Commit | Line | Data |
---|---|---|
6036453f LC |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org> | |
58c5fb76 | 3 | ;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il> |
a6b256af | 4 | ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org> |
58fdab1d | 5 | ;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com> |
e84eb77a | 6 | ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be> |
249deec9 | 7 | ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr> |
79b43bc3 | 8 | ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net> |
a6706f30 | 9 | ;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com> |
fab8a9f9 | 10 | ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net> |
6036453f LC |
11 | ;;; |
12 | ;;; This file is part of GNU Guix. | |
13 | ;;; | |
14 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
15 | ;;; under the terms of the GNU General Public License as published by | |
16 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
17 | ;;; your option) any later version. | |
18 | ;;; | |
19 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
20 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
21 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
22 | ;;; GNU General Public License for more details. | |
23 | ;;; | |
24 | ;;; You should have received a copy of the GNU General Public License | |
25 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
26 | ||
f9c33960 | 27 | (define-module (gnu packages security-token) |
6036453f | 28 | #:use-module (gnu packages) |
07b1fb86 | 29 | #:use-module ((guix licenses) #:prefix license:) |
6036453f LC |
30 | #:use-module (guix packages) |
31 | #:use-module (guix download) | |
13151c32 | 32 | #:use-module (guix git-download) |
6036453f | 33 | #:use-module (guix build-system gnu) |
e84eb77a TD |
34 | #:use-module (guix build-system glib-or-gtk) |
35 | #:use-module (gnu packages autotools) | |
a6b256af | 36 | #:use-module (gnu packages curl) |
ba8d8820 | 37 | #:use-module (gnu packages check) |
a6706f30 | 38 | #:use-module (gnu packages docbook) |
ba8d8820 | 39 | #:use-module (gnu packages documentation) |
e84eb77a | 40 | #:use-module (gnu packages gettext) |
ba8d8820 | 41 | #:use-module (gnu packages graphviz) |
e84eb77a | 42 | #:use-module (gnu packages gtk) |
58fdab1d | 43 | #:use-module (gnu packages libusb) |
a6b256af | 44 | #:use-module (gnu packages linux) |
6036453f | 45 | #:use-module (gnu packages man) |
e84eb77a TD |
46 | #:use-module (gnu packages networking) |
47 | #:use-module (gnu packages cyrus-sasl) | |
aa3ad4b1 | 48 | #:use-module (gnu packages popt) |
a6706f30 | 49 | #:use-module (gnu packages readline) |
e84eb77a | 50 | #:use-module (gnu packages tls) |
ba8d8820 | 51 | #:use-module (gnu packages tex) |
a6b256af | 52 | #:use-module (gnu packages perl) |
e84eb77a | 53 | #:use-module (gnu packages pkg-config) |
a5523942 | 54 | #:use-module (gnu packages web) |
e84eb77a | 55 | #:use-module (gnu packages xml)) |
6036453f | 56 | |
58fdab1d MB |
57 | (define-public ccid |
58 | (package | |
59 | (name "ccid") | |
84c7fbfd | 60 | (version "1.4.30") |
58fdab1d MB |
61 | (source (origin |
62 | (method url-fetch) | |
63 | (uri (string-append | |
01c6607a TGR |
64 | "https://ccid.apdu.fr/files/" |
65 | name "-" version ".tar.bz2")) | |
58fdab1d MB |
66 | (sha256 |
67 | (base32 | |
84c7fbfd | 68 | "0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc")))) |
58fdab1d MB |
69 | (build-system gnu-build-system) |
70 | (arguments | |
71 | `(#:configure-flags (list (string-append "--enable-usbdropdir=" %output | |
72 | "/pcsc/drivers")) | |
73 | #:phases | |
74 | (modify-phases %standard-phases | |
75 | (add-after 'unpack 'patch-Makefile | |
76 | (lambda _ | |
77 | (substitute* "src/Makefile.in" | |
78 | (("/bin/echo") (which "echo"))) | |
79 | #t))))) | |
80 | (native-inputs | |
