `(("libbsd" ,libbsd)))
153 (synopsis "Create and verify cryptographic signatures")
154 (description "The signify utility creates and verifies cryptographic
155signatures using the elliptic curve Ed25519. This is a Linux port of the
156OpenBSD tool of the same name.")
157 (home-page "https://github.com/aperezdc/signify")
158 ;; This package includes third-party code that was originally released under
159 ;; various non-copyleft licenses. See the source files for clarification.
7fb18f57
TGR		 160 (license (list license:bsd-3 license:bsd-4 license:expat license:isc
161 license:public-domain (license:non-copyleft
162 "file://base64.c"
163 "See base64.c in the distribution for
164 the license from IBM.")))))
893d963a
LG		 165
166
167(define-public opendht
168 (package
169 (name "opendht")
170 (version "0.6.1")
171 (source
172 (origin
173 (method url-fetch)
174 (uri
175 (string-append
176 "https://github.com/savoirfairelinux/" name
177 "/archive/" version ".tar.gz"))
178 (file-name (string-append name "-" version ".tar.gz"))
179 (modules '((guix build utils)))
180 (snippet
181 '(begin
182 (delete-file-recursively "src/argon2")
183 (substitute* "src/Makefile.am"
184 (("./argon2/libargon2.la") "")
185 (("SUBDIRS = argon2") ""))
186 (substitute* "src/crypto.cpp"
187 (("argon2/argon2.h") "argon2.h"))
188 (substitute* "configure.ac"
6cbee49d
MW		 189 (("src/argon2/Makefile") ""))
190 #t))
893d963a
LG		 191 (sha256
192 (base32
193 "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
194 (build-system gnu-build-system)
195 (inputs
196 `(("gnutls" ,gnutls)
197 ("nettle" ,nettle)
893d963a
LG		 198 ("readline" ,readline)
199 ("argon2" ,argon2)))
615c9990
LG		 200 (propagated-inputs
201 `(("msgpack" ,msgpack))) ;included in several installed headers
893d963a
LG		 202 (native-inputs
203 `(("autoconf" ,autoconf)
204 ("pkg-config" ,pkg-config)
205 ("automake" ,automake)
206 ("libtool" ,libtool)))
207 (arguments
208 `(#:configure-flags '("--disable-tools" "--disable-python")
209 #:phases (modify-phases %standard-phases
d10092b8 210 (add-after 'unpack 'autoconf
893d963a
LG		 211 (lambda _
212 (zero? (system* "autoreconf" "-vfi")))))))
213 (home-page "https://github.com/savoirfairelinux/opendht/")
214 (synopsis "Distributed Hash Table (DHT) library")
215 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
216be used to manage peer-to-peer network connections as needed for real time
217communication.")
7fb18f57 218 (license license:gpl3)))
fb8a5d63 219
fb8a5d63
TGR		 220(define-public encfs
221 (package
222 (name "encfs")
47de00af 223 (version "1.9.5")
fb8a5d63
TGR		 224 (source
225 (origin
226 (method url-fetch)
227 (uri
228 (string-append "https://github.com/vgough/encfs/releases/download/v"
229 version "/encfs-" version ".tar.gz"))
230 (sha256
231 (base32
47de00af 232 "0qzxavvv20577bxvly8s7d3y7bqasqclc2mllp0ddfncjm9z02a7"))
b6f87ec0
TGR		 233 (modules '((guix build utils)))
234 ;; Remove bundled dependencies in favour of proper inputs.
6cbee49d
MW		 235 (snippet '(begin
236 (for-each delete-file-recursively
47de00af
PN		 237 '("vendor/github.com/leethomason/tinyxml2"
238 "vendor/github.com/google/googletest"))
6cbee49d 239 #t))))
b6f87ec0 240 (build-system cmake-build-system)
fb8a5d63 241 (native-inputs
79355ae3 242 `(("gettext" ,gettext-minimal)
b6f87ec0
TGR		 243
244 ;; Test dependencies.
