HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: icecat: Update to 68.4.0-guix0-preview1 [security fixes].
[jackhill/guix/guix.git] / gnu / packages / security-token.scm
CommitLineData
6036453f
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
58c5fb76 3;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
a6b256af 4;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
58fdab1d 5;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
e84eb77a 6;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
249deec9 7;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
53471636 8;;; Copyright © 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
404037f8 9;;; Copyright © 2018, 2019 Chris Marusich <cmmarusich@gmail.com>
fab8a9f9 10;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
6036453f
LC		 11;;;
12;;; This file is part of GNU Guix.
13;;;
14;;; GNU Guix is free software; you can redistribute it and/or modify it
15;;; under the terms of the GNU General Public License as published by
16;;; the Free Software Foundation; either version 3 of the License, or (at
17;;; your option) any later version.
18;;;
19;;; GNU Guix is distributed in the hope that it will be useful, but
20;;; WITHOUT ANY WARRANTY; without even the implied warranty of
21;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22;;; GNU General Public License for more details.
23;;;
24;;; You should have received a copy of the GNU General Public License
25;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
26
f9c33960 27(define-module (gnu packages security-token)
6036453f 28 #:use-module (gnu packages)
07b1fb86 29 #:use-module ((guix licenses) #:prefix license:)
6036453f
LC		 30 #:use-module (guix packages)
31 #:use-module (guix download)
5297e975 32 #:use-module (guix gexp)
13151c32 33 #:use-module (guix git-download)
6036453f 34 #:use-module (guix build-system gnu)
e84eb77a 35 #:use-module (guix build-system glib-or-gtk)
404037f8 36 #:use-module (guix build-system python)
e84eb77a 37 #:use-module (gnu packages autotools)
53471636 38 #:use-module (gnu packages base)
a6b256af 39 #:use-module (gnu packages curl)
ba8d8820 40 #:use-module (gnu packages check)
a6706f30 41 #:use-module (gnu packages docbook)
ba8d8820 42 #:use-module (gnu packages documentation)
5297e975 43 #:use-module (gnu packages dns)
e84eb77a 44 #:use-module (gnu packages gettext)
ba8d8820 45 #:use-module (gnu packages graphviz)
e84eb77a 46 #:use-module (gnu packages gtk)
58fdab1d 47 #:use-module (gnu packages libusb)
a6b256af 48 #:use-module (gnu packages linux)
6036453f 49 #:use-module (gnu packages man)
e84eb77a
TD		 50 #:use-module (gnu packages networking)
51 #:use-module (gnu packages cyrus-sasl)
aa3ad4b1 52 #:use-module (gnu packages popt)
a6706f30 53 #:use-module (gnu packages readline)
e84eb77a 54 #:use-module (gnu packages tls)
ba8d8820 55 #:use-module (gnu packages tex)
a6b256af 56 #:use-module (gnu packages perl)
e84eb77a 57 #:use-module (gnu packages pkg-config)
404037f8 58 #:use-module (gnu packages python)
5297e975
CM		 59 #:use-module (gnu packages python-crypto)
60 #:use-module (gnu packages python-xyz)
404037f8 61 #:use-module (gnu packages swig)
a5523942 62 #:use-module (gnu packages web)
e84eb77a 63 #:use-module (gnu packages xml))
6036453f 64
58fdab1d
MB		 65(define-public ccid
66 (package
67 (name "ccid")
da926c25 68 (version "1.4.31")
58fdab1d
MB		 69 (source (origin
70 (method url-fetch)
71 (uri (string-append
01c6607a
TGR		 72 "https://ccid.apdu.fr/files/"
73 name "-" version ".tar.bz2"))
58fdab1d
MB		 74 (sha256
75 (base32
da926c25 76 "1xz8ikr6vk73w3xnwb931yq8lqc1zrj8c3v34n6h63irwjvdfj3b"))))
58fdab1d
MB		 77 (build-system gnu-build-system)
78 (arguments
79 `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
80 "/pcsc/drivers"))
81 #:phases
82 (modify-phases %standard-phases
83 (add-after 'unpack 'patch-Makefile
84 (lambda _
85 (substitute* "src/Makefile.in"
86 (("/bin/echo") (which "echo")))
87 #t)))))
88 (native-inputs
84c7fbfd 89 `(("pcsc-lite" ,pcsc-lite) ; only required for headers
fab8a9f9 90 ("perl" ,perl)
58fdab1d
MB		 91 ("pkg-config" ,pkg-config)))
92 (inputs
fab8a9f9 93 `(("libusb" ,libusb)))
01c6607a 94 (home-page "https://ccid.apdu.fr/")
58fdab1d
MB		 95 (synopsis "PC/SC driver for USB smart card devices")
96 (description
97 "This package provides a PC/SC IFD handler implementation for devices
98compliant with the CCID and ICCD protocols. It supports a wide range of
99readers and is needed to communicate with such devices through the
100@command{pcscd} resource manager.")