84c7fbfd | 81 | `(("pcsc-lite" ,pcsc-lite) ; only required for headers |
fab8a9f9 | 82 | ("perl" ,perl) |
58fdab1d MB |
83 | ("pkg-config" ,pkg-config))) |
84 | (inputs | |
fab8a9f9 | 85 | `(("libusb" ,libusb))) |
01c6607a | 86 | (home-page "https://ccid.apdu.fr/") |
58fdab1d MB |
87 | (synopsis "PC/SC driver for USB smart card devices") |
88 | (description | |
89 | "This package provides a PC/SC IFD handler implementation for devices | |
90 | compliant with the CCID and ICCD protocols. It supports a wide range of | |
91 | readers and is needed to communicate with such devices through the | |
92 | @command{pcscd} resource manager.") | |
93 | (license license:lgpl2.1+))) | |
94 | ||
e84eb77a TD |
95 | (define-public eid-mw |
96 | (package | |
97 | (name "eid-mw") | |
249deec9 | 98 | (version "4.4.13") |
13151c32 TGR |
99 | (source |
100 | (origin | |
101 | (method git-fetch) | |
102 | (uri (git-reference | |
103 | (url "https://github.com/Fedict/eid-mw") | |
104 | (commit (string-append "v" version)))) | |
105 | (sha256 | |
249deec9 | 106 | (base32 "14bgn2k0xbd6241qdghg787pgxy7k9rvcspaf74zwwyibaqknzyx")))) |
e84eb77a | 107 | (build-system glib-or-gtk-build-system) |
74a83085 | 108 | (native-inputs |
e84eb77a TD |
109 | `(("autoconf" ,autoconf) |
110 | ("automake" ,automake) | |
111 | ("gettext" ,gnu-gettext) | |
112 | ("libtool" ,libtool) | |
113 | ("pkg-config" ,pkg-config) | |
114 | ("perl" ,perl))) | |
115 | (inputs | |
116 | `(("curl" ,curl) | |
117 | ("openssl" ,openssl) | |
118 | ("gtk+" ,gtk+) | |
119 | ("pcsc-lite" ,pcsc-lite) | |
120 | ("p11-kit" ,p11-kit) | |
121 | ("libproxy" ,libproxy) | |
122 | ("libxml2" ,libxml2) | |
123 | ("cyrus-sasl" ,cyrus-sasl))) | |
124 | (arguments | |
125 | `(#:phases | |
126 | (modify-phases %standard-phases | |
080093ff TGR |
127 | (add-after 'unpack 'bootstrap |
128 | (lambda _ | |
129 | ;; configure.ac relies on ‘git --describe’ to get the version. | |
130 | ;; Patch it to just return the real version number directly. | |
131 | (substitute* "scripts/build-aux/genver.sh" | |
132 | (("/bin/sh") (which "sh")) | |
249deec9 | 133 | (("^(GITDESC=).*" match) (string-append match ,version "\n"))) |
080093ff | 134 | (invoke "sh" "./bootstrap.sh")))))) |
e84eb77a TD |
135 | (synopsis "Belgian eID Middleware") |
136 | (description "The Belgian eID Middleware is required to authenticate with | |
137 | online services using the Belgian electronic identity card.") | |
138 | (home-page "https://github.com/Fedict/eid-mw") | |
139 | (license license:lgpl3))) | |
140 | ||
6036453f LC |
141 | (define-public libyubikey |
142 | (package | |
143 | (name "libyubikey") | |
58c5fb76 | 144 | (version "1.13") |
6036453f LC |
145 | (source (origin |
146 | (method url-fetch) | |
147 | (uri (string-append | |
148 | "https://developers.yubico.com/yubico-c/Releases/" | |
149 | name "-" version ".tar.gz")) | |
150 | (sha256 | |
151 | (base32 | |
58c5fb76 | 152 | "009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84")))) |
6036453f LC |
153 | (build-system gnu-build-system) |
154 | (synopsis "Development kit for the YubiKey authentication device") | |
155 | (description | |
156 | "This package contains a C library and command-line tools that make up | |
157 | the low-level development kit for the Yubico YubiKey authentication device.") | |
158 | (home-page "https://developers.yubico.com/yubico-c/") | |
07b1fb86 | 159 | (license license:bsd-2))) |
6036453f | 160 | |
a6b256af MG |
161 | (define-public pcsc-lite |
162 | (package | |
163 | (name "pcsc-lite") | |
569adffe | 164 | (version "1.8.24") |
a6b256af MG |
165 | (source (origin |
166 | (method url-fetch) | |
167 | (uri (string-append | |
01c6607a TGR |
168 | "https://pcsclite.apdu.fr/files/" |
169 | name "-" version ".tar.bz2")) | |
a6b256af MG |
170 | (sha256 |
171 | (base32 | |
569adffe | 172 | "0s3mv6csbi9303vvis0hilm71xsmi6cqkbh2kiipdisydbx6865q")))) |
