[jackhill/guix/guix.git] / gnu / packages / security-token.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages security-token)
  #:use-module (gnu packages)
  #:use-module ((guix licenses) #:prefix license:)
  #:use-module (guix packages)
  #:use-module (guix download)
  #:use-module (guix git-download)
  #:use-module (guix build-system gnu)
  #:use-module (guix build-system glib-or-gtk)
  #:use-module (gnu packages autotools)
  #:use-module (gnu packages curl)
  #:use-module (gnu packages check)
  #:use-module (gnu packages docbook)
  #:use-module (gnu packages documentation)
  #:use-module (gnu packages gettext)
  #:use-module (gnu packages graphviz)
  #:use-module (gnu packages gtk)
  #:use-module (gnu packages libusb)
  #:use-module (gnu packages linux)
  #:use-module (gnu packages man)
  #:use-module (gnu packages networking)
  #:use-module (gnu packages cyrus-sasl)
  #:use-module (gnu packages popt)
  #:use-module (gnu packages readline)
  #:use-module (gnu packages tls)
  #:use-module (gnu packages tex)
  #:use-module (gnu packages perl)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages web)
  #:use-module (gnu packages xml))

(define-public ccid
  (package
    (name "ccid")
    (version "1.4.30")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://ccid.apdu.fr/files/"
                    name "-" version ".tar.bz2"))
              (sha256
               (base32
                "0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc"))))
    (build-system gnu-build-system)
    (arguments
     `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
                                              "/pcsc/drivers"))
       #:phases
       (modify-phases %standard-phases
         (add-after 'unpack 'patch-Makefile
           (lambda _
             (substitute* "src/Makefile.in"
               (("/bin/echo") (which "echo")))
             #t)))))
    (native-inputs
     `(("pcsc-lite" ,pcsc-lite)         ; only required for headers
       ("perl" ,perl)
       ("pkg-config" ,pkg-config)))
    (inputs
     `(("libusb" ,libusb)))
    (home-page "https://ccid.apdu.fr/")
    (synopsis "PC/SC driver for USB smart card devices")
    (description
     "This package provides a PC/SC IFD handler implementation for devices
compliant with the CCID and ICCD protocols.  It supports a wide range of
readers and is needed to communicate with such devices through the
@command{pcscd} resource manager.")
    (license license:lgpl2.1+)))

(define-public eid-mw
  (package
    (name "eid-mw")
    (version "4.4.13")
    (source
     (origin
       (method git-fetch)
       (uri (git-reference
             (url "https://github.com/Fedict/eid-mw")
             (commit (string-append "v" version))))
       (sha256
        (base32 "14bgn2k0xbd6241qdghg787pgxy7k9rvcspaf74zwwyibaqknzyx"))))
    (build-system glib-or-gtk-build-system)
    (native-inputs
     `(("autoconf" ,autoconf)
       ("automake" ,automake)
       ("gettext" ,gnu-gettext)
       ("libtool" ,libtool)
       ("pkg-config" ,pkg-config)
       ("perl" ,perl)))
    (inputs
     `(("curl" ,curl)
       ("openssl" ,openssl)
       ("gtk+" ,gtk+)
       ("pcsc-lite" ,pcsc-lite)
       ("p11-kit" ,p11-kit)
       ("libproxy" ,libproxy)
       ("libxml2" ,libxml2)
       ("cyrus-sasl" ,cyrus-sasl)))
    (arguments
     `(#:phases
       (modify-phases %standard-phases
         (add-after 'unpack 'bootstrap
           (lambda _
             ;; configure.ac relies on ‘git --describe’ to get the version.
             ;; Patch it to just return the real version number directly.
             (substitute* "scripts/build-aux/genver.sh"
               (("/bin/sh") (which "sh"))
               (("^(GITDESC=).*" match) (string-append match ,version "\n")))
             (invoke "sh" "./bootstrap.sh"))))))
    (synopsis "Belgian eID Middleware")
    (description "The Belgian eID Middleware is required to authenticate with
online services using the Belgian electronic identity card.")
    (home-page "https://github.com/Fedict/eid-mw")
    (license license:lgpl3)))

(define-public libyubikey
  (package
    (name "libyubikey")
    (version "1.13")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-c/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
    (build-system gnu-build-system)
    (synopsis "Development kit for the YubiKey authentication device")
    (description
     "This package contains a C library and command-line tools that make up
the low-level development kit for the Yubico YubiKey authentication device.")
