HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Remove ".git" from "https://github/…/….git".
[jackhill/guix/guix.git] / gnu / packages / security-token.scm
CommitLineData
6036453f
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
58c5fb76 3;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
a6b256af 4;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
58fdab1d 5;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
e84eb77a 6;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
a0e63ce4 7;;; Copyright © 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
53471636 8;;; Copyright © 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
404037f8 9;;; Copyright © 2018, 2019 Chris Marusich <cmmarusich@gmail.com>
fab8a9f9 10;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
6036453f
LC		 11;;;
12;;; This file is part of GNU Guix.
13;;;
14;;; GNU Guix is free software; you can redistribute it and/or modify it
15;;; under the terms of the GNU General Public License as published by
16;;; the Free Software Foundation; either version 3 of the License, or (at
17;;; your option) any later version.
18;;;
19;;; GNU Guix is distributed in the hope that it will be useful, but
20;;; WITHOUT ANY WARRANTY; without even the implied warranty of
21;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22;;; GNU General Public License for more details.
23;;;
24;;; You should have received a copy of the GNU General Public License
25;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
26
f9c33960 27(define-module (gnu packages security-token)
6036453f 28 #:use-module (gnu packages)
07b1fb86 29 #:use-module ((guix licenses) #:prefix license:)
6036453f
LC		 30 #:use-module (guix packages)
31 #:use-module (guix download)
5297e975 32 #:use-module (guix gexp)
13151c32 33 #:use-module (guix git-download)
6036453f 34 #:use-module (guix build-system gnu)
e84eb77a 35 #:use-module (guix build-system glib-or-gtk)
404037f8 36 #:use-module (guix build-system python)
e84eb77a 37 #:use-module (gnu packages autotools)
53471636 38 #:use-module (gnu packages base)
a6b256af 39 #:use-module (gnu packages curl)
ba8d8820 40 #:use-module (gnu packages check)
a6706f30 41 #:use-module (gnu packages docbook)
ba8d8820 42 #:use-module (gnu packages documentation)
5297e975 43 #:use-module (gnu packages dns)
e84eb77a 44 #:use-module (gnu packages gettext)
ba8d8820 45 #:use-module (gnu packages graphviz)
e84eb77a 46 #:use-module (gnu packages gtk)
58fdab1d 47 #:use-module (gnu packages libusb)
a6b256af 48 #:use-module (gnu packages linux)
6036453f 49 #:use-module (gnu packages man)
e84eb77a
TD		 50 #:use-module (gnu packages networking)
51 #:use-module (gnu packages cyrus-sasl)
aa3ad4b1 52 #:use-module (gnu packages popt)
a6706f30 53 #:use-module (gnu packages readline)
e84eb77a 54 #:use-module (gnu packages tls)
ba8d8820 55 #:use-module (gnu packages tex)
a6b256af 56 #:use-module (gnu packages perl)
e84eb77a 57 #:use-module (gnu packages pkg-config)
404037f8 58 #:use-module (gnu packages python)
5297e975
CM		 59 #:use-module (gnu packages python-crypto)
60 #:use-module (gnu packages python-xyz)
404037f8 61 #:use-module (gnu packages swig)
a5523942 62 #:use-module (gnu packages web)
e84eb77a 63 #:use-module (gnu packages xml))
6036453f 64
58fdab1d
MB		 65(define-public ccid
66 (package
67 (name "ccid")
2806d868 68 (version "1.4.32")
58fdab1d
MB		 69 (source (origin
70 (method url-fetch)
71 (uri (string-append
01c6607a
TGR		 72 "https://ccid.apdu.fr/files/"
73 name "-" version ".tar.bz2"))
58fdab1d
MB		 74 (sha256
75 (base32
2806d868 76 "0f8nzk7379ip4x2ii5vn6h67jyx733pq0ywnnsj2llbxi2vllpsl"))))
58fdab1d
MB		 77 (build-system gnu-build-system)
78 (arguments
79 `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
80 "/pcsc/drivers"))
81 #:phases
82 (modify-phases %standard-phases
83 (add-after 'unpack 'patch-Makefile
84 (lambda _
85 (substitute* "src/Makefile.in"
86 (("/bin/echo") (which "echo")))
87 #t)))))
88 (native-inputs
84c7fbfd 89 `(("pcsc-lite" ,pcsc-lite) ; only required for headers
fab8a9f9 90 ("perl" ,perl)
58fdab1d
MB		 91 ("pkg-config" ,pkg-config)))
92 (inputs
fab8a9f9 93 `(("libusb" ,libusb)))
01c6607a 94 (home-page "https://ccid.apdu.fr/")
58fdab1d
MB		 95 (synopsis "PC/SC driver for USB smart card devices")
96 (description
97 "This package provides a PC/SC IFD handler implementation for devices
98compliant with the CCID and ICCD protocols. It supports a wide range of
99readers and is needed to communicate with such devices through the
100@command{pcscd} resource manager.")