a6b256af MG |
173 | (build-system gnu-build-system) |
174 | (arguments | |
972fa870 MB |
175 | `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers" |
176 | "--disable-libsystemd"))) | |
a6b256af MG |
177 | (native-inputs |
178 | `(("perl" ,perl) ; for pod2man | |
179 | ("pkg-config" ,pkg-config))) | |
180 | (inputs | |
181 | `(("libudev" ,eudev))) | |
01c6607a | 182 | (home-page "https://pcsclite.apdu.fr/") |
a6b256af MG |
183 | (synopsis "Middleware to access a smart card using PC/SC") |
184 | (description | |
185 | "pcsc-lite provides an interface to communicate with smartcards and | |
186 | readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon | |
187 | from a client application and provide access to the desired reader.") | |
188 | (license (list license:bsd-3 ; pcsc-lite | |
a6b256af MG |
189 | license:isc ; src/strlcat.c src/strlcpy.c |
190 | license:gpl3+)))) ; src/spy/* | |
191 | ||
6036453f LC |
192 | (define-public ykclient |
193 | (package | |
194 | (name "ykclient") | |
f6b1a8f7 | 195 | (version "2.15") |
6036453f LC |
196 | (source (origin |
197 | (method url-fetch) | |
198 | (uri (string-append | |
199 | "https://developers.yubico.com/yubico-c-client/Releases/" | |
200 | name "-" version ".tar.gz")) | |
201 | (sha256 | |
202 | (base32 | |
f6b1a8f7 | 203 | "05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl")))) |
6036453f LC |
204 | (build-system gnu-build-system) |
205 | ||
206 | ;; There's just one test, and it requires network access to access | |
207 | ;; yubico.com, so skip it. | |
208 | (arguments '(#:tests? #f)) | |
209 | ||
210 | (native-inputs `(("pkg-config" ,pkg-config) | |
211 | ("help2man" ,help2man))) | |
212 | (inputs `(("curl" ,curl))) | |
213 | (synopsis "C library to validate one-time-password YubiKeys") | |
214 | (description | |
215 | "YubiKey C Client Library (libykclient) is a C library used to validate a | |
216 | one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico | |
217 | website for more information about Yubico and the YubiKey.") | |
218 | (home-page "https://developers.yubico.com/yubico-c-client/") | |
07b1fb86 | 219 | (license license:bsd-2))) |
a6706f30 CM |
220 | |
221 | (define-public opensc | |
222 | (package | |
223 | (name "opensc") | |
508d5c5f | 224 | (version "0.19.0") |
a6706f30 CM |
225 | (source (origin |
226 | (method url-fetch) | |
227 | (uri (string-append | |
228 | "https://github.com/OpenSC/OpenSC/releases/download/" | |
229 | version "/opensc-" version ".tar.gz")) | |
230 | (sha256 | |
231 | (base32 | |
508d5c5f | 232 | "09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic")))) |
a6706f30 CM |
233 | (build-system gnu-build-system) |
234 | (arguments | |
235 | `(#:phases | |
236 | (modify-phases %standard-phases | |
237 | ;; By setting an absolute path here, we arrange for OpenSC to | |
238 | ;; successfully dlopen libpcsclite.so.1 by default. The user can | |
239 | ;; still override this if they want to, by specifying a custom OpenSC | |
240 | ;; configuration file at runtime. | |
241 | (add-after 'unpack 'set-default-libpcsclite.so.1-path | |
242 | (lambda* (#:key inputs #:allow-other-keys) | |
243 | (let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite") | |
244 | "/lib/libpcsclite.so.1"))) | |
245 | (substitute* "configure" | |
246 | (("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"") | |
247 | (string-append | |
248 | "DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\""))) | |
5799e5ae MB |
249 | #t))) |
250 | (add-before 'check 'disable-broken-test | |
251 | (lambda _ | |
252 | ;; XXX: This test is fixed in git, remove this phase for >= 0.19. | |
253 | (substitute* "doc/tools/Makefile" | |
254 | (("TESTS = test-manpage.sh") "TESTS = ")) | |
255 | #t))))) | |
a6706f30 CM |
256 | (inputs |
257 | `(("readline" ,readline) | |