    (home-page "https://developers.yubico.com/yubico-c/")
    (license license:bsd-2)))

(define-public pcsc-lite
  (package
    (name "pcsc-lite")
    (version "1.8.24")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://pcsclite.apdu.fr/files/"
                    name "-" version ".tar.bz2"))
              (sha256
               (base32
                "0s3mv6csbi9303vvis0hilm71xsmi6cqkbh2kiipdisydbx6865q"))))
    (build-system gnu-build-system)
    (arguments
     `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
                           "--disable-libsystemd")))
    (native-inputs
     `(("perl" ,perl)                   ; for pod2man
       ("pkg-config" ,pkg-config)))
    (inputs
     `(("libudev" ,eudev)))
    (home-page "https://pcsclite.apdu.fr/")
    (synopsis "Middleware to access a smart card using PC/SC")
    (description
     "pcsc-lite provides an interface to communicate with smartcards and
readers using the SCard API.  pcsc-lite is used to connect to the PC/SC daemon
from a client application and provide access to the desired reader.")
    (license (list license:bsd-3                ; pcsc-lite
                   license:isc                  ; src/strlcat.c src/strlcpy.c
                   license:gpl3+))))            ; src/spy/*

(define-public ykclient
  (package
    (name "ykclient")
    (version "2.15")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-c-client/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
    (build-system gnu-build-system)

    ;; There's just one test, and it requires network access to access
    ;; yubico.com, so skip it.
    (arguments '(#:tests? #f))

    (native-inputs `(("pkg-config" ,pkg-config)
                     ("help2man" ,help2man)))
    (inputs `(("curl" ,curl)))
    (synopsis "C library to validate one-time-password YubiKeys")
    (description
     "YubiKey C Client Library (libykclient) is a C library used to validate a
one-time-password (OTP) YubiKey against Yubico’s servers.  See the Yubico
website for more information about Yubico and the YubiKey.")
    (home-page "https://developers.yubico.com/yubico-c-client/")
    (license license:bsd-2)))

(define-public opensc
  (package
    (name "opensc")
    (version "0.19.0")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://github.com/OpenSC/OpenSC/releases/download/"
                    version "/opensc-" version ".tar.gz"))
              (sha256
               (base32
                "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
       (modify-phases %standard-phases
         ;; By setting an absolute path here, we arrange for OpenSC to
         ;; successfully dlopen libpcsclite.so.1 by default.  The user can
         ;; still override this if they want to, by specifying a custom OpenSC
         ;; configuration file at runtime.
         (add-after 'unpack 'set-default-libpcsclite.so.1-path
           (lambda* (#:key inputs #:allow-other-keys)
             (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
                                               "/lib/libpcsclite.so.1")))
               (substitute* "configure"
                 (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
                  (string-append
                   "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
               #t)))
         (add-before 'check 'disable-broken-test
           (lambda _
             ;; XXX: This test is fixed in git, remove this phase for >= 0.19.
             (substitute* "doc/tools/Makefile"
               (("TESTS = test-manpage.sh") "TESTS = "))
             #t)))))
    (inputs
     `(("readline" ,readline)
       ("openssl" ,openssl)
       ("pcsc-lite" ,pcsc-lite)
       ("ccid" ,ccid)))
    (native-inputs
     `(("libxslt" ,libxslt)
       ("docbook-xsl" ,docbook-xsl)
       ("pkg-config" ,pkg-config)))
    (home-page "https://github.com/OpenSC/OpenSC/wiki")
    (synopsis "Tools and libraries related to smart cards")
    (description
     "OpenSC is a set of software tools and libraries to work with smart
cards, with the focus on smart cards with cryptographic capabilities.  OpenSC
facilitate the use of smart cards in security applications such as
authentication, encryption and digital signatures.  OpenSC implements the PKCS
#15 standard and the PKCS #11 API.")
    (license license:lgpl2.1+)))

(define-public yubico-piv-tool
  (package
    (name "yubico-piv-tool")
    (version "1.6.1")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/yubico-piv-tool/Releases/"
                    name "-" version ".tar.gz"))
              (sha256
               (base32
                "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
    (build-system gnu-build-system)
    (inputs
     `(("gengetopt" ,gengetopt)
       ("perl" ,perl)
       ("pcsc-lite" ,pcsc-lite)
       ("openssl" ,openssl)))
    (native-inputs
     `(("doxygen" ,doxygen)
       ("graphviz" ,graphviz)
       ("help2man" ,help2man)
       ("check" ,check)
       ("texlive-bin" ,texlive-bin)
       ("pkg-config" ,pkg-config)))
    (home-page "https://developers.yubico.com/yubico-piv-tool/")
    (synopsis "Interact with the PIV application on a YubiKey")
    (description
     "The Yubico PIV tool is used for interacting with the Privilege and
Identification Card (PIV) application on a YubiKey.  With it you may generate
keys on the device, import keys and certificates, create certificate requests,
and other operations.  It includes a library and a command-line tool.")
