[jackhill/guix/guix.git] / gnu / packages / gnupg.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu packages gnupg)
  #:use-module (guix licenses)
  #:use-module (gnu packages curl)
  #:use-module (gnu packages openldap)
  #:use-module (gnu packages perl)
  #:use-module (gnu packages pth)
  #:use-module (gnu packages python)
  #:use-module (gnu packages readline)
  #:use-module ((gnu packages compression) #:prefix guix:)
  #:use-module (gnu packages gtk)
  #:use-module (gnu packages glib)
  #:use-module (gnu packages pkg-config)
  #:use-module (gnu packages ncurses)
  #:use-module (guix packages)
  #:use-module (guix download)
  #:use-module (guix build-system gnu))

(define-public libgpg-error
  (package
    (name "libgpg-error")
    (version "1.18")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "0408v19h3h0q6w61g51hgbdg6cyw81nyzkh70qfprvsc3pkddwcz"))))
    (build-system gnu-build-system)
    (home-page "http://gnupg.org")
    (synopsis "Library of error values for GnuPG components")
    (description
     "Libgpg-error is a small library that defines common error values
for all GnuPG components.  Among these are GPG, GPGSM, GPGME,
GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
Daemon and possibly more in the future.")
    (license lgpl2.0+)))

(define-public libgcrypt
  (package
    (name "libgcrypt")
    (version "1.6.2")
    (source (origin
             (method url-fetch)
             (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
                                 version ".tar.bz2"))
             (sha256
              (base32
               "0k2wi34qhp5hq71w1ab3kw1gfsx7xff79bvynqkxp35kls94826y"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error-host" ,libgpg-error)))
    (native-inputs
     ;; Needed here for the 'gpg-error' program.
     `(("libgpg-error-native" ,libgpg-error)))
    (arguments
     ;; The '--with-gpg-error-prefix' argument is needed because otherwise
     ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
     ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
     `(#:configure-flags
       (list (string-append "--with-gpg-error-prefix="
                            (assoc-ref %build-inputs "libgpg-error-host")))))
    (outputs '("out" "debug"))
    (home-page "http://gnupg.org/")
    (synopsis "Cryptographic function library")
    (description
     "Libgcrypt is a general-purpose cryptographic library.  It provides the
standard cryptographic building blocks such as symmetric ciphers, hash
algorithms, public key algorithms, large integer functions and random number
generation.")
    (license lgpl2.0+)))

(define-public libgcrypt-1.5
  (package (inherit libgcrypt)
    (version "1.5.4")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))

(define-public libassuan
  (package
    (name "libassuan")
    (version "2.2.0")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/libassuan/libassuan-"
                          version ".tar.bz2"))
      (sha256
       (base32
        "1ikf9whfi7rg71qa610ynyv12qrw20zkn7zxgvvr9dp41gbqxxbx"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
    (home-page "http://gnupg.org")
    (synopsis
     "IPC library used by GnuPG and related software")
    (description
     "Libassuan is a small library implementing the so-called Assuan
protocol.  This protocol is used for IPC between most newer
GnuPG components.  Both, server and client side functions are
provided.")
    (license lgpl2.0+)))

(define-public libksba
  (package
    (name "libksba")
    (version "1.3.2")
    (source
     (origin
      (method url-fetch)
      (uri (string-append
            "mirror://gnupg/libksba/libksba-"
            version ".tar.bz2"))
      (sha256
       (base32
        "01l4hvcknk9nb4bvyb6aqaid19jg0wv3ik54j1b89hnzamwm75gb"))))
    (build-system gnu-build-system)
    (propagated-inputs
     `(("libgpg-error" ,libgpg-error)))
    (native-inputs
     `(("libgpg-error" ,libgpg-error)))
    (arguments
     `(#:configure-flags
       (list ,@(if (%current-target-system)
                   '("CC_FOR_BUILD=gcc")
                   '())
             (string-append "--with-gpg-error-prefix="
                            (assoc-ref %build-inputs "libgpg-error")))))
    (home-page "http://www.gnupg.org")
    (synopsis "CMS and X.509 access library")
    (description
     "KSBA (pronounced Kasbah) is a library to make X.509 certificates
as well as the CMS easily accessible by other applications.  Both
specifications are building blocks of S/MIME and TLS.")
    (license gpl3+)))