245 ("expect" ,expect)
47de00af 246 ("googletest-source" ,(package-source googletest))
b6f87ec0 247 ("perl" ,perl)))
fb8a5d63 248 (inputs
b6f87ec0 249 `(("attr" ,attr)
fb8a5d63
TGR		 250 ("fuse" ,fuse)
251 ("openssl" ,openssl)
b6f87ec0
TGR		 252 ("tinyxml2" ,tinyxml2)))
253 (arguments
47de00af
PN		 254 `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")
255 #:phases
256 (modify-phases %standard-phases
257 (add-after 'unpack 'unpack-googletest
258 (lambda* (#:key inputs #:allow-other-keys)
259 (mkdir-p "vendor/github.com/google/googletest")
260 (invoke "tar" "xvf" (assoc-ref inputs "googletest-source")
261 "-C" "vendor/github.com/google/googletest"
262 "--strip-components=1")))
263 (add-before 'check 'make-unittests
264 (lambda _
265 (invoke "make" "unittests"))))))
fb8a5d63
TGR		 266 (home-page "https://vgough.github.io/encfs")
267 (synopsis "Encrypted virtual file system")
268 (description
269 "EncFS creates a virtual encrypted file system in user-space. Each file
270created under an EncFS mount point is stored as a separate encrypted file on
271the underlying file system. Like most encrypted file systems, EncFS is meant
272to provide security against off-line attacks, such as a drive falling into
273the wrong hands.")
b6f87ec0
TGR		 274 (license (list license:expat ; internal/easylogging++.h
275 license:lgpl3+ ; encfs library
276 license:gpl3+)))) ; command-line tools
279d902b
TGR		 277
278(define-public keyutils
279 (package
280 (name "keyutils")
8a68b71d 281 (version "1.5.11")
279d902b
TGR		 282 (source
283 (origin
284 (method url-fetch)
285 (uri
286 (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
287 version ".tar.bz2"))
288 (sha256
289 (base32
8a68b71d 290 "1ddig6j5xjyk6g9l2wlqc7k1cgvryxdqbsv3c9rk1p3f42448n0i"))
279d902b 291 (modules '((guix build utils)))
8a68b71d 292 ;; Create relative symbolic links instead of absolute ones to /lib/*.
6cbee49d
MW		 293 (snippet '(begin
294 (substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
295 "$(LNS) "))
296 #t))))
279d902b
TGR		 297 (build-system gnu-build-system)
298 (arguments
299 `(#:phases (modify-phases %standard-phases
300 (delete 'configure)) ; no configure script
301 #:make-flags (list "CC=gcc"
302 "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
303 (string-append "DESTDIR="
304 (assoc-ref %outputs "out"))
305 "INCLUDEDIR=/include"
306 "LIBDIR=/lib"
307 "MANDIR=/share/man"
308 "SHAREDIR=/share/keyutils")
309 #:test-target "test"))
8a68b71d
TGR		 310 (inputs
311 `(("mit-krb5" ,mit-krb5)))
279d902b 312 (home-page "https://people.redhat.com/dhowells/keyutils/")
5b63a856 313 (synopsis "Linux key management utilities")
279d902b
TGR		 314 (description
315 "Keyutils is a set of utilities for managing the key retention facility in
316the Linux kernel, which can be used by file systems, block devices, and more to
317gain and retain the authorization and encryption keys required to perform
318secure operations. ")
319 (license (list license:lgpl2.1+ ; the files keyutils.*
320 license:gpl2+)))) ; the rest
6fabb196 321
322;; There is no release candidate but commits point out a version number,
323;; furthermore no tarball exists.