    ;; The file ykcs11/pkcs11.h also declares an additional, very short free
    ;; license for that one file.  Please see it for details.  The vast
    ;; majority of files are licensed under bsd-2.
    (license license:bsd-2)))

(define-public yubikey-personalization
  (package
    (name "yubikey-personalization")
    (version "1.19.0")
    (source (origin
              (method url-fetch)
              (uri (string-append
                    "https://developers.yubico.com/" name
                    "/Releases/ykpers-" version ".tar.gz"))
              (sha256
               (base32
                "104lc0nnqdr365fa7c4vrq67rxp1dp8idndsh9jlhnj9dnhszj1b"))))
    (build-system gnu-build-system)
    (arguments
     '(#:configure-flags (list (string-append "--with-udevrulesdir="
                                              (assoc-ref %outputs "out")
                                              "/lib/udev/rules.d"))))
    (inputs
     `(("json-c" ,json-c)
       ("libusb" ,libusb)
       ;; The library "libyubikey" is also known as "yubico-c".
       ("libyubikey" ,libyubikey)))
    (native-inputs
     `(("pkg-config" ,pkg-config)
       ("eudev" ,eudev)))
    (home-page "https://developers.yubico.com/yubikey-personalization/")
    (synopsis "Library and tools to personalize YubiKeys")
    (description
     "The YubiKey Personalization package contains a C library and command
line tools for personalizing YubiKeys.  You can use these to set an AES key,
retrieve a YubiKey's serial number, and so forth.")
    (license license:bsd-2)))
Commit	Line	Data
6036453f LC	1	;;; GNU Guix --- Functional package management for GNU
6036453f LC	2	;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
58c5fb76	3	;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
a6b256af	4	;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
58fdab1d	5	;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
e84eb77a	6	;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
249deec9	7	;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
79b43bc3	8	;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
a6706f30	9	;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
fab8a9f9	10	;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
6036453f LC	11	;;;
	12	;;; This file is part of GNU Guix.
	13	;;;
	14	;;; GNU Guix is free software; you can redistribute it and/or modify it
	15	;;; under the terms of the GNU General Public License as published by
	16	;;; the Free Software Foundation; either version 3 of the License, or (at
	17	;;; your option) any later version.
	18	;;;
	19	;;; GNU Guix is distributed in the hope that it will be useful, but
	20	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	21	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	22	;;; GNU General Public License for more details.
	23	;;;
	24	;;; You should have received a copy of the GNU General Public License
	25	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
	26
f9c33960	27	(define-module (gnu packages security-token)
6036453f	28	#:use-module (gnu packages)
07b1fb86	29	#:use-module ((guix licenses) #:prefix license:)
6036453f LC	30	#:use-module (guix packages)
6036453f LC	31	#:use-module (guix download)
13151c32	32	#:use-module (guix git-download)
6036453f	33	#:use-module (guix build-system gnu)
e84eb77a TD	34	#:use-module (guix build-system glib-or-gtk)
e84eb77a TD	35	#:use-module (gnu packages autotools)
a6b256af	36	#:use-module (gnu packages curl)
ba8d8820	37	#:use-module (gnu packages check)
a6706f30	38	#:use-module (gnu packages docbook)
ba8d8820	39	#:use-module (gnu packages documentation)