(define-public gnupg
  (package
    (name "gnupg")
    (version "2.0.26")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                  ".tar.bz2"))
              (sha256
               (base32
                "1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p"))))
    (build-system gnu-build-system)
    (inputs
     `(("bzip2" ,guix:bzip2)
       ("curl" ,curl)
       ("libassuan" ,libassuan)
       ("libgcrypt" ,libgcrypt)
       ("libgpg-error" ,libgpg-error)
       ("libksba" ,libksba)
       ("pth" ,pth)
       ("openldap" ,openldap)
       ("zlib" ,guix:zlib)
       ("readline" ,readline)))
   (arguments
    `(#:phases
       (alist-cons-before
        'configure 'patch-config-files
        (lambda _
          (substitute* "tests/openpgp/Makefile.in"
            (("/bin/sh") (which "bash"))))
       %standard-phases)))
    (home-page "http://gnupg.org/")
    (synopsis "GNU Privacy Guard")
    (description
     "The GNU Privacy Guard is a complete implementation of the OpenPGP
standard.  It is used to encrypt and sign data and communication.  It
features powerful key management and the ability to access public key
servers.  It includes several libraries: libassuan (IPC between GnuPG
components), libgpg-error (centralized GnuPG error values), and
libskba (working with X.509 certificates and CMS data).")
    (license gpl3+)))

(define-public gnupg-1
  (package (inherit gnupg)
    (version "1.4.18")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
                                  ".tar.bz2"))
              (sha256
               (base32
                "1233bppjvdpbbl425ii6l7xvgy0879ghhnmwrph5b6c4g3dgvddp"))))
    (inputs
     `(("zlib" ,guix:zlib)
       ("bzip2" ,guix:bzip2)
       ("curl" ,curl)
       ("readline" ,readline)
       ("libgpg-error" ,libgpg-error)))
    (arguments
     `(#:phases (alist-cons-after
                 'unpack 'patch-check-sh
                 (lambda _
                   (substitute* "checks/Makefile.in"
                     (("/bin/sh") (which "bash"))))
                 %standard-phases)))))

(define-public gpgme
  (package
    (name "gpgme")
    (version "1.5.3")
    (source
     (origin
      (method url-fetch)
      (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
                          ".tar.bz2"))
      (sha256
       (base32
        "1jgwmra6cf0i5x2prj92w77vl7hmj276qmmll3lwysbyn32l1c0d"))))
    (build-system gnu-build-system)
    (propagated-inputs
     ;; Needs to be propagated because gpgme.h includes gpg-error.h.
     `(("libgpg-error" ,libgpg-error)))
    (inputs
     `(("gnupg" ,gnupg)
       ("libassuan" ,libassuan)))
    (arguments '(#:make-flags '("GPG=gpg2")))
    (home-page "http://www.gnupg.org/related_software/gpgme/")
    (synopsis "Library providing simplified access to GnuPG functionality")
    (description
     "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
easier for applications.  It provides a High-Level Crypto API for encryption,
decryption, signing, signature verification and key management.  Currently
it uses GnuPG as its backend but the API isn't restricted to this engine.

Because the direct use of GnuPG from an application can be a complicated
programming task, it is suggested that all software should try to use GPGME
instead.  This way bug fixes or improvements can be done at a central place
and every application benefits from this.")
    (license lgpl2.1+)))