324(define-public eschalot
325 (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")
326 (revision "1"))
327 (package
328 (name "eschalot")
329 (version (string-append "1.2.0-" revision "." (string-take commit 7)))
330 (source
331 (origin
332 (method git-fetch)
333 (uri (git-reference
334 (url "https://github.com/schnabear/eschalot")
335 (commit commit)))
336 (file-name (string-append name "-" version))
337 (sha256
338 (base32
339 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))
340 (inputs
341 `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h
342 (build-system gnu-build-system)
343 (arguments
344 `(#:make-flags (list "CC=gcc"
345 (string-append "PREFIX=" (assoc-ref %outputs "out"))
346 (string-append "INSTALL=" "install"))
347 ;; XXX: make test would run a !VERY! long hashing of names with the use
348 ;; of a wordlist, the amount of computing time this would waste on build
349 ;; servers is in no relation to the size or importance of this small
350 ;; application, therefore we run our own tests on eschalot and worgen.
351 #:phases
352 (modify-phases %standard-phases
353 (delete 'configure)
354 (replace 'check
355 (lambda _
356 (and
357 (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"
358 "3-6" "top150adjectives.txt" "3-6"))
359 (zero? (system* "./eschalot" "-r" "^guix|^guixsd"))
360 (zero? (system* "./eschalot" "-r" "^gnu|^free"))
361 (zero? (system* "./eschalot" "-r" "^cyber|^hack"))
362 (zero? (system* "./eschalot" "-r" "^troll")))))
363 ;; Make install can not create the bin dir, create it.
364 (add-before 'install 'create-bin-dir
365 (lambda* (#:key outputs #:allow-other-keys)
366 (let* ((out (assoc-ref outputs "out"))
367 (bin (string-append out "/bin")))
368 (mkdir-p bin)
369 #t))))))
370 (home-page "https://github.com/schnabear/eschalot")
371 (synopsis "Tor hidden service name generator")
372 (description
373 "Eschalot is a tor hidden service name generator, it allows one to
374produce customized vanity .onion addresses using a brute-force method. Searches
375for valid names can be run with regular expressions and wordlists. For the
376generation of wordlists the included tool @code{worgen} can be used. There is
377no man page, refer to the home page for usage details.")
378 (license (list license:isc license:expat)))))
2e3f1851
EB		 379
380(define-public tomb
381 (package
382 (name "tomb")
1a16b925 383 (version "2.5")
2e3f1851
EB		 384 (source (origin
385 (method url-fetch)
386 (uri (string-append "https://files.dyne.org/tomb/"
8ca2cb58 387 "Tomb-" version ".tar.gz"))
2e3f1851
EB		 388 (sha256
389 (base32
1a16b925 390 "12c6qldngaw520gvb02inzkhnxbl4k0dwmddrgnaf7xashy6j0wc"))))
2e3f1851 391 (build-system gnu-build-system)
d56c55ff 392 (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
2e3f1851
EB		 393 (inputs
394 `(("zsh" ,zsh)
2e3f1851
EB		 395 ("gnupg" ,gnupg)
396 ("cryptsetup" ,cryptsetup)
397 ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
7c90d0f4 398 ("gettext" ,gettext-minimal) ;used at runtime
2e3f1851
EB		 399 ("mlocate" ,mlocate)
400 ("pinentry" ,pinentry)
401 ("qrencode" ,qrencode)
1a16b925
TGR		 402 ("steghide" ,steghide)
403 ("util-linux" ,util-linux)))
2e3f1851
EB		 404 (arguments
405 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
406 ;; TODO: Build and install gtk and qt trays
407 #:phases
408 (modify-phases %standard-phases
409 (delete 'configure) ;no configuration to be done
410 (add-after 'install 'i18n
411 (lambda* (#:key make-flags #:allow-other-keys)
635dd0cc
TGR		 412 (apply invoke "make" "-C" "extras/translations"
413 "install" make-flags)
414 #t))
2e3f1851
EB		 415 (add-after 'install 'wrap
416 (lambda* (#:key inputs outputs #:allow-other-keys)
417 (let ((out (assoc-ref outputs "out")))
418 (wrap-program (string-append out "/bin/tomb")
419 `("PATH" ":" prefix
420 (,(string-append (assoc-ref inputs "mlocate") "/bin")
421 ,@(map (lambda (program)
422 (or (and=> (which program) dirname)
423 (error "program not found:" program)))
424 '("seq" "mkfs.ext4" "pinentry" "sudo"
425 "gpg" "cryptsetup" "gettext"
1a16b925 426 "qrencode" "steghide" "findmnt")))))
2e3f1851
EB		 427 #t)))
428 (delete 'check)
429 (add-after 'wrap 'check
430 (lambda* (#:key outputs #:allow-other-keys)
431 ;; Running the full tests requires sudo/root access for
432 ;; cryptsetup, which is not available in the build environment.