101 (license license:lgpl2.1+)))
102
e84eb77a
TD		 103(define-public eid-mw
104 (package
105 (name "eid-mw")
b6389525 106 (version "4.4.27")
13151c32
TGR		 107 (source
108 (origin
109 (method git-fetch)
110 (uri (git-reference
111 (url "https://github.com/Fedict/eid-mw")
112 (commit (string-append "v" version))))
4fdad3ed 113 (file-name (git-file-name name version))
13151c32 114 (sha256
b6389525 115 (base32 "17lw8iwp7h5cs3db80sysr84ffi333cf2vrhncs9l6hy6glfl2v1"))))
e84eb77a 116 (build-system glib-or-gtk-build-system)
74a83085 117 (native-inputs
e84eb77a
TD		 118 `(("autoconf" ,autoconf)
119 ("automake" ,automake)
f2d97d57 120 ("gettext" ,gettext-minimal)
e84eb77a
TD		 121 ("libtool" ,libtool)
122 ("pkg-config" ,pkg-config)
123 ("perl" ,perl)))
124 (inputs
125 `(("curl" ,curl)
126 ("openssl" ,openssl)
127 ("gtk+" ,gtk+)
128 ("pcsc-lite" ,pcsc-lite)
129 ("p11-kit" ,p11-kit)
130 ("libproxy" ,libproxy)
131 ("libxml2" ,libxml2)
132 ("cyrus-sasl" ,cyrus-sasl)))
133 (arguments
134 `(#:phases
135 (modify-phases %standard-phases
080093ff
TGR		 136 (add-after 'unpack 'bootstrap
137 (lambda _
138 ;; configure.ac relies on ‘git --describe’ to get the version.
139 ;; Patch it to just return the real version number directly.
140 (substitute* "scripts/build-aux/genver.sh"
141 (("/bin/sh") (which "sh"))
b6389525 142 (("^(GITDESC=).*" _ match) (string-append match ,version "\n")))
080093ff 143 (invoke "sh" "./bootstrap.sh"))))))
e84eb77a
TD		 144 (synopsis "Belgian eID Middleware")
145 (description "The Belgian eID Middleware is required to authenticate with
146online services using the Belgian electronic identity card.")
147 (home-page "https://github.com/Fedict/eid-mw")
148 (license license:lgpl3)))
149
6036453f
LC		 150(define-public libyubikey
151 (package
152 (name "libyubikey")
58c5fb76 153 (version "1.13")
6036453f
LC		 154 (source (origin
155 (method url-fetch)
156 (uri (string-append
157 "https://developers.yubico.com/yubico-c/Releases/"
158 name "-" version ".tar.gz"))
159 (sha256
160 (base32
58c5fb76 161 "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
6036453f
LC		 162 (build-system gnu-build-system)
163 (synopsis "Development kit for the YubiKey authentication device")
164 (description
165 "This package contains a C library and command-line tools that make up
166the low-level development kit for the Yubico YubiKey authentication device.")