(define-public pius
  (package
   (name "pius")
   (version "2.0.11")
   (source (origin
            (method url-fetch)
            (uri (string-append "mirror://sourceforge/pgpius/pius/"
                                version "/pius-"
                                version ".tar.bz2"))
            (sha256 (base32
                     "0pdbyqz6k0bm182cz81ss7yckmpms5qhrrw0wcr4a1srzcjyzf5f"))))
   (build-system gnu-build-system)
   (inputs `(("perl" ,perl)
             ("python" ,python-2)           ; uses the Python 2 'print' syntax
             ("gpg" ,gnupg)))
   (arguments
    `(#:tests? #f
      #:phases
       (alist-delete
        'configure
       (alist-delete
        'build
       (alist-replace
        'install
        (lambda* (#:key inputs outputs #:allow-other-keys)
          (let* ((out (assoc-ref outputs "out"))
                 (gpg (string-append (assoc-ref inputs "gpg")
                                     "/bin/gpg2")))
            (mkdir out)
            (mkdir (string-append out "/bin"))
            (for-each (lambda (file)
                        (substitute* file
                          (("/usr/bin/gpg") gpg))
                        (copy-file file (string-append out "/bin/" file)))
                      '("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
       %standard-phases)))))
   (synopsis "Programs to simplify GnuPG key signing")
   (description
    "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
parties.  It is the main utility and makes it possible to quickly and easily
sign each UID on a set of PGP keys.  It is designed to take the pain out of
the sign-all-the-keys part of PGP Keysigning Party while adding security
to the process.

pius-keyring-mgr and pius-party-worksheet help organisers of
PGP keysigning parties.")
   (license gpl2)
   (home-page "http://www.phildev.net/pius/index.shtml")))

(define-public signing-party
  (package
   (name "signing-party")
   (version "1.1.4")
   (source (origin
            (method url-fetch)
            (uri (string-append "http://ftp.debian.org/debian/pool/main/s/signing-party/signing-party_"
                                version ".orig.tar.gz"))
            (sha256 (base32
                     "188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
   (build-system gnu-build-system)
   (inputs `(("perl" ,perl)))
   (arguments
    `(#:tests? #f
      #:phases
      (alist-cons-after
       'unpack 'remove-spurious-links
       (lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
      (alist-replace
       'configure
       (lambda* (#:key outputs #:allow-other-keys)
         (let ((out (assoc-ref outputs "out")))
           (substitute* "keyanalyze/Makefile"
             (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
           (substitute* "keyanalyze/Makefile"
             (("./configure") (string-append "./configure --prefix=" out)))
           (substitute* "keyanalyze/pgpring/configure"
             (("/bin/sh") (which "bash")))
           (substitute* "gpgwrap/Makefile"
             (("\\} clean") (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
                                      out "/bin/gpgwrap\n")))
           (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
                          "keylookup/Makefile" "sig2dot/Makefile"
                          "springgraph/Makefile")
             (("/usr") out))))
       (alist-replace
        'install
        (lambda* (#:key outputs #:allow-other-keys #:rest args)
          (let ((out (assoc-ref outputs "out"))
                (install (assoc-ref %standard-phases 'install)))
            (apply install args)
            (for-each
              (lambda (dir file)
                (copy-file (string-append dir "/" file)
                           (string-append out "/bin/" file)))
              '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
                "gpglist" "gpg-mailkeys" "gpgparticipants")
              '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
                "gpglist" "gpg-mailkeys" "gpgparticipants"))
            (for-each
              (lambda (dir file)
                (copy-file (string-append dir "/" file)
                           (string-append out "/share/man/man1/" file)))
              '("caff" "caff" "caff" "gpgdir"
                "gpg-key2ps" "gpglist" "gpg-mailkeys"
                "gpgparticipants" "gpgsigs" "gpgwrap/doc"
                "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
              '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
                "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
                "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
                "process_keys.1" "pgpring.1" "keyanalyze.1"))))
      %standard-phases)))))
   (synopsis "Collection of scripts for simplifying gnupg key signing")
   (description
    "Signing-party is a collection for all kinds of PGP/GnuPG related things,
including tools for signing keys, keyring analysis, and party preparation.