101 (license license:lgpl2.1+)))
102
e84eb77a
TD		 103(define-public eid-mw
104 (package
105 (name "eid-mw")
51058cb2 106 (version "4.4.23")
13151c32
TGR		 107 (source
108 (origin
109 (method git-fetch)
110 (uri (git-reference
111 (url "https://github.com/Fedict/eid-mw")
112 (commit (string-append "v" version))))
4fdad3ed 113 (file-name (git-file-name name version))
13151c32 114 (sha256
51058cb2 115 (base32 "0kf147zxsp5ilghr46hjxa2nsikhv8198n04q81qzn9zln69av04"))))
e84eb77a 116 (build-system glib-or-gtk-build-system)
74a83085 117 (native-inputs
e84eb77a
TD		 118 `(("autoconf" ,autoconf)
119 ("automake" ,automake)
120 ("gettext" ,gnu-gettext)
121 ("libtool" ,libtool)
122 ("pkg-config" ,pkg-config)
123 ("perl" ,perl)))
124 (inputs
125 `(("curl" ,curl)
126 ("openssl" ,openssl)
127 ("gtk+" ,gtk+)
128 ("pcsc-lite" ,pcsc-lite)
129 ("p11-kit" ,p11-kit)
130 ("libproxy" ,libproxy)
131 ("libxml2" ,libxml2)
132 ("cyrus-sasl" ,cyrus-sasl)))
133 (arguments
134 `(#:phases
135 (modify-phases %standard-phases
080093ff
TGR		 136 (add-after 'unpack 'bootstrap
137 (lambda _
138 ;; configure.ac relies on ‘git --describe’ to get the version.
139 ;; Patch it to just return the real version number directly.
140 (substitute* "scripts/build-aux/genver.sh"
141 (("/bin/sh") (which "sh"))
249deec9 142 (("^(GITDESC=).*" match) (string-append match ,version "\n")))
080093ff 143 (invoke "sh" "./bootstrap.sh"))))))
e84eb77a
TD		 144 (synopsis "Belgian eID Middleware")
145 (description "The Belgian eID Middleware is required to authenticate with
146online services using the Belgian electronic identity card.")
147 (home-page "https://github.com/Fedict/eid-mw")
148 (license license:lgpl3)))
149
6036453f
LC		 150(define-public libyubikey
151 (package
152 (name "libyubikey")
58c5fb76 153 (version "1.13")
6036453f
LC		 154 (source (origin
155 (method url-fetch)
156 (uri (string-append
157 "https://developers.yubico.com/yubico-c/Releases/"
158 name "-" version ".tar.gz"))
159 (sha256
160 (base32
58c5fb76 161 "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
6036453f
LC		 162 (build-system gnu-build-system)
163 (synopsis "Development kit for the YubiKey authentication device")
164 (description
165 "This package contains a C library and command-line tools that make up
166the low-level development kit for the Yubico YubiKey authentication device.")