e84eb77a	40	#:use-module (gnu packages gettext)
ba8d8820	41	#:use-module (gnu packages graphviz)
e84eb77a	42	#:use-module (gnu packages gtk)
58fdab1d	43	#:use-module (gnu packages libusb)
a6b256af	44	#:use-module (gnu packages linux)
6036453f	45	#:use-module (gnu packages man)
e84eb77a TD	46	#:use-module (gnu packages networking)
e84eb77a TD	47	#:use-module (gnu packages cyrus-sasl)
aa3ad4b1	48	#:use-module (gnu packages popt)
a6706f30	49	#:use-module (gnu packages readline)
e84eb77a	50	#:use-module (gnu packages tls)
ba8d8820	51	#:use-module (gnu packages tex)
a6b256af	52	#:use-module (gnu packages perl)
e84eb77a	53	#:use-module (gnu packages pkg-config)
a5523942	54	#:use-module (gnu packages web)
e84eb77a	55	#:use-module (gnu packages xml))
6036453f	56
58fdab1d MB	57	(define-public ccid
	58	(package
	59	(name "ccid")
84c7fbfd	60	(version "1.4.30")
58fdab1d MB	61	(source (origin
	62	(method url-fetch)
	63	(uri (string-append
01c6607a TGR	64	"https://ccid.apdu.fr/files/"
01c6607a TGR	65	name "-" version ".tar.bz2"))
58fdab1d MB	66	(sha256
58fdab1d MB	67	(base32
84c7fbfd	68	"0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc"))))
58fdab1d MB	69	(build-system gnu-build-system)
	70	(arguments
	71	`(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
	72	"/pcsc/drivers"))
	73	#:phases
	74	(modify-phases %standard-phases
	75	(add-after 'unpack 'patch-Makefile
	76	(lambda _
	77	(substitute* "src/Makefile.in"
	78	(("/bin/echo") (which "echo")))
	79	#t)))))
	80	(native-inputs
84c7fbfd	81	`(("pcsc-lite" ,pcsc-lite) ; only required for headers
fab8a9f9	82	("perl" ,perl)
58fdab1d MB	83	("pkg-config" ,pkg-config)))
58fdab1d MB	84	(inputs
fab8a9f9	85	`(("libusb" ,libusb)))
01c6607a	86	(home-page "https://ccid.apdu.fr/")
58fdab1d MB	87	(synopsis "PC/SC driver for USB smart card devices")
	88	(description
	89	"This package provides a PC/SC IFD handler implementation for devices
	90	compliant with the CCID and ICCD protocols. It supports a wide range of
	91	readers and is needed to communicate with such devices through the
	92	@command{pcscd} resource manager.")
	93	(license license:lgpl2.1+)))
	94
e84eb77a TD	95	(define-public eid-mw
	96	(package
	97	(name "eid-mw")
249deec9	98	(version "4.4.13")
13151c32 TGR	99	(source
	100	(origin
	101	(method git-fetch)
	102	(uri (git-reference
	103	(url "https://github.com/Fedict/eid-mw")
	104	(commit (string-append "v" version))))
	105	(sha256
249deec9	106	(base32 "14bgn2k0xbd6241qdghg787pgxy7k9rvcspaf74zwwyibaqknzyx"))))
e84eb77a	107	(build-system glib-or-gtk-build-system)
74a83085	108	(native-inputs
e84eb77a TD	109	`(("autoconf" ,autoconf)
	110	("automake" ,automake)
	111	("gettext" ,gnu-gettext)
	112	("libtool" ,libtool)
	113	("pkg-config" ,pkg-config)
	114	("perl" ,perl)))
	115	(inputs
	116	`(("curl" ,curl)
	117	("openssl" ,openssl)
	118	("gtk+" ,gtk+)
	119	("pcsc-lite" ,pcsc-lite)
	120	("p11-kit" ,p11-kit)
	121	("libproxy" ,libproxy)
	122	("libxml2" ,libxml2)
	123	("cyrus-sasl" ,cyrus-sasl)))
	124	(arguments
	125	`(#:phases
	126	(modify-phases %standard-phases
080093ff TGR	127	(add-after 'unpack 'bootstrap
	128	(lambda _
	129	;; configure.ac relies on ‘git --describe’ to get the version.
	130	;; Patch it to just return the real version number directly.
	131	(substitute* "scripts/build-aux/genver.sh"
	132	(("/bin/sh") (which "sh"))
249deec9	133	(("^(GITDESC=).*" match) (string-append match ,version "\n")))
080093ff	134	(invoke "sh" "./bootstrap.sh"))))))
e84eb77a TD	135	(synopsis "Belgian eID Middleware")
	136	(description "The Belgian eID Middleware is required to authenticate with
	137	online services using the Belgian electronic identity card.")