 * caff: CA - Fire and Forget signs and mails a key
 
 * pgp-clean: removes all non-self signatures from key

 * pgp-fixkey: removes broken packets from keys

 * gpg-mailkeys: simply mail out a signed key to its owner

 * gpg-key2ps: generate PostScript file with fingerprint paper strips

 * gpgdir: recursive directory encryption tool

 * gpglist: show who signed which of your UIDs

 * gpgsigs: annotates list of GnuPG keys with already done signatures

 * gpgparticipants: create list of party participants for the organiser

 * gpgwrap: a passphrase wrapper

 * keyanalyze: minimum signing distance (MSD) analysis on keyrings

 * keylookup: ncurses wrapper around gpg --search

 * sig2dot: converts a list of GnuPG signatures to a .dot file

 * springgraph: creates a graph from a .dot file")
   ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
   ;; and caff and gpgsigs: bsd-3, see
   ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
   (license gpl2)
   (home-page "http://pgp-tools.alioth.debian.org/")))

(define-public pinentry
  (package
    (name "pinentry")
    (version "0.9.0")
    (source (origin
              (method url-fetch)
              (uri (string-append "mirror://gnupg/pinentry/pinentry-"
                                  version ".tar.bz2"))
              (sha256
               (base32
                "1awhajq21hcjgqfxg9czaxg555gij4bba6axrwg8w6lfmc3ml14h"))))
    (build-system gnu-build-system)
    (inputs
     `(("ncurses" ,ncurses)
       ("gtk+" ,gtk+-2)
       ("glib" ,glib)))
    (native-inputs
     `(("pkg-config" ,pkg-config)))
    (home-page "http://gnupg.org/aegypten2/")
    (synopsis "GnuPG's interface to passphrase input")
    (description
     "Pinentry provides a console and a GTK+ GUI that allows users to
enter a passphrase when `gpg' or `gpg2' is run and needs it.")
    (license gpl2+)))