258 | ("openssl" ,openssl) | |
259 | ("pcsc-lite" ,pcsc-lite) | |
260 | ("ccid" ,ccid))) | |
261 | (native-inputs | |
262 | `(("libxslt" ,libxslt) | |
263 | ("docbook-xsl" ,docbook-xsl) | |
264 | ("pkg-config" ,pkg-config))) | |
265 | (home-page "https://github.com/OpenSC/OpenSC/wiki") | |
266 | (synopsis "Tools and libraries related to smart cards") | |
267 | (description | |
268 | "OpenSC is a set of software tools and libraries to work with smart | |
269 | cards, with the focus on smart cards with cryptographic capabilities. OpenSC | |
270 | facilitate the use of smart cards in security applications such as | |
271 | authentication, encryption and digital signatures. OpenSC implements the PKCS | |
272 | #15 standard and the PKCS #11 API.") | |
273 | (license license:lgpl2.1+))) | |
ba8d8820 CM |
274 | |
275 | (define-public yubico-piv-tool | |
276 | (package | |
277 | (name "yubico-piv-tool") | |
574e2ee8 | 278 | (version "1.6.1") |
ba8d8820 CM |
279 | (source (origin |
280 | (method url-fetch) | |
281 | (uri (string-append | |
282 | "https://developers.yubico.com/yubico-piv-tool/Releases/" | |
283 | name "-" version ".tar.gz")) | |
284 | (sha256 | |
285 | (base32 | |
574e2ee8 | 286 | "10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi")))) |
ba8d8820 CM |
287 | (build-system gnu-build-system) |
288 | (inputs | |
aa3ad4b1 MB |
289 | `(("gengetopt" ,gengetopt) |
290 | ("perl" ,perl) | |
ba8d8820 CM |
291 | ("pcsc-lite" ,pcsc-lite) |
292 | ("openssl" ,openssl))) | |
293 | (native-inputs | |
294 | `(("doxygen" ,doxygen) | |
295 | ("graphviz" ,graphviz) | |
aa3ad4b1 | 296 | ("help2man" ,help2man) |
ba8d8820 CM |
297 | ("check" ,check) |
298 | ("texlive-bin" ,texlive-bin) | |
299 | ("pkg-config" ,pkg-config))) | |
300 | (home-page "https://developers.yubico.com/yubico-piv-tool/") | |
301 | (synopsis "Interact with the PIV application on a YubiKey") | |
302 | (description | |
303 | "The Yubico PIV tool is used for interacting with the Privilege and | |
304 | Identification Card (PIV) application on a YubiKey. With it you may generate | |
305 | keys on the device, import keys and certificates, create certificate requests, | |
306 | and other operations. It includes a library and a command-line tool.") | |
307 | ;; The file ykcs11/pkcs11.h also declares an additional, very short free | |
308 | ;; license for that one file. Please see it for details. The vast | |
309 | ;; majority of files are licensed under bsd-2. | |
310 | (license license:bsd-2))) | |
a5523942 CM |
311 | |
312 | (define-public yubikey-personalization | |
313 | (package | |
314 | (name "yubikey-personalization") | |
315 | (version "1.19.0") | |
316 | (source (origin | |
317 | (method url-fetch) | |
318 | (uri (string-append | |
319 | "https://developers.yubico.com/" name | |
320 | "/Releases/ykpers-" version ".tar.gz")) | |
321 | (sha256 | |
322 | (base32 | |
323 | "104lc0nnqdr365fa7c4vrq67rxp1dp8idndsh9jlhnj9dnhszj1b")))) | |
324 | (build-system gnu-build-system) | |
325 | (arguments | |
326 | '(#:configure-flags (list (string-append "--with-udevrulesdir=" | |
327 | (assoc-ref %outputs "out") | |
328 | "/lib/udev/rules.d")))) | |
329 | (inputs | |
330 | `(("json-c" ,json-c) | |
331 | ("libusb" ,libusb) | |
332 | ;; The library "libyubikey" is also known as "yubico-c". | |
333 | ("libyubikey" ,libyubikey))) | |
334 | (native-inputs | |
335 | `(("pkg-config" ,pkg-config) | |
336 | ("eudev" ,eudev))) | |
337 | (home-page "https://developers.yubico.com/yubikey-personalization/") | |
338 | (synopsis "Library and tools to personalize YubiKeys") | |
339 | (description | |
340 | "The YubiKey Personalization package contains a C library and command | |
341 | line tools for personalizing YubiKeys. You can use these to set an AES key, | |
342 | retrieve a YubiKey's serial number, and so forth.") | |
343 | (license license:bsd-2))) |