167 (home-page "https://developers.yubico.com/yubico-c/")
07b1fb86 168 (license license:bsd-2)))
6036453f 169
2bed28f4
CB		 170(define-public softhsm
171 (package
172 (name "softhsm")
173 (version "2.6.1")
174 (source (origin
175 (method url-fetch)
176 (uri (string-append
177 "https://dist.opendnssec.org/source/"
178 "softhsm-" version ".tar.gz"))
179 (sha256
180 (base32
181 "1wkmyi6n3z2pak1cj5yk6v6bv9w0m24skycya48iikab0mrr8931"))))
182 (build-system gnu-build-system)
183 (arguments
184 '(#:configure-flags '("--disable-gost"))) ; TODO Missing the OpenSSL
185 ; engine for GOST
186 (inputs
187 `(("openssl" ,openssl)))
188 (native-inputs
189 `(("pkg-config" ,pkg-config)
190 ("cppunit" ,cppunit)))
191 (synopsis "Software implementation of a generic cryptographic device")
192 (description
193 "SoftHSM 2 is a software implementation of a generic cryptographic device
194with a PKCS #11 Cryptographic Token Interface.")
195 (home-page "https://www.opendnssec.org/softhsm/")
196 (license license:bsd-2)))
197
a6b256af
MG		 198(define-public pcsc-lite
199 (package
200 (name "pcsc-lite")
a0e63ce4 201 (version "1.8.26")
a6b256af
MG		 202 (source (origin
203 (method url-fetch)
b256ab50
TGR		 204 (uri (string-append "https://pcsclite.apdu.fr/files/"
205 "pcsc-lite-" version ".tar.bz2"))
a6b256af
MG		 206 (sha256
207 (base32
a0e63ce4 208 "1ndvvz0fgqwz70pijymsxmx25mzryb0zav1i8jjc067ndryvxdry"))))
a6b256af
MG		 209 (build-system gnu-build-system)
210 (arguments
972fa870
MB		 211 `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
212 "--disable-libsystemd")))
a6b256af
MG		 213 (native-inputs
214 `(("perl" ,perl) ; for pod2man
215 ("pkg-config" ,pkg-config)))
216 (inputs
217 `(("libudev" ,eudev)))
01c6607a 218 (home-page "https://pcsclite.apdu.fr/")
a6b256af
MG		 219 (synopsis "Middleware to access a smart card using PC/SC")
220 (description
221 "pcsc-lite provides an interface to communicate with smartcards and
222readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon
223from a client application and provide access to the desired reader.")
224 (license (list license:bsd-3 ; pcsc-lite
a6b256af
MG		 225 license:isc ; src/strlcat.c src/strlcpy.c
226 license:gpl3+)))) ; src/spy/*
227
6036453f
LC		 228(define-public ykclient
229 (package
230 (name "ykclient")
f6b1a8f7 231 (version "2.15")
6036453f
LC		 232 (source (origin
233 (method url-fetch)
234 (uri (string-append
235 "https://developers.yubico.com/yubico-c-client/Releases/"
236 name "-" version ".tar.gz"))
237 (sha256
238 (base32
f6b1a8f7 239 "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
6036453f
LC		 240 (build-system gnu-build-system)
241
242 ;; There's just one test, and it requires network access to access
243 ;; yubico.com, so skip it.
244 (arguments '(#:tests? #f))
245
246 (native-inputs `(("pkg-config" ,pkg-config)
247 ("help2man" ,help2man)))
248 (inputs `(("curl" ,curl)))
249 (synopsis "C library to validate one-time-password YubiKeys")
250 (description
251 "YubiKey C Client Library (libykclient) is a C library used to validate a
252one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico
253website for more information about Yubico and the YubiKey.")
254 (home-page "https://developers.yubico.com/yubico-c-client/")
07b1fb86 255 (license license:bsd-2)))
a6706f30
CM		 256
257(define-public opensc
258 (package
259 (name "opensc")
508d5c5f 260 (version "0.19.0")
a6706f30
CM		 261 (source (origin
262 (method url-fetch)
263 (uri (string-append
264 "https://github.com/OpenSC/OpenSC/releases/download/"
265 version "/opensc-" version ".tar.gz"))
266 (sha256
267 (base32
508d5c5f 268 "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
a6706f30
CM		 269 (build-system gnu-build-system)
270 (arguments
271 `(#:phases
272 (modify-phases %standard-phases
273 ;; By setting an absolute path here, we arrange for OpenSC to
274 ;; successfully dlopen libpcsclite.so.1 by default. The user can
275 ;; still override this if they want to, by specifying a custom OpenSC
276 ;; configuration file at runtime.