167 (home-page "https://developers.yubico.com/yubico-c/")
07b1fb86 168 (license license:bsd-2)))
6036453f 169
a6b256af
MG		 170(define-public pcsc-lite
171 (package
172 (name "pcsc-lite")
ee74a076 173 (version "1.8.25")
a6b256af
MG		 174 (source (origin
175 (method url-fetch)
176 (uri (string-append
01c6607a
TGR		 177 "https://pcsclite.apdu.fr/files/"
178 name "-" version ".tar.bz2"))
a6b256af
MG		 179 (sha256
180 (base32
ee74a076 181 "14l7irs1nsh8b036ag4cfy8wryyysch78scz5dw6xxqwqgnpjvfp"))))
a6b256af
MG		 182 (build-system gnu-build-system)
183 (arguments
972fa870
MB		 184 `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
185 "--disable-libsystemd")))
a6b256af
MG		 186 (native-inputs
187 `(("perl" ,perl) ; for pod2man
188 ("pkg-config" ,pkg-config)))
189 (inputs
190 `(("libudev" ,eudev)))
01c6607a 191 (home-page "https://pcsclite.apdu.fr/")
a6b256af
MG		 192 (synopsis "Middleware to access a smart card using PC/SC")
193 (description
194 "pcsc-lite provides an interface to communicate with smartcards and
195readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon
196from a client application and provide access to the desired reader.")
197 (license (list license:bsd-3 ; pcsc-lite
a6b256af
MG		 198 license:isc ; src/strlcat.c src/strlcpy.c
199 license:gpl3+)))) ; src/spy/*
200
6036453f
LC		 201(define-public ykclient
202 (package
203 (name "ykclient")
f6b1a8f7 204 (version "2.15")
6036453f
LC		 205 (source (origin
206 (method url-fetch)
207 (uri (string-append
208 "https://developers.yubico.com/yubico-c-client/Releases/"
209 name "-" version ".tar.gz"))
210 (sha256
211 (base32
f6b1a8f7 212 "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
6036453f
LC		 213 (build-system gnu-build-system)
214
215 ;; There's just one test, and it requires network access to access
216 ;; yubico.com, so skip it.
217 (arguments '(#:tests? #f))
218
219 (native-inputs `(("pkg-config" ,pkg-config)
220 ("help2man" ,help2man)))
221 (inputs `(("curl" ,curl)))
222 (synopsis "C library to validate one-time-password YubiKeys")
223 (description
224 "YubiKey C Client Library (libykclient) is a C library used to validate a
225one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico
226website for more information about Yubico and the YubiKey.")
227 (home-page "https://developers.yubico.com/yubico-c-client/")
07b1fb86 228 (license license:bsd-2)))
a6706f30
CM		 229
230(define-public opensc
231 (package
232 (name "opensc")
508d5c5f 233 (version "0.19.0")
a6706f30
CM		 234 (source (origin
235 (method url-fetch)
236 (uri (string-append
237 "https://github.com/OpenSC/OpenSC/releases/download/"
238 version "/opensc-" version ".tar.gz"))
239 (sha256
240 (base32
508d5c5f 241 "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
a6706f30
CM		 242 (build-system gnu-build-system)
243 (arguments
244 `(#:phases
245 (modify-phases %standard-phases
246 ;; By setting an absolute path here, we arrange for OpenSC to
247 ;; successfully dlopen libpcsclite.so.1 by default. The user can
248 ;; still override this if they want to, by specifying a custom OpenSC
249 ;; configuration file at runtime.
250 (add-after 'unpack 'set-default-libpcsclite.so.1-path
251 (lambda* (#:key inputs #:allow-other-keys)
252 (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
253 "/lib/libpcsclite.so.1")))
254 (substitute* "configure"
255 (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
256 (string-append
257 "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
5799e5ae
MB		 258 #t)))
259 (add-before 'check 'disable-broken-test
260 (lambda _
261 ;; XXX: This test is fixed in git, remove this phase for >= 0.19.