	138	(home-page "https://github.com/Fedict/eid-mw")
	139	(license license:lgpl3)))
	140
6036453f LC	141	(define-public libyubikey
	142	(package
	143	(name "libyubikey")
58c5fb76	144	(version "1.13")
6036453f LC	145	(source (origin
	146	(method url-fetch)
	147	(uri (string-append
	148	"https://developers.yubico.com/yubico-c/Releases/"
	149	name "-" version ".tar.gz"))
	150	(sha256
	151	(base32
58c5fb76	152	"009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
6036453f LC	153	(build-system gnu-build-system)
	154	(synopsis "Development kit for the YubiKey authentication device")
	155	(description
	156	"This package contains a C library and command-line tools that make up
	157	the low-level development kit for the Yubico YubiKey authentication device.")
	158	(home-page "https://developers.yubico.com/yubico-c/")
07b1fb86	159	(license license:bsd-2)))
6036453f	160
a6b256af MG	161	(define-public pcsc-lite
	162	(package
	163	(name "pcsc-lite")
569adffe	164	(version "1.8.24")
a6b256af MG	165	(source (origin
	166	(method url-fetch)
	167	(uri (string-append
01c6607a TGR	168	"https://pcsclite.apdu.fr/files/"
01c6607a TGR	169	name "-" version ".tar.bz2"))
a6b256af MG	170	(sha256
a6b256af MG	171	(base32
569adffe	172	"0s3mv6csbi9303vvis0hilm71xsmi6cqkbh2kiipdisydbx6865q"))))
a6b256af MG	173	(build-system gnu-build-system)
a6b256af MG	174	(arguments
972fa870 MB	175	`(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
972fa870 MB	176	"--disable-libsystemd")))
a6b256af MG	177	(native-inputs
	178	`(("perl" ,perl) ; for pod2man
	179	("pkg-config" ,pkg-config)))
	180	(inputs
	181	`(("libudev" ,eudev)))
01c6607a	182	(home-page "https://pcsclite.apdu.fr/")
a6b256af MG	183	(synopsis "Middleware to access a smart card using PC/SC")
	184	(description
	185	"pcsc-lite provides an interface to communicate with smartcards and
	186	readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon
	187	from a client application and provide access to the desired reader.")
	188	(license (list license:bsd-3 ; pcsc-lite
a6b256af MG	189	license:isc ; src/strlcat.c src/strlcpy.c
	190	license:gpl3+)))) ; src/spy/*
	191
6036453f LC	192	(define-public ykclient
	193	(package
	194	(name "ykclient")
f6b1a8f7	195	(version "2.15")
6036453f LC	196	(source (origin
	197	(method url-fetch)
	198	(uri (string-append
	199	"https://developers.yubico.com/yubico-c-client/Releases/"
	200	name "-" version ".tar.gz"))
	201	(sha256
	202	(base32
f6b1a8f7	203	"05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
6036453f LC	204	(build-system gnu-build-system)
	205
	206	;; There's just one test, and it requires network access to access
	207	;; yubico.com, so skip it.
	208	(arguments '(#:tests? #f))
	209
	210	(native-inputs `(("pkg-config" ,pkg-config)
	211	("help2man" ,help2man)))
	212	(inputs `(("curl" ,curl)))
	213	(synopsis "C library to validate one-time-password YubiKeys")
	214	(description
	215	"YubiKey C Client Library (libykclient) is a C library used to validate a
	216	one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico
	217	website for more information about Yubico and the YubiKey.")
	218	(home-page "https://developers.yubico.com/yubico-c-client/")
07b1fb86	219	(license license:bsd-2)))
a6706f30 CM	220
	221	(define-public opensc
	222	(package
	223	(name "opensc")
508d5c5f	224	(version "0.19.0")
a6706f30 CM	225	(source (origin
	226	(method url-fetch)
	227	(uri (string-append
	228	"https://github.com/OpenSC/OpenSC/releases/download/"
	229	version "/opensc-" version ".tar.gz"))
	230	(sha256
	231	(base32
508d5c5f	232	"09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
a6706f30 CM	233	(build-system gnu-build-system)
	234	(arguments
	235	`(#:phases
	236	(modify-phases %standard-phases
	237	;; By setting an absolute path here, we arrange for OpenSC to
	238	;; successfully dlopen libpcsclite.so.1 by default. The user can
	239	;; still override this if they want to, by specifying a custom OpenSC
	240	;; configuration file at runtime.
	241	(add-after 'unpack 'set-default-libpcsclite.so.1-path
	242	(lambda* (#:key inputs #:allow-other-keys)
	243	(let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
	244	"/lib/libpcsclite.so.1")))
	245	(substitute* "configure"
	246	(("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
	247	(string-append
	248	"DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
5799e5ae MB	249	#t)))
	250	(add-before 'check 'disable-broken-test
	251	(lambda _
	252	;; XXX: This test is fixed in git, remove this phase for >= 0.19.