277 (add-after 'unpack 'set-default-libpcsclite.so.1-path
278 (lambda* (#:key inputs #:allow-other-keys)
279 (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
280 "/lib/libpcsclite.so.1")))
281 (substitute* "configure"
282 (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
283 (string-append
284 "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
bfd99572 285 #t))))))
a6706f30
CM		 286 (inputs
287 `(("readline" ,readline)
288 ("openssl" ,openssl)
289 ("pcsc-lite" ,pcsc-lite)
290 ("ccid" ,ccid)))
291 (native-inputs
292 `(("libxslt" ,libxslt)
293 ("docbook-xsl" ,docbook-xsl)
294 ("pkg-config" ,pkg-config)))
295 (home-page "https://github.com/OpenSC/OpenSC/wiki")
296 (synopsis "Tools and libraries related to smart cards")
297 (description
298 "OpenSC is a set of software tools and libraries to work with smart
299cards, with the focus on smart cards with cryptographic capabilities. OpenSC
300facilitate the use of smart cards in security applications such as
301authentication, encryption and digital signatures. OpenSC implements the PKCS
302#15 standard and the PKCS #11 API.")
303 (license license:lgpl2.1+)))
ba8d8820
CM		 304
305(define-public yubico-piv-tool
306 (package
307 (name "yubico-piv-tool")
574e2ee8 308 (version "1.6.1")
ba8d8820
CM		 309 (source (origin
310 (method url-fetch)
311 (uri (string-append
312 "https://developers.yubico.com/yubico-piv-tool/Releases/"
313 name "-" version ".tar.gz"))
314 (sha256
315 (base32
574e2ee8 316 "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
ba8d8820
CM		 317 (build-system gnu-build-system)
318 (inputs
aa3ad4b1
MB		 319 `(("gengetopt" ,gengetopt)
320 ("perl" ,perl)
ba8d8820
CM		 321 ("pcsc-lite" ,pcsc-lite)
322 ("openssl" ,openssl)))
323 (native-inputs
324 `(("doxygen" ,doxygen)
325 ("graphviz" ,graphviz)
aa3ad4b1 326 ("help2man" ,help2man)
ba8d8820
CM		 327 ("check" ,check)
328 ("texlive-bin" ,texlive-bin)
329 ("pkg-config" ,pkg-config)))
330 (home-page "https://developers.yubico.com/yubico-piv-tool/")
331 (synopsis "Interact with the PIV application on a YubiKey")
332 (description
333 "The Yubico PIV tool is used for interacting with the Privilege and
334Identification Card (PIV) application on a YubiKey. With it you may generate
335keys on the device, import keys and certificates, create certificate requests,
336and other operations. It includes a library and a command-line tool.")
337 ;; The file ykcs11/pkcs11.h also declares an additional, very short free
338 ;; license for that one file. Please see it for details. The vast
339 ;; majority of files are licensed under bsd-2.
340 (license license:bsd-2)))
a5523942
CM		 341
342(define-public yubikey-personalization
343 (package
344 (name "yubikey-personalization")
a9203c23 345 (version "1.19.3")
a5523942
CM		 346 (source (origin
347 (method url-fetch)
348 (uri (string-append
349 "https://developers.yubico.com/" name
350 "/Releases/ykpers-" version ".tar.gz"))
351 (sha256
352 (base32
a9203c23 353 "0jhvnavjrpwzmmjcw486df5s48j53njqgyz36yz3dskbaz3kwlfr"))))
a5523942
CM		 354 (build-system gnu-build-system)
355 (arguments
356 '(#:configure-flags (list (string-append "--with-udevrulesdir="
357 (assoc-ref %outputs "out")
358 "/lib/udev/rules.d"))))
359 (inputs
beec29da 360 `(("json-c" ,json-c-0.13)
a5523942
CM		 361 ("libusb" ,libusb)
362 ;; The library "libyubikey" is also known as "yubico-c".
363 ("libyubikey" ,libyubikey)))
364 (native-inputs
365 `(("pkg-config" ,pkg-config)
366 ("eudev" ,eudev)))
367 (home-page "https://developers.yubico.com/yubikey-personalization/")
368 (synopsis "Library and tools to personalize YubiKeys")
369 (description
370 "The YubiKey Personalization package contains a C library and command
371line tools for personalizing YubiKeys. You can use these to set an AES key,
372retrieve a YubiKey's serial number, and so forth.")