(define-public paperkey
  (package
    (name "paperkey")
    (version "1.3")
    (source (origin
              (method url-fetch)
              (uri (string-append "http://www.jabberwocky.com/"
                                  "software/paperkey/paperkey-"
                                  version ".tar.gz"))
              (sha256
               (base32
                "1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
    (build-system gnu-build-system)
    (arguments
     `(#:phases
       (alist-cons-before
        'check 'patch-check-scripts
        (lambda _
          (substitute* '("checks/roundtrip.sh"
                         "checks/roundtrip-raw.sh")
            (("/bin/echo") "echo")))
        %standard-phases)))
    (home-page "http://www.jabberwocky.com/software/paperkey/")
    (synopsis "Backup OpenPGP keys to paper")
    (description
     "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
for printing with paper and ink, which have amazingly long retention
qualities.  To reconstruct a secret key, you re-enter those
bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
them to transform your existing public key into a secret key.")
    (license gpl2+)))
Commit	Line	Data
233e7676	1	;;; GNU Guix --- Functional package management for GNU
40d806af	2	;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
a02ee3d7	3	;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
4380a7b4	4	;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
5249045c	5	;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
8d1939e4	6	;;;
233e7676	7	;;; This file is part of GNU Guix.
8d1939e4	8	;;;
233e7676	9	;;; GNU Guix is free software; you can redistribute it and/or modify it
8d1939e4 LC	10	;;; under the terms of the GNU General Public License as published by
	11	;;; the Free Software Foundation; either version 3 of the License, or (at
	12	;;; your option) any later version.
	13	;;;
233e7676	14	;;; GNU Guix is distributed in the hope that it will be useful, but
8d1939e4 LC	15	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
	16	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	17	;;; GNU General Public License for more details.
	18	;;;
	19	;;; You should have received a copy of the GNU General Public License
233e7676	20	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
8d1939e4	21
1ffa7090	22	(define-module (gnu packages gnupg)
4a44e743	23	#:use-module (guix licenses)
01e11826 AE	24	#:use-module (gnu packages curl)
01e11826 AE	25	#:use-module (gnu packages openldap)
ea4d96c6	26	#:use-module (gnu packages perl)
1ffa7090	27	#:use-module (gnu packages pth)
ea4d96c6	28	#:use-module (gnu packages python)
1ffa7090	29	#:use-module (gnu packages readline)
b5b73a82	30	#:use-module ((gnu packages compression) #:prefix guix:)
40d806af LC	31	#:use-module (gnu packages gtk)
	32	#:use-module (gnu packages glib)
	33	#:use-module (gnu packages pkg-config)
	34	#:use-module (gnu packages ncurses)
8d1939e4	35	#:use-module (guix packages)
87f5d366	36	#:use-module (guix download)
8d1939e4 LC	37	#:use-module (guix build-system gnu))
	38
	39	(define-public libgpg-error
	40	(package
	41	(name "libgpg-error")
a02ee3d7	42	(version "1.18")
8d1939e4 LC	43	(source
8d1939e4 LC	44	(origin
87f5d366	45	(method url-fetch)
0db342a5	46	(uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
8d1939e4 LC	47	version ".tar.bz2"))
	48	(sha256
	49	(base32
a02ee3d7	50	"0408v19h3h0q6w61g51hgbdg6cyw81nyzkh70qfprvsc3pkddwcz"))))
8d1939e4 LC	51	(build-system gnu-build-system)
8d1939e4 LC	52	(home-page "http://gnupg.org")
35b9e423	53	(synopsis "Library of error values for GnuPG components")
8d1939e4 LC	54	(description
	55	"Libgpg-error is a small library that defines common error values
	56	for all GnuPG components. Among these are GPG, GPGSM, GPGME,
	57	GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
	58	Daemon and possibly more in the future.")
4a44e743	59	(license lgpl2.0+)))