	253	(substitute* "doc/tools/Makefile"
	254	(("TESTS = test-manpage.sh") "TESTS = "))
	255	#t)))))
a6706f30 CM	256	(inputs
	257	`(("readline" ,readline)
	258	("openssl" ,openssl)
	259	("pcsc-lite" ,pcsc-lite)
	260	("ccid" ,ccid)))
	261	(native-inputs
	262	`(("libxslt" ,libxslt)
	263	("docbook-xsl" ,docbook-xsl)
	264	("pkg-config" ,pkg-config)))
	265	(home-page "https://github.com/OpenSC/OpenSC/wiki")
	266	(synopsis "Tools and libraries related to smart cards")
	267	(description
	268	"OpenSC is a set of software tools and libraries to work with smart
	269	cards, with the focus on smart cards with cryptographic capabilities. OpenSC
	270	facilitate the use of smart cards in security applications such as
	271	authentication, encryption and digital signatures. OpenSC implements the PKCS
	272	#15 standard and the PKCS #11 API.")
	273	(license license:lgpl2.1+)))
ba8d8820 CM	274
	275	(define-public yubico-piv-tool
	276	(package
	277	(name "yubico-piv-tool")
574e2ee8	278	(version "1.6.1")
ba8d8820 CM	279	(source (origin
	280	(method url-fetch)
	281	(uri (string-append
	282	"https://developers.yubico.com/yubico-piv-tool/Releases/"
	283	name "-" version ".tar.gz"))
	284	(sha256
	285	(base32
574e2ee8	286	"10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
ba8d8820 CM	287	(build-system gnu-build-system)
ba8d8820 CM	288	(inputs
aa3ad4b1 MB	289	`(("gengetopt" ,gengetopt)
aa3ad4b1 MB	290	("perl" ,perl)
ba8d8820 CM	291	("pcsc-lite" ,pcsc-lite)
	292	("openssl" ,openssl)))
	293	(native-inputs
	294	`(("doxygen" ,doxygen)
	295	("graphviz" ,graphviz)
aa3ad4b1	296	("help2man" ,help2man)
ba8d8820 CM	297	("check" ,check)
	298	("texlive-bin" ,texlive-bin)
	299	("pkg-config" ,pkg-config)))
	300	(home-page "https://developers.yubico.com/yubico-piv-tool/")
	301	(synopsis "Interact with the PIV application on a YubiKey")
	302	(description
	303	"The Yubico PIV tool is used for interacting with the Privilege and
	304	Identification Card (PIV) application on a YubiKey. With it you may generate
	305	keys on the device, import keys and certificates, create certificate requests,
	306	and other operations. It includes a library and a command-line tool.")
	307	;; The file ykcs11/pkcs11.h also declares an additional, very short free
	308	;; license for that one file. Please see it for details. The vast
	309	;; majority of files are licensed under bsd-2.
	310	(license license:bsd-2)))
a5523942 CM	311
	312	(define-public yubikey-personalization
	313	(package
	314	(name "yubikey-personalization")
	315	(version "1.19.0")
	316	(source (origin
	317	(method url-fetch)
	318	(uri (string-append
	319	"https://developers.yubico.com/" name
	320	"/Releases/ykpers-" version ".tar.gz"))
	321	(sha256
	322	(base32
	323	"104lc0nnqdr365fa7c4vrq67rxp1dp8idndsh9jlhnj9dnhszj1b"))))
	324	(build-system gnu-build-system)
	325	(arguments
	326	'(#:configure-flags (list (string-append "--with-udevrulesdir="
	327	(assoc-ref %outputs "out")
	328	"/lib/udev/rules.d"))))
	329	(inputs
	330	`(("json-c" ,json-c)
	331	("libusb" ,libusb)
	332	;; The library "libyubikey" is also known as "yubico-c".
	333	("libyubikey" ,libyubikey)))
	334	(native-inputs
	335	`(("pkg-config" ,pkg-config)
	336	("eudev" ,eudev)))
	337	(home-page "https://developers.yubico.com/yubikey-personalization/")
	338	(synopsis "Library and tools to personalize YubiKeys")
	339	(description
	340	"The YubiKey Personalization package contains a C library and command
	341	line tools for personalizing YubiKeys. You can use these to set an AES key,
	342	retrieve a YubiKey's serial number, and so forth.")
	343	(license license:bsd-2)))