373 (license license:bsd-2)))
404037f8
CM		 374
375(define-public python-pyscard
376 (package
377 (name "python-pyscard")
8a8e4491 378 (version "1.9.9")
404037f8
CM		 379 (source (origin
380 (method url-fetch)
381 ;; The maintainer publishes releases on various sites, but
382 ;; SourceForge is apparently the only one with a signed release.
383 (uri (string-append
384 "mirror://sourceforge/pyscard/pyscard/pyscard%20"
385 version "/pyscard-" version ".tar.gz"))
386 (sha256
387 (base32
8a8e4491 388 "082cjkbxadaz2jb4rbhr0mkrirzlqyqhcf3r823qb0q1k50ybgg6"))))
404037f8
CM		 389 (build-system python-build-system)
390 (arguments
391 `(#:phases
392 (modify-phases %standard-phases
393 ;; Tell pyscard where to find the PCSC include directory.
394 (add-after 'unpack 'patch-platform-include-dirs
395 (lambda* (#:key inputs #:allow-other-keys)
396 (let ((pcsc-include-dir (string-append
397 (assoc-ref inputs "pcsc-lite")
398 "/include/PCSC")))
399 (substitute* "setup.py"
400 (("platform_include_dirs = \\[.*?\\]")
401 (string-append
402 "platform_include_dirs = ['" pcsc-include-dir "']")))
403 #t)))
404 ;; pyscard wants to dlopen libpcsclite, so tell it where it is.
405 (add-after 'unpack 'patch-dlopen
406 (lambda* (#:key inputs #:allow-other-keys)
407 (substitute* "smartcard/scard/winscarddll.c"
408 (("lib = \"libpcsclite\\.so\\.1\";")
409 (simple-format #f
410 "lib = \"~a\";"
411 (string-append (assoc-ref inputs "pcsc-lite")
412 "/lib/libpcsclite.so.1"))))
413 #t)))))
414 (inputs
415 `(("pcsc-lite" ,pcsc-lite)))
416 (native-inputs
417 `(("swig" ,swig)))
418 (home-page "https://github.com/LudovicRousseau/pyscard")
419 (synopsis "Smart card library for Python")
420 (description
421 "The pyscard smart card library is a framework for building smart card
422aware applications in Python. The smart card module is built on top of the
423PCSC API Python wrapper module.")
424 (license license:lgpl2.1+)))
425
426(define-public python2-pyscard
427 (package-with-python2 python-pyscard))
5f7d151c
CM		 428
429(define-public libu2f-host
430 (package
431 (name "libu2f-host")
b8ae2e9e 432 (version "1.1.10")
5f7d151c
CM		 433 (source (origin
434 (method url-fetch)
435 (uri
436 (string-append
437 "https://developers.yubico.com"
438 "/libu2f-host/Releases/libu2f-host-" version ".tar.xz"))
439 (sha256
440 (base32
b8ae2e9e 441 "0vrivl1dwql6nfi48z6dy56fwy2z13d7abgahgrs2mcmqng7hra2"))))
5f7d151c
CM		 442 (build-system gnu-build-system)
443 (arguments
444 `(#:configure-flags
445 (list "--enable-gtk-doc"
446 (string-append "--with-udevrulesdir="
447 (assoc-ref %outputs "out")
448 "/lib/udev/rules.d"))
449 #:phases
450 (modify-phases %standard-phases
451 (add-after 'unpack 'patch-docbook-xml
452 (lambda* (#:key inputs #:allow-other-keys)
453 ;; Avoid a network connection attempt during the build.