8d1939e4 LC	60
	61	(define-public libgcrypt
	62	(package
	63	(name "libgcrypt")
bcac69f6	64	(version "1.6.2")
84a3e3b7 LC	65	(source (origin
	66	(method url-fetch)
	67	(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
	68	version ".tar.bz2"))
	69	(sha256
	70	(base32
bcac69f6	71	"0k2wi34qhp5hq71w1ab3kw1gfsx7xff79bvynqkxp35kls94826y"))))
8d1939e4 LC	72	(build-system gnu-build-system)
8d1939e4 LC	73	(propagated-inputs
e0932742	74	`(("libgpg-error-host" ,libgpg-error)))
e766f699 JD	75	(native-inputs
e766f699 JD	76	;; Needed here for the 'gpg-error' program.
e0932742	77	`(("libgpg-error-native" ,libgpg-error)))
e766f699 JD	78	(arguments
	79	;; The '--with-gpg-error-prefix' argument is needed because otherwise
	80	;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
	81	;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
	82	`(#:configure-flags
	83	(list (string-append "--with-gpg-error-prefix="
e0932742	84	(assoc-ref %build-inputs "libgpg-error-host")))))
40fed2d8	85	(outputs '("out" "debug"))
8d1939e4	86	(home-page "http://gnupg.org/")
f50d2669	87	(synopsis "Cryptographic function library")
8d1939e4	88	(description
a22dc0c4 LC	89	"Libgcrypt is a general-purpose cryptographic library. It provides the
	90	standard cryptographic building blocks such as symmetric ciphers, hash
	91	algorithms, public key algorithms, large integer functions and random number
	92	generation.")
4a44e743	93	(license lgpl2.0+)))
8d1939e4	94
a53421fd AE	95	(define-public libgcrypt-1.5
a53421fd AE	96	(package (inherit libgcrypt)
460f97f8	97	(version "1.5.4")
a53421fd AE	98	(source
	99	(origin
	100	(method url-fetch)
	101	(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
	102	version ".tar.bz2"))
	103	(sha256
	104	(base32
460f97f8	105	"0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))
a53421fd	106
8d1939e4 LC	107	(define-public libassuan
	108	(package
	109	(name "libassuan")
2b8ae65e	110	(version "2.2.0")
8d1939e4 LC	111	(source
8d1939e4 LC	112	(origin
87f5d366	113	(method url-fetch)
0db342a5	114	(uri (string-append "mirror://gnupg/libassuan/libassuan-"
8d1939e4 LC	115	version ".tar.bz2"))
	116	(sha256
	117	(base32
2b8ae65e	118	"1ikf9whfi7rg71qa610ynyv12qrw20zkn7zxgvvr9dp41gbqxxbx"))))
8d1939e4 LC	119	(build-system gnu-build-system)
	120	(propagated-inputs
	121	`(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
	122	(home-page "http://gnupg.org")
	123	(synopsis
35b9e423	124	"IPC library used by GnuPG and related software")
8d1939e4 LC	125	(description
	126	"Libassuan is a small library implementing the so-called Assuan
	127	protocol. This protocol is used for IPC between most newer
	128	GnuPG components. Both, server and client side functions are
	129	provided.")
4a44e743	130	(license lgpl2.0+)))
8d1939e4 LC	131
	132	(define-public libksba
	133	(package
	134	(name "libksba")
6eef465e	135	(version "1.3.2")
8d1939e4 LC	136	(source
8d1939e4 LC	137	(origin
87f5d366	138	(method url-fetch)
8d1939e4	139	(uri (string-append
0db342a5	140	"mirror://gnupg/libksba/libksba-"
8d1939e4 LC	141	version ".tar.bz2"))
	142	(sha256
	143	(base32
6eef465e	144	"01l4hvcknk9nb4bvyb6aqaid19jg0wv3ik54j1b89hnzamwm75gb"))))
8d1939e4 LC	145	(build-system gnu-build-system)
	146	(propagated-inputs
	147	`(("libgpg-error" ,libgpg-error)))
e766f699 JD	148	(native-inputs
	149	`(("libgpg-error" ,libgpg-error)))
	150	(arguments
	151	`(#:configure-flags
	152	(list ,@(if (%current-target-system)
	153	'("CC_FOR_BUILD=gcc")
	154	'())
	155	(string-append "--with-gpg-error-prefix="
	156	(assoc-ref %build-inputs "libgpg-error")))))
8d1939e4	157	(home-page "http://www.gnupg.org")
35b9e423	158	(synopsis "CMS and X.509 access library")
8d1939e4 LC	159	(description
	160	"KSBA (pronounced Kasbah) is a library to make X.509 certificates
	161	as well as the CMS easily accessible by other applications. Both
	162	specifications are building blocks of S/MIME and TLS.")
4a44e743	163	(license gpl3+)))
8d1939e4 LC	164