433 ;; But we can run `tomb dig` without root, so make sure that
434 ;; works. TODO: It Would Be Nice to check the expected "index",
435 ;; "search", "bury", and "exhume" features are available by
436 ;; querying `tomb -h`.
437 (let ((tomb (string-append (assoc-ref outputs "out")
438 "/bin/tomb")))
635dd0cc
TGR		 439 (invoke tomb "dig" "-s" "10" "secrets.tomb")
440 #t))))))
9539016e 441 (home-page "https://www.dyne.org/software/tomb")
2e3f1851
EB		 442 (synopsis "File encryption for secret data")
443 (description
444 "Tomb is an application to manage the creation and access of encrypted
445storage files: it can be operated from commandline and it can integrate with a
446user's graphical desktop.")
447 (license license:gpl3+)))
9381a02a
LF		 448
449(define-public scrypt
450 (package
451 (name "scrypt")
6c067a3f 452 (version "1.2.1")
9381a02a
LF		 453 (source
454 (origin
455 (method url-fetch)
456 (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-"
457 version ".tgz"))
458 (sha256
459 (base32
6c067a3f 460 "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
9381a02a
LF		 461 (build-system gnu-build-system)
462 (arguments
463 `(#:phases (modify-phases %standard-phases
464 (add-after 'unpack 'patch-command-invocations
465 (lambda _
466 (substitute* "Makefile.in"
467 (("command -p") ""))
468 #t))
469 (add-after 'install 'install-docs
470 (lambda* (#:key outputs #:allow-other-keys)
471 (let* ((out (assoc-ref %outputs "out"))
472 (misc (string-append out "/share/doc/scrypt")))
473 (install-file "FORMAT" misc)
474 #t))))))
475 (inputs
476 `(("openssl" ,openssl)))
477 (home-page "https://www.tarsnap.com/scrypt.html")
478 (synopsis "Memory-hard encryption tool based on scrypt")
479 (description "This packages provides a simple password-based encryption
480utility as a demonstration of the @code{scrypt} key derivation function.