454 (substitute* "gtk-doc/u2f-host-docs.xml"
455 (("http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd")
456 (string-append (assoc-ref inputs "docbook-xml")
457 "/xml/dtd/docbook/docbookx.dtd")))
458 #t)))))
459 (inputs
beec29da 460 `(("json-c" ,json-c-0.13)
5f7d151c
CM		 461 ("hidapi" ,hidapi)))
462 (native-inputs
463 `(("help2man" ,help2man)
464 ("gengetopt" ,gengetopt)
465 ("pkg-config" ,pkg-config)
466 ("gtk-doc" ,gtk-doc)
467 ("docbook-xml" ,docbook-xml-4.3)
468 ("eudev" ,eudev)))
469 (home-page "https://developers.yubico.com/libu2f-host/")
470 ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
471 (synopsis "U2F host-side C library and tool")
472 (description
473 "Libu2f-host provides a C library and command-line tool that implements
474the host-side of the Universal 2nd Factor (U2F) protocol. There are APIs to
475talk to a U2F device and perform the U2F Register and U2F Authenticate
476operations.")
477 ;; Most files are LGPLv2.1+, but some files are GPLv3+.
478 (license (list license:lgpl2.1+ license:gpl3+))))
5297e975 479
53471636
RW		 480(define-public libu2f-server
481 (package
482 (name "libu2f-server")
483 (version "1.1.0")
484 (source (origin
485 (method git-fetch)
486 (uri
487 (git-reference
b0e7b699 488 (url "https://github.com/Yubico/libu2f-server")
53471636
RW		 489 (commit (string-append "libu2f-server-" version))))
490 (file-name (git-file-name name version))
491 (sha256
492 (base32
493 "1nmsfq372zza5y6j13ydincjf324bwfcjg950vykh166xkp6wiic"))))
494 (build-system gnu-build-system)
495 (arguments
496 `(#:configure-flags
497 (list "--enable-gtk-doc"
498 "--enable-tests")))
499 (inputs
beec29da 500 `(("json-c" ,json-c-0.13)
53471636
RW		 501 ("libressl" ,libressl)))
502 (native-inputs
503 `(("autoconf" ,autoconf)
504 ("automake" ,automake)
505 ("libtool" ,libtool)
506 ("check" ,check)
507 ("gengetopt" ,gengetopt)
508 ("help2man" ,help2man)
509 ("pkg-config" ,pkg-config)
510 ("gtk-doc" ,gtk-doc)
511 ("which" ,which)))
512 (home-page "https://developers.yubico.com/libu2f-server/")
513 ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
514 (synopsis "U2F server-side C library")
515 (description
516 "This is a C library that implements the server-side of the
517@dfn{Universal 2nd Factor} (U2F) protocol. More precisely, it provides an API
518for generating the JSON blobs required by U2F devices to perform the U2F
519Registration and U2F Authentication operations, and functionality for
520verifying the cryptographic operations.")
521 (license license:bsd-2)))
522
40645ebb
RW		 523(define-public pam-u2f
524 (package
525 (name "pam-u2f")
526 (version "1.0.8")
527 (source (origin
528 (method git-fetch)
529 (uri
530 (git-reference
b0e7b699 531 (url "https://github.com/Yubico/pam-u2f")
40645ebb
RW		 532 (commit (string-append "pam_u2f-" version))))
533 (file-name (git-file-name name version))
534 (sha256
535 (base32
536 "04d9davyi33gqbvga1rvh9fijp6f16mx2xmnn4n61rnhcn2jac98"))))
537 (build-system gnu-build-system)
538 (arguments
539 `(#:configure-flags
540 (list (string-append "--with-pam-dir="
541 (assoc-ref %outputs "out") "/lib/security"))))
542 (inputs
543 `(("libu2f-host" ,libu2f-host)
544 ("libu2f-server" ,libu2f-server)
545 ("linux-pam" ,linux-pam)))
546 (native-inputs
547 `(("autoconf" ,autoconf)
548 ("automake" ,automake)
549 ("libtool" ,libtool)
550 ("asciidoc" ,asciidoc)
551 ("pkg-config" ,pkg-config)))
552 (home-page "https://developers.yubico.com/pam-u2f/")
553 (synopsis "PAM module for U2F authentication")
554 (description
555 "This package provides a module implementing PAM over U2F, providing an
556easy way to integrate the YubiKey (or other U2F compliant authenticators) into
557your existing infrastructure.")