	165	(define-public gnupg
	166	(package
	167	(name "gnupg")
e69a4dd0	168	(version "2.0.26")
58970d6a LC	169	(source (origin
	170	(method url-fetch)
	171	(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
	172	".tar.bz2"))
	173	(sha256
	174	(base32
e69a4dd0	175	"1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p"))))
8d1939e4 LC	176	(build-system gnu-build-system)
8d1939e4 LC	177	(inputs
f1be8061	178	`(("bzip2" ,guix:bzip2)
01e11826	179	("curl" ,curl)
8d1939e4 LC	180	("libassuan" ,libassuan)
8d1939e4 LC	181	("libgcrypt" ,libgcrypt)
01e11826	182	("libgpg-error" ,libgpg-error)
8d1939e4 LC	183	("libksba" ,libksba)
8d1939e4 LC	184	("pth" ,pth)
01e11826	185	("openldap" ,openldap)
4a44e743	186	("zlib" ,guix:zlib)
8d1939e4	187	("readline" ,readline)))
30e9cbb4 AE	188	(arguments
30e9cbb4 AE	189	`(#:phases
d4bf49b1 EB	190	(alist-cons-before
	191	'configure 'patch-config-files
	192	(lambda _
	193	(substitute* "tests/openpgp/Makefile.in"
	194	(("/bin/sh") (which "bash"))))
30e9cbb4	195	%standard-phases)))
8d1939e4	196	(home-page "http://gnupg.org/")
f50d2669	197	(synopsis "GNU Privacy Guard")
8d1939e4	198	(description
a22dc0c4 LC	199	"The GNU Privacy Guard is a complete implementation of the OpenPGP
	200	standard. It is used to encrypt and sign data and communication. It
	201	features powerful key management and the ability to access public key
79c311b8	202	servers. It includes several libraries: libassuan (IPC between GnuPG
58970d6a LC	203	components), libgpg-error (centralized GnuPG error values), and
58970d6a LC	204	libskba (working with X.509 certificates and CMS data).")
4a44e743	205	(license gpl3+)))
ea4d96c6	206
5249045c MW	207	(define-public gnupg-1
5249045c MW	208	(package (inherit gnupg)
8ee380ba	209	(version "1.4.18")
58970d6a LC	210	(source (origin
	211	(method url-fetch)
	212	(uri (string-append "mirror://gnupg/gnupg/gnupg-" version
	213	".tar.bz2"))
	214	(sha256
	215	(base32
8ee380ba	216	"1233bppjvdpbbl425ii6l7xvgy0879ghhnmwrph5b6c4g3dgvddp"))))
5249045c MW	217	(inputs
	218	`(("zlib" ,guix:zlib)
	219	("bzip2" ,guix:bzip2)
	220	("curl" ,curl)
	221	("readline" ,readline)
	222	("libgpg-error" ,libgpg-error)))
	223	(arguments
	224	`(#:phases (alist-cons-after
	225	'unpack 'patch-check-sh
	226	(lambda _
	227	(substitute* "checks/Makefile.in"
	228	(("/bin/sh") (which "bash"))))
	229	%standard-phases)))))
	230
09d5c166 AE	231	(define-public gpgme
	232	(package
	233	(name "gpgme")
456cf627	234	(version "1.5.3")
09d5c166 AE	235	(source
	236	(origin
	237	(method url-fetch)
	238	(uri (string-append "mirror://gnupg/gpgme/gpgme-" version
	239	".tar.bz2"))
	240	(sha256
	241	(base32
456cf627	242	"1jgwmra6cf0i5x2prj92w77vl7hmj276qmmll3lwysbyn32l1c0d"))))
09d5c166	243	(build-system gnu-build-system)
68640c3c MW	244	(propagated-inputs
	245	;; Needs to be propagated because gpgme.h includes gpg-error.h.
	246	`(("libgpg-error" ,libgpg-error)))
09d5c166 AE	247	(inputs
09d5c166 AE	248	`(("gnupg" ,gnupg)
68640c3c	249	("libassuan" ,libassuan)))
e6a83df1	250	(arguments '(#:make-flags '("GPG=gpg2")))
09d5c166	251	(home-page "http://www.gnupg.org/related_software/gpgme/")
35b9e423	252	(synopsis "Library providing simplified access to GnuPG functionality")
09d5c166 AE	253	(description
	254	"GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
	255	easier for applications. It provides a High-Level Crypto API for encryption,
	256	decryption, signing, signature verification and key management. Currently
	257	it uses GnuPG as its backend but the API isn't restricted to this engine.
	258
	259	Because the direct use of GnuPG from an application can be a complicated
	260	programming task, it is suggested that all software should try to use GPGME
	261	instead. This way bug fixes or improvements can be done at a central place
	262	and every application benefits from this.")
	263	(license lgpl2.1+)))
	264
ea4d96c6 AE	265	(define-public pius
	266	(package
	267	(name "pius")