481@code{Scrypt} is designed to be far more resistant against hardware brute-force
482attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
483 (license license:bsd-2)))
09c36743 484
84be0e9a
NG		 485(define-public libscrypt
486 (package
487 (name "libscrypt")
488 (version "1.21")
489 (source
490 (origin
491 (method git-fetch)
492 (uri (git-reference
493 (url "https://github.com/technion/libscrypt.git")
494 (commit (string-append "v" version))))
495 (file-name (git-file-name name version))
496 (sha256
497 (base32
498 "1d76ys6cp7fi4ng1w3mz2l0p9dbr7ljbk33dcywyimzjz8bahdng"))))
499 (build-system gnu-build-system)
500 (arguments
501 `(#:make-flags (list (string-append "PREFIX=" %output)
502 "CC=gcc")
503 #:phases
504 (modify-phases %standard-phases
505 (delete 'configure))))
506 (home-page "https://lolware.net/libscrypt.html")
507 (synopsis "Password hashing library")
508 (description "@code{libscrypt} implements @code{scrypt} key derivation
509function. It is designed to be far more secure against hardware brute-force
510attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
511 (license license:bsd-3)))
512
d96e162a
RW		 513(define-public perl-math-random-isaac-xs
514 (package
515 (name "perl-math-random-isaac-xs")
516 (version "1.004")
517 (source
518 (origin
519 (method url-fetch)
520 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
521 "Math-Random-ISAAC-XS-" version ".tar.gz"))
522 (sha256
523 (base32
524 "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
525 (build-system perl-build-system)
526 (native-inputs
527 `(("perl-module-build" ,perl-module-build)
528 ("perl-test-nowarnings" ,perl-test-nowarnings)))
9aba9b12 529 (home-page "https://metacpan.org/release/Math-Random-ISAAC-XS")
d96e162a
RW		 530 (synopsis "C implementation of the ISAAC PRNG algorithm")
531 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
532fast pseudo-random number generator. It is suitable for applications where a
533significant amount of random data needs to be produced quickly, such as
534solving using the Monte Carlo method or for games. The results are uniformly
535distributed, unbiased, and unpredictable unless you know the seed.
536
537This package implements the same interface as @code{Math::Random::ISAAC}.")
538 (license license:public-domain)))
649238cb
RW		 539
540(define-public perl-math-random-isaac
541 (package
542 (name "perl-math-random-isaac")
543 (version "1.004")
544 (source
545 (origin
546 (method url-fetch)
547 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
548 "Math-Random-ISAAC-" version ".tar.gz"))
549 (sha256
550 (base32
551 "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
552 (build-system perl-build-system)
553 (native-inputs
554 `(("perl-test-nowarnings" ,perl-test-nowarnings)))
555 (propagated-inputs
556 `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
9aba9b12 557 (home-page "https://metacpan.org/release/Math-Random-ISAAC")
649238cb
RW		 558 (synopsis "Perl interface to the ISAAC PRNG algorithm")
559 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
560fast pseudo-random number generator. It is suitable for applications where a
561significant amount of random data needs to be produced quickly, such as
562solving using the Monte Carlo method or for games. The results are uniformly
563distributed, unbiased, and unpredictable unless you know the seed.
564
565This package provides a Perl interface to the ISAAC pseudo random number
566generator.")
567 (license license:public-domain)))
2023b79f
RW		 568
569(define-public perl-crypt-random-source
570 (package
571 (name "perl-crypt-random-source")
572 (version "0.12")
573 (source
574 (origin
575 (method url-fetch)
576 (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
577 "Crypt-Random-Source-" version ".tar.gz"))
578 (sha256
579 (base32
580 "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
581 (build-system perl-build-system)
582 (native-inputs
583 `(("perl-module-build-tiny" ,perl-module-build-tiny)
584 ("perl-test-exception" ,perl-test-exception)))
585 (propagated-inputs
586 `(("perl-capture-tiny" ,perl-capture-tiny)
587 ("perl-module-find" ,perl-module-find)
588 ("perl-module-runtime" ,perl-module-runtime)
589 ("perl-moo" ,perl-moo)
590 ("perl-namespace-clean" ,perl-namespace-clean)
591 ("perl-sub-exporter" ,perl-sub-exporter)
592 ("perl-type-tiny" ,perl-type-tiny)))
9aba9b12 593 (home-page "https://metacpan.org/release/Crypt-Random-Source")
2023b79f
RW		 594 (synopsis "Get weak or strong random data from pluggable sources")
595 (description "This module provides implementations for a number of
596byte-oriented sources of random data.")