262 (substitute* "doc/tools/Makefile"
263 (("TESTS = test-manpage.sh") "TESTS = "))
264 #t)))))
a6706f30
CM		 265 (inputs
266 `(("readline" ,readline)
267 ("openssl" ,openssl)
268 ("pcsc-lite" ,pcsc-lite)
269 ("ccid" ,ccid)))
270 (native-inputs
271 `(("libxslt" ,libxslt)
272 ("docbook-xsl" ,docbook-xsl)
273 ("pkg-config" ,pkg-config)))
274 (home-page "https://github.com/OpenSC/OpenSC/wiki")
275 (synopsis "Tools and libraries related to smart cards")
276 (description
277 "OpenSC is a set of software tools and libraries to work with smart
278cards, with the focus on smart cards with cryptographic capabilities. OpenSC
279facilitate the use of smart cards in security applications such as
280authentication, encryption and digital signatures. OpenSC implements the PKCS
281#15 standard and the PKCS #11 API.")
282 (license license:lgpl2.1+)))
ba8d8820
CM		 283
284(define-public yubico-piv-tool
285 (package
286 (name "yubico-piv-tool")
574e2ee8 287 (version "1.6.1")
ba8d8820
CM		 288 (source (origin
289 (method url-fetch)
290 (uri (string-append
291 "https://developers.yubico.com/yubico-piv-tool/Releases/"
292 name "-" version ".tar.gz"))
293 (sha256
294 (base32
574e2ee8 295 "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
ba8d8820
CM		 296 (build-system gnu-build-system)
297 (inputs
aa3ad4b1
MB		 298 `(("gengetopt" ,gengetopt)
299 ("perl" ,perl)
ba8d8820
CM		 300 ("pcsc-lite" ,pcsc-lite)
301 ("openssl" ,openssl)))
302 (native-inputs
303 `(("doxygen" ,doxygen)
304 ("graphviz" ,graphviz)
aa3ad4b1 305 ("help2man" ,help2man)
ba8d8820
CM		 306 ("check" ,check)
307 ("texlive-bin" ,texlive-bin)
308 ("pkg-config" ,pkg-config)))
309 (home-page "https://developers.yubico.com/yubico-piv-tool/")
310 (synopsis "Interact with the PIV application on a YubiKey")
311 (description
312 "The Yubico PIV tool is used for interacting with the Privilege and
313Identification Card (PIV) application on a YubiKey. With it you may generate
314keys on the device, import keys and certificates, create certificate requests,
315and other operations. It includes a library and a command-line tool.")
316 ;; The file ykcs11/pkcs11.h also declares an additional, very short free
317 ;; license for that one file. Please see it for details. The vast
318 ;; majority of files are licensed under bsd-2.
319 (license license:bsd-2)))
a5523942
CM		 320
321(define-public yubikey-personalization
322 (package
323 (name "yubikey-personalization")
a9203c23 324 (version "1.19.3")
a5523942
CM		 325 (source (origin
326 (method url-fetch)
327 (uri (string-append
328 "https://developers.yubico.com/" name
329 "/Releases/ykpers-" version ".tar.gz"))
330 (sha256
331 (base32
a9203c23 332 "0jhvnavjrpwzmmjcw486df5s48j53njqgyz36yz3dskbaz3kwlfr"))))
a5523942
CM		 333 (build-system gnu-build-system)
334 (arguments
335 '(#:configure-flags (list (string-append "--with-udevrulesdir="
336 (assoc-ref %outputs "out")
337 "/lib/udev/rules.d"))))
338 (inputs
339 `(("json-c" ,json-c)
340 ("libusb" ,libusb)
341 ;; The library "libyubikey" is also known as "yubico-c".
342 ("libyubikey" ,libyubikey)))
343 (native-inputs
344 `(("pkg-config" ,pkg-config)
345 ("eudev" ,eudev)))
346 (home-page "https://developers.yubico.com/yubikey-personalization/")
347 (synopsis "Library and tools to personalize YubiKeys")
348 (description
349 "The YubiKey Personalization package contains a C library and command
350line tools for personalizing YubiKeys. You can use these to set an AES key,
351retrieve a YubiKey's serial number, and so forth.")