558 (license license:bsd-2)))
559
5297e975
CM		 560(define-public python-fido2
561 (package
562 (name "python-fido2")
563 (version "0.5.0")
564 (source (origin
565 (method url-fetch)
566 (uri
567 (string-append
568 "https://github.com/Yubico/python-fido2/releases/download/"
569 version "/fido2-" version ".tar.gz"))
570 (sha256
571 (base32
572 "1pl8d2pr6jzqj4y9qiaddhjgnl92kikjxy0bgzm2jshkzzic8mp3"))
573 (snippet
574 ;; Remove bundled dependency.
575 #~(delete-file "fido2/public_suffix_list.dat"))))
576 (build-system python-build-system)
577 (arguments
578 `(#:phases
579 (modify-phases %standard-phases
580 (add-after 'unpack 'install-public-suffix-list
581 (lambda* (#:key inputs #:allow-other-keys)
582 (copy-file
583 (string-append (assoc-ref inputs "public-suffix-list")
584 "/share/public-suffix-list-"
585 ,(package-version public-suffix-list)
586 "/public_suffix_list.dat")
587 "fido2/public_suffix_list.dat")
588 #t)))))
589 (propagated-inputs
590 `(("python-cryptography" ,python-cryptography)
591 ("python-six" ,python-six)))
592 (native-inputs
593 `(("python-mock" ,python-mock)
594 ("python-pyfakefs" ,python-pyfakefs)
595 ("public-suffix-list" ,public-suffix-list)))
596 (home-page "https://github.com/Yubico/python-fido2")
597 (synopsis "Python library for communicating with FIDO devices over USB")
598 (description
599 "This Python library provides functionality for communicating with a Fast
600IDentity Online (FIDO) device over Universal Serial Bus (USB) as well as
601verifying attestation and assertion signatures. It aims to support the FIDO
602Universal 2nd Factor (U2F) and FIDO 2.0 protocols for communicating with a USB
603authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2). In
604addition to this low-level device access, classes defined in the
605@code{fido2.client} and @code{fido2.server} modules implement higher level
606operations which are useful when interfacing with an Authenticator, or when
607implementing a Relying Party.")
608 ;; python-fido2 contains some derivative files originally from pyu2f
609 ;; (https://github.com/google/pyu2f). These files are licensed under the
610 ;; Apache License, version 2.0. The maintainers have customized these
611 ;; files for internal use, so they are not really a bundled dependency.
612 (license (list license:bsd-2 license:asl2.0))))
613
614(define-public python2-fido2
615 (package-with-python2 python-fido2))
47288061
CM		 616
617(define-public python-yubikey-manager
618 (package
619 (name "python-yubikey-manager")
620 (version "2.1.0")
621 (source (origin
622 (method url-fetch)
623 (uri (string-append
624 "https://developers.yubico.com/yubikey-manager/Releases"
625 "/yubikey-manager-" version ".tar.gz"))
626 (sha256
627 (base32
628 "11rsmcaj60k3y5m5gdhr2nbbz0w5dm3m04klyxz0fh5hnpcmr7fm"))))
629 (build-system python-build-system)
630 (propagated-inputs
631 `(("python-six" ,python-six)
632 ("python-pyscard" ,python-pyscard)
633 ("python-pyusb" ,python-pyusb)
634 ("python-click" ,python-click)
635 ("python-cryptography" ,python-cryptography)
636 ("python-pyopenssl" ,python-pyopenssl)
637 ("python-fido2" ,python-fido2)))
638 (inputs
639 `(("yubikey-personalization" ,yubikey-personalization)
640 ("pcsc-lite" ,pcsc-lite)
641 ("libusb" ,libusb)))
642 (native-inputs
643 `(("swig" ,swig)
644 ("python-mock" ,python-mock)))
645 (home-page "https://developers.yubico.com/yubikey-manager/")
646 (synopsis "Command line tool and library for configuring a YubiKey")
647 (description
648 "Python library and command line tool for configuring a YubiKey. Note
649that after installing this package, you might still need to add appropriate
650udev rules to your system configuration to be able to configure the YubiKey as
651an unprivileged user.")
652 (license license:bsd-2)))
653
654(define-public python2-yubikey-manager
655 (package-with-python2 python-yubikey-manager))
jackhill's copy of GNU Guix: https://guix.gnu.org/