8cb537ac 597 (license license:perl-license)))
233f4f43
RW		 598
599(define-public perl-math-random-secure
600 (package
601 (name "perl-math-random-secure")
602 (version "0.080001")
603 (source
604 (origin
605 (method url-fetch)
606 (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
607 "Math-Random-Secure-" version ".tar.gz"))
608 (sha256
609 (base32
610 "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
611 (build-system perl-build-system)
612 (native-inputs
613 `(("perl-list-moreutils" ,perl-list-moreutils)
614 ("perl-test-leaktrace" ,perl-test-leaktrace)
615 ("perl-test-sharedfork" ,perl-test-sharedfork)
616 ("perl-test-warn" ,perl-test-warn)))
617 (inputs
618 `(("perl-crypt-random-source" ,perl-crypt-random-source)
619 ("perl-math-random-isaac" ,perl-math-random-isaac)
620 ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
621 ("perl-moo" ,perl-moo)))
9aba9b12 622 (home-page "https://metacpan.org/release/Math-Random-Secure")
233f4f43
RW		 623 (synopsis "Cryptographically secure replacement for rand()")
624 (description "This module is intended to provide a
625cryptographically-secure replacement for Perl's built-in @code{rand} function.
626\"Crytographically secure\", in this case, means:
627
628@enumerate
629@item No matter how many numbers you see generated by the random number
630generator, you cannot guess the future numbers, and you cannot guess the seed.
631@item There are so many possible seeds that it would take decades, centuries,
8d0d1447 632or millennia for an attacker to try them all.
233f4f43
RW		 633@item The seed comes from a source that generates relatively strong random
634data on your platform, so the seed itself will be as random as possible.
635@end enumerate\n")
636 (license license:artistic2.0)))
f0f6f9f6 637
de98f4ed
PL		 638(define-public crypto++
639 (package
640 (name "crypto++")
6ca15c9e 641 (version "6.0.0")
de98f4ed
PL		 642 (source (origin
643 (method url-fetch/zipbomb)
644 (uri (string-append "https://cryptopp.com/cryptopp"
645 (string-join (string-split version #\.) "")
646 ".zip"))
647 (sha256
648 (base32
6ca15c9e 649 "1nidm6xbdza5cbgf5md2zznmaq692rfyjasycwipl6rzdfwjvb34"))))
de98f4ed
PL		 650 (build-system gnu-build-system)
651 (arguments
652 `(#:make-flags
653 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
654 #:phases
655 (modify-phases %standard-phases
c300cae6
TGR		 656 (add-after 'unpack 'disable-native-optimisation
657 ;; This package installs more than just headers. Ensure that the
658 ;; cryptest.exe binary & static library aren't CPU model specific.
659 (lambda _
660 (substitute* "GNUmakefile"
661 ((" -march=native") ""))
662 #t))
de98f4ed
PL		 663 (delete 'configure))))
664 (native-inputs
665 `(("unzip" ,unzip)))
666 (home-page "https://cryptopp.com/")
667 (synopsis "C++ class library of cryptographic schemes")
668 (description "Crypto++ is a C++ class library of cryptographic schemes.")
669 ;; The compilation is distributed under the Boost license; the individual
670 ;; files in the compilation are in the public domain.
671 (license (list license:boost1.0 license:public-domain))))
60e95297 672
c6220b13 673(define-public libb2
e9997e47
MB		 674 (package
675 (name "libb2")
676 (version "0.98")
677 (source (origin
678 (method url-fetch)
679 (uri (string-append
680 "https://github.com/BLAKE2/libb2/releases/download/v"
681 version "/libb2-" version ".tar.gz"))
682 (sha256
683 (base32
684 "0vq39cvwy05754l565xl11rqr2jvjb6ykjzca886vi9vm71y0sg8"))))
685 (build-system gnu-build-system)
686 (arguments
687 `(#:configure-flags
688 (list
689 ,@(if (any (cute string-prefix? <> (or (%current-system)
690 (%current-target-system)))
691 '("x86_64" "i686"))
692 ;; fat only checks for Intel optimisations
693 '("--enable-fat")
694 '())
695 "--disable-native"))) ;don't optimise at build time
696 (home-page "https://blake2.net/")
697 (synopsis "Library implementing the BLAKE2 family of hash functions")
698 (description
699 "libb2 is a portable implementation of the BLAKE2 family of cryptographic
c6220b13
TGR		 700hash functions. It includes optimised implementations for IA-32 and AMD64
701processors, and an interface layer that automatically selects the best
702implementation for the processor it is run on.