352 (license license:bsd-2)))
404037f8
CM		 353
354(define-public python-pyscard
355 (package
356 (name "python-pyscard")
8a8e4491 357 (version "1.9.9")
404037f8
CM		 358 (source (origin
359 (method url-fetch)
360 ;; The maintainer publishes releases on various sites, but
361 ;; SourceForge is apparently the only one with a signed release.
362 (uri (string-append
363 "mirror://sourceforge/pyscard/pyscard/pyscard%20"
364 version "/pyscard-" version ".tar.gz"))
365 (sha256
366 (base32
8a8e4491 367 "082cjkbxadaz2jb4rbhr0mkrirzlqyqhcf3r823qb0q1k50ybgg6"))))
404037f8
CM		 368 (build-system python-build-system)
369 (arguments
370 `(#:phases
371 (modify-phases %standard-phases
372 ;; Tell pyscard where to find the PCSC include directory.
373 (add-after 'unpack 'patch-platform-include-dirs
374 (lambda* (#:key inputs #:allow-other-keys)
375 (let ((pcsc-include-dir (string-append
376 (assoc-ref inputs "pcsc-lite")
377 "/include/PCSC")))
378 (substitute* "setup.py"
379 (("platform_include_dirs = \\[.*?\\]")
380 (string-append
381 "platform_include_dirs = ['" pcsc-include-dir "']")))
382 #t)))
383 ;; pyscard wants to dlopen libpcsclite, so tell it where it is.
384 (add-after 'unpack 'patch-dlopen
385 (lambda* (#:key inputs #:allow-other-keys)
386 (substitute* "smartcard/scard/winscarddll.c"
387 (("lib = \"libpcsclite\\.so\\.1\";")
388 (simple-format #f
389 "lib = \"~a\";"
390 (string-append (assoc-ref inputs "pcsc-lite")
391 "/lib/libpcsclite.so.1"))))
392 #t)))))
393 (inputs
394 `(("pcsc-lite" ,pcsc-lite)))
395 (native-inputs
396 `(("swig" ,swig)))
397 (home-page "https://github.com/LudovicRousseau/pyscard")
398 (synopsis "Smart card library for Python")
399 (description
400 "The pyscard smart card library is a framework for building smart card
401aware applications in Python. The smart card module is built on top of the
402PCSC API Python wrapper module.")
403 (license license:lgpl2.1+)))
404
405(define-public python2-pyscard
406 (package-with-python2 python-pyscard))
5f7d151c
CM		 407
408(define-public libu2f-host
409 (package
410 (name "libu2f-host")
b8ae2e9e 411 (version "1.1.10")
5f7d151c
CM		 412 (source (origin
413 (method url-fetch)
414 (uri
415 (string-append
416 "https://developers.yubico.com"
417 "/libu2f-host/Releases/libu2f-host-" version ".tar.xz"))
418 (sha256
419 (base32
b8ae2e9e 420 "0vrivl1dwql6nfi48z6dy56fwy2z13d7abgahgrs2mcmqng7hra2"))))
5f7d151c
CM		 421 (build-system gnu-build-system)
422 (arguments
423 `(#:configure-flags
424 (list "--enable-gtk-doc"
425 (string-append "--with-udevrulesdir="
426 (assoc-ref %outputs "out")
427 "/lib/udev/rules.d"))
428 #:phases
429 (modify-phases %standard-phases
430 (add-after 'unpack 'patch-docbook-xml
431 (lambda* (#:key inputs #:allow-other-keys)
432 ;; Avoid a network connection attempt during the build.
433 (substitute* "gtk-doc/u2f-host-docs.xml"
434 (("http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd")
435 (string-append (assoc-ref inputs "docbook-xml")
436 "/xml/dtd/docbook/docbookx.dtd")))
437 #t)))))
438 (inputs
439 `(("json-c" ,json-c)
440 ("hidapi" ,hidapi)))
441 (native-inputs
442 `(("help2man" ,help2man)
443 ("gengetopt" ,gengetopt)
444 ("pkg-config" ,pkg-config)
445 ("gtk-doc" ,gtk-doc)
446 ("docbook-xml" ,docbook-xml-4.3)
447 ("eudev" ,eudev)))
448 (home-page "https://developers.yubico.com/libu2f-host/")
449 ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
450 (synopsis "U2F host-side C library and tool")
451 (description
452 "Libu2f-host provides a C library and command-line tool that implements
453the host-side of the Universal 2nd Factor (U2F) protocol. There are APIs to
454talk to a U2F device and perform the U2F Register and U2F Authenticate
455operations.")
456 ;; Most files are LGPLv2.1+, but some files are GPLv3+.
457 (license (list license:lgpl2.1+ license:gpl3+))))
5297e975 458
53471636
RW		 459(define-public libu2f-server
460 (package
461 (name "libu2f-server")
462 (version "1.1.0")
463 (source (origin
464 (method git-fetch)
465 (uri
466 (git-reference
467 (url "https://github.com/Yubico/libu2f-server.git")
468 (commit (string-append "libu2f-server-" version))))
469 (file-name (git-file-name name version))
470 (sha256
471 (base32
472 "1nmsfq372zza5y6j13ydincjf324bwfcjg950vykh166xkp6wiic"))))
473 (build-system gnu-build-system)
474 (arguments
475 `(#:configure-flags
476 (list "--enable-gtk-doc"
477 "--enable-tests")))
478 (inputs
479 `(("json-c" ,json-c)
480 ("libressl" ,libressl)))
481 (native-inputs
482 `(("autoconf" ,autoconf)
483 ("automake" ,automake)
484 ("libtool" ,libtool)
485 ("check" ,check)
486 ("gengetopt" ,gengetopt)
487 ("help2man" ,help2man)
488 ("pkg-config" ,pkg-config)
489 ("gtk-doc" ,gtk-doc)
490 ("which" ,which)))
491 (home-page "https://developers.yubico.com/libu2f-server/")
492 ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
493 (synopsis "U2F server-side C library")
494 (description
495 "This is a C library that implements the server-side of the
496@dfn{Universal 2nd Factor} (U2F) protocol. More precisely, it provides an API
497for generating the JSON blobs required by U2F devices to perform the U2F
498Registration and U2F Authentication operations, and functionality for
499verifying the cryptographic operations.")
500 (license license:bsd-2)))
501
40645ebb
RW		 502(define-public pam-u2f
503 (package
504 (name "pam-u2f")
505 (version "1.0.8")
506 (source (origin
507 (method git-fetch)
508 (uri
509 (git-reference
510 (url "https://github.com/Yubico/pam-u2f.git")
511 (commit (string-append "pam_u2f-" version))))
512 (file-name (git-file-name name version))
513 (sha256
514 (base32
515 "04d9davyi33gqbvga1rvh9fijp6f16mx2xmnn4n61rnhcn2jac98"))))
516 (build-system gnu-build-system)
517 (arguments
518 `(#:configure-flags
519 (list (string-append "--with-pam-dir="
520 (assoc-ref %outputs "out") "/lib/security"))))
521 (inputs
522 `(("libu2f-host" ,libu2f-host)
523 ("libu2f-server" ,libu2f-server)
524 ("linux-pam" ,linux-pam)))
525 (native-inputs
526 `(("autoconf" ,autoconf)
527 ("automake" ,automake)
528 ("libtool" ,libtool)
529 ("asciidoc" ,asciidoc)
530 ("pkg-config" ,pkg-config)))
531 (home-page "https://developers.yubico.com/pam-u2f/")
532 (synopsis "PAM module for U2F authentication")
533 (description
534 "This package provides a module implementing PAM over U2F, providing an
535easy way to integrate the YubiKey (or other U2F compliant authenticators) into
536your existing infrastructure.")
537 (license license:bsd-2)))
538
5297e975
CM		 539(define-public python-fido2
540 (package
541 (name "python-fido2")
542 (version "0.5.0")
543 (source (origin
544 (method url-fetch)
545 (uri
546 (string-append
547 "https://github.com/Yubico/python-fido2/releases/download/"
548 version "/fido2-" version ".tar.gz"))
549 (sha256
550 (base32
551 "1pl8d2pr6jzqj4y9qiaddhjgnl92kikjxy0bgzm2jshkzzic8mp3"))
552 (snippet
553 ;; Remove bundled dependency.