703
704@dfn{BLAKE2} (RFC 7693) is a family of high-speed cryptographic hash functions
705that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure
706as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist
707BLAKE.")
e9997e47 708 (license license:public-domain)))
a21eb019
AI		 709
710(define-public rhash
711 (package
712 (name "rhash")
53bed209 713 (version "1.3.6")
a21eb019
AI		 714 (source
715 (origin
716 (method url-fetch)
717 (uri (string-append "https://github.com/rhash/RHash/archive/v"
718 version ".tar.gz"))
719 (file-name (string-append name "-" version ".tar.gz"))
720 (sha256
721 (base32
53bed209 722 "14ngzfgmd1lfp7m78sn49x8ymf2s37nrr67c6p5vas85nrrgjkcn"))))
a21eb019
AI		 723 (build-system gnu-build-system)
724 (arguments
53bed209
TGR		 725 `(#:make-flags
726 ;; The binaries in /bin need some help finding librhash.so.0.
727 (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib"))
728 #:test-target "test" ; ‘make check’ just checks the sources
a21eb019
AI		 729 #:phases
730 (modify-phases %standard-phases
731 (replace 'configure
53bed209
TGR		 732 ;; ./configure is not GNU autotools' and doesn't gracefully handle
733 ;; unrecognized options, so we must call it manually.
a21eb019 734 (lambda* (#:key outputs #:allow-other-keys)
53bed209
TGR		 735 (invoke "./configure"
736 (string-append "--prefix=" (assoc-ref outputs "out")))))
737 (add-after 'install 'install-library-extras
952a20d2 738 (lambda* (#:key make-flags #:allow-other-keys)
a21eb019 739 (apply invoke
53bed209
TGR		 740 "make" "-C" "librhash"
741 "install-headers" "install-so-link"
742 make-flags))))))
a21eb019
AI		 743 (home-page "https://sourceforge.net/projects/rhash/")
744 (synopsis "Utility for computing hash sums")
745 (description "RHash is a console utility for calculation and verification
746of magnet links and a wide range of hash sums like CRC32, MD4, MD5, SHA1,
747SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R
74834.11-94, RIPEMD-160, HAS-160, EDON-R, Whirlpool and Snefru.")
749 (license (license:non-copyleft "file://COPYING"))))
b6beda1d
LF		 750
751(define-public botan
752 (package
753 (name "botan")
cfe25568 754 (version "2.7.0")
b6beda1d
LF		 755 (source (origin
756 (method url-fetch)
757 (uri (string-append "https://botan.randombit.net/releases/"
758 "Botan-" version ".tgz"))
759 (sha256
760 (base32
cfe25568 761 "142aqabwc266jxn8wrp0f1ffrmcvdxwvyh8frb38hx9iaqazjbg4"))))
b6beda1d
LF		 762 (build-system gnu-build-system)
763 (arguments
764 '(#:phases
765 (modify-phases %standard-phases
b6beda1d
LF		 766 (replace 'configure
767 (lambda* (#:key inputs outputs #:allow-other-keys)
768 (let* ((out (assoc-ref %outputs "out"))
769 (lib (string-append out "/lib")))
770 (invoke "python" "./configure.py"
771 (string-append "--prefix=" out)
772 ;; Otherwise, the `botan` executable cannot find
773 ;; libbotan.