554 #~(delete-file "fido2/public_suffix_list.dat"))))
555 (build-system python-build-system)
556 (arguments
557 `(#:phases
558 (modify-phases %standard-phases
559 (add-after 'unpack 'install-public-suffix-list
560 (lambda* (#:key inputs #:allow-other-keys)
561 (copy-file
562 (string-append (assoc-ref inputs "public-suffix-list")
563 "/share/public-suffix-list-"
564 ,(package-version public-suffix-list)
565 "/public_suffix_list.dat")
566 "fido2/public_suffix_list.dat")
567 #t)))))
568 (propagated-inputs
569 `(("python-cryptography" ,python-cryptography)
570 ("python-six" ,python-six)))
571 (native-inputs
572 `(("python-mock" ,python-mock)
573 ("python-pyfakefs" ,python-pyfakefs)
574 ("public-suffix-list" ,public-suffix-list)))
575 (home-page "https://github.com/Yubico/python-fido2")
576 (synopsis "Python library for communicating with FIDO devices over USB")
577 (description
578 "This Python library provides functionality for communicating with a Fast
579IDentity Online (FIDO) device over Universal Serial Bus (USB) as well as
580verifying attestation and assertion signatures. It aims to support the FIDO
581Universal 2nd Factor (U2F) and FIDO 2.0 protocols for communicating with a USB
582authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2). In
583addition to this low-level device access, classes defined in the
584@code{fido2.client} and @code{fido2.server} modules implement higher level
585operations which are useful when interfacing with an Authenticator, or when
586implementing a Relying Party.")
587 ;; python-fido2 contains some derivative files originally from pyu2f
588 ;; (https://github.com/google/pyu2f). These files are licensed under the
589 ;; Apache License, version 2.0. The maintainers have customized these
590 ;; files for internal use, so they are not really a bundled dependency.
591 (license (list license:bsd-2 license:asl2.0))))
592
593(define-public python2-fido2
594 (package-with-python2 python-fido2))
47288061
CM		 595
596(define-public python-yubikey-manager
597 (package
598 (name "python-yubikey-manager")
599 (version "2.1.0")
600 (source (origin
601 (method url-fetch)
602 (uri (string-append
603 "https://developers.yubico.com/yubikey-manager/Releases"
604 "/yubikey-manager-" version ".tar.gz"))
605 (sha256
606 (base32
607 "11rsmcaj60k3y5m5gdhr2nbbz0w5dm3m04klyxz0fh5hnpcmr7fm"))))
608 (build-system python-build-system)
609 (propagated-inputs
610 `(("python-six" ,python-six)
611 ("python-pyscard" ,python-pyscard)
612 ("python-pyusb" ,python-pyusb)
613 ("python-click" ,python-click)
614 ("python-cryptography" ,python-cryptography)
615 ("python-pyopenssl" ,python-pyopenssl)
616 ("python-fido2" ,python-fido2)))
617 (inputs
618 `(("yubikey-personalization" ,yubikey-personalization)
619 ("pcsc-lite" ,pcsc-lite)
620 ("libusb" ,libusb)))
621 (native-inputs
622 `(("swig" ,swig)
623 ("python-mock" ,python-mock)))
624 (home-page "https://developers.yubico.com/yubikey-manager/")
625 (synopsis "Command line tool and library for configuring a YubiKey")
626 (description
627 "Python library and command line tool for configuring a YubiKey. Note
628that after installing this package, you might still need to add appropriate
629udev rules to your system configuration to be able to configure the YubiKey as
630an unprivileged user.")
631 (license license:bsd-2)))
632
633(define-public python2-yubikey-manager
634 (package-with-python2 python-yubikey-manager))
jackhill's copy of GNU Guix: https://guix.gnu.org/