774 (string-append "--ldflags=-Wl,-rpath=" lib)
775 "--with-rst2man"
776 ;; Recommended by upstream
777 "--with-zlib" "--with-bzip2" "--with-sqlite3"))))
778 (replace 'check
779 (lambda _ (invoke "./botan-test"))))))
780 (native-inputs
781 `(("python" ,python-minimal-wrapper)
782 ("python-docutils" ,python-docutils)))
783 (inputs
784 `(("sqlite" ,sqlite)
785 ("bzip2" ,bzip2)
786 ("zlib" ,zlib)))
787 (synopsis "Cryptographic library in C++11")
788 (description "Botan is a cryptography library, written in C++11, offering
789the tools necessary to implement a range of practical systems, such as TLS/DTLS,
790PKIX certificate handling, PKCS#11 and TPM hardware support, password hashing,
791and post-quantum crypto schemes. In addition to the C++, botan has a C89 API
792specifically designed to be easy to call from other languages. A Python binding
793using ctypes is included, and several other language bindings are available.")
794 (home-page "https://botan.randombit.net")
795 (license license:bsd-2)))
0cfc168b
PN		 796
797(define-public ccrypt
798 (package
799 (name "ccrypt")
fc79867d 800 (version "1.11")
0cfc168b
PN		 801 (source (origin
802 (method url-fetch)
fc79867d 803 (uri (string-append "mirror://sourceforge/ccrypt/"
0cfc168b
PN		 804 version "/ccrypt-" version ".tar.gz"))
805 (sha256
806 (base32
fc79867d 807 "0kx4a5mhmp73ljknl2lcccmw9z3f5y8lqw0ghaymzvln1984g75i"))))
0cfc168b
PN		 808 (build-system gnu-build-system)
809 (home-page "http://ccrypt.sourceforge.net")
810 (synopsis "Command-line utility for encrypting and decrypting files and streams")
811 (description "@command{ccrypt} is a utility for encrypting and decrypting
812files and streams. It was designed as a replacement for the standard unix
813@command{crypt} utility, which is notorious for using a very weak encryption
814algorithm. @command{ccrypt} is based on the Rijndael block cipher, a version of
815which is also used in the Advanced Encryption Standard (AES, see
816@url{http://www.nist.gov/aes}). This cipher is believed to provide very strong
817security.")
818 (license license:gpl2)))
de15ff1a
LF		 819
820(define-public asignify
821 (let ((commit "f58e7977a599f040797975d649ed318e25cbd2d5")
822 (revision "0"))
823 (package
824 (name "asignify")
825 (version (git-version "1.1" revision commit))
826 (source (origin
827 (method git-fetch)
828 (uri (git-reference
829 (url "https://github.com/vstakhov/asignify.git")
830 (commit commit)))
831 (file-name (git-file-name name version))
832 (sha256
833 (base32
834 "1zl68qq6js6fdahxzyhvhrpyrwlv8c2zhdplycnfxyr1ckkhq8dw"))))
835 (build-system gnu-build-system)
836 (arguments
837 `(#:configure-flags
838 (list "--enable-openssl"
839 (string-append "--with-openssl="
840 (assoc-ref %build-inputs "openssl")))))
841 (native-inputs
842 `(("autoconf" ,autoconf)
843 ("automake" ,automake)
844 ("libtool" ,libtool)))
845 (inputs
846 `(("openssl" ,openssl-next)))
847 (home-page "https://github.com/vstakhov/asignify")
848 (synopsis "Cryptographic authentication and encryption tool and library")
849 (description "Asignify offers public cryptographic signatures and
850encryption with a library or a command-line tool. The tool is heavily inspired
851by signify as used in OpenBSD. The main goal of this project is to define a
852high level API for signing files, validating signatures and encrypting using
853public-key cryptography. Asignify is designed to be portable and self-contained
854with zero external dependencies. Asignify can verify OpenBSD signatures, but it
855cannot sign messages in OpenBSD format yet.")
856 (license license:bsd-2))))
jackhill's copy of GNU Guix: https://guix.gnu.org/