2249a168	268	(version "2.0.11")
ea4d96c6 AE	269	(source (origin
	270	(method url-fetch)
	271	(uri (string-append "mirror://sourceforge/pgpius/pius/"
	272	version "/pius-"
	273	version ".tar.bz2"))
	274	(sha256 (base32
2249a168	275	"0pdbyqz6k0bm182cz81ss7yckmpms5qhrrw0wcr4a1srzcjyzf5f"))))
ea4d96c6 AE	276	(build-system gnu-build-system)
ea4d96c6 AE	277	(inputs `(("perl" ,perl)
94e3029a	278	("python" ,python-2) ; uses the Python 2 'print' syntax
9eed6f9b	279	("gpg" ,gnupg)))
ea4d96c6 AE	280	(arguments
	281	`(#:tests? #f
	282	#:phases
d4bf49b1	283	(alist-delete
ea4d96c6	284	'configure
d4bf49b1	285	(alist-delete
ea4d96c6	286	'build
ea4d96c6 AE	287	(alist-replace
ea4d96c6 AE	288	'install
9eed6f9b LC	289	(lambda* (#:key inputs outputs #:allow-other-keys)
	290	(let* ((out (assoc-ref outputs "out"))
	291	(gpg (string-append (assoc-ref inputs "gpg")
	292	"/bin/gpg2")))
ea4d96c6 AE	293	(mkdir out)
ea4d96c6 AE	294	(mkdir (string-append out "/bin"))
9eed6f9b LC	295	(for-each (lambda (file)
	296	(substitute* file
	297	(("/usr/bin/gpg") gpg))
	298	(copy-file file (string-append out "/bin/" file)))
	299	'("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
ea4d96c6	300	%standard-phases)))))
9eed6f9b	301	(synopsis "Programs to simplify GnuPG key signing")
ea4d96c6 AE	302	(description
ea4d96c6 AE	303	"Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
35b9e423 EB	304	parties. It is the main utility and makes it possible to quickly and easily
35b9e423 EB	305	sign each UID on a set of PGP keys. It is designed to take the pain out of
ea4d96c6 AE	306	the sign-all-the-keys part of PGP Keysigning Party while adding security
	307	to the process.
	308
	309	pius-keyring-mgr and pius-party-worksheet help organisers of
	310	PGP keysigning parties.")
	311	(license gpl2)
	312	(home-page "http://www.phildev.net/pius/index.shtml")))
96be765c AE	313
	314	(define-public signing-party
	315	(package
	316	(name "signing-party")
	317	(version "1.1.4")
	318	(source (origin
	319	(method url-fetch)
	320	(uri (string-append "http://ftp.debian.org/debian/pool/main/s/signing-party/signing-party_"
	321	version ".orig.tar.gz"))
	322	(sha256 (base32
	323	"188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
	324	(build-system gnu-build-system)
	325	(inputs `(("perl" ,perl)))
	326	(arguments
	327	`(#:tests? #f
	328	#:phases
d4bf49b1 EB	329	(alist-cons-after
	330	'unpack 'remove-spurious-links
	331	(lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
96be765c AE	332	(alist-replace
	333	'configure
	334	(lambda* (#:key outputs #:allow-other-keys)
	335	(let ((out (assoc-ref outputs "out")))
	336	(substitute* "keyanalyze/Makefile"
	337	(("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
	338	(substitute* "keyanalyze/Makefile"
	339	(("./configure") (string-append "./configure --prefix=" out)))
	340	(substitute* "keyanalyze/pgpring/configure"
	341	(("/bin/sh") (which "bash")))
	342	(substitute* "gpgwrap/Makefile"
	343	(("\\} clean") (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
	344	out "/bin/gpgwrap\n")))
	345	(substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
	346	"keylookup/Makefile" "sig2dot/Makefile"
	347	"springgraph/Makefile")
	348	(("/usr") out))))
	349	(alist-replace
	350	'install
	351	(lambda* (#:key outputs #:allow-other-keys #:rest args)
	352	(let ((out (assoc-ref outputs "out"))
	353	(install (assoc-ref %standard-phases 'install)))
	354	(apply install args)
	355	(for-each
	356	(lambda (dir file)
	357	(copy-file (string-append dir "/" file)
	358	(string-append out "/bin/" file)))
	359	'("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
	360	"gpglist" "gpg-mailkeys" "gpgparticipants")
	361	'("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
	362	"gpglist" "gpg-mailkeys" "gpgparticipants"))
	363	(for-each
	364	(lambda (dir file)
	365	(copy-file (string-append dir "/" file)
	366	(string-append out "/share/man/man1/" file)))
	367	'("caff" "caff" "caff" "gpgdir"
	368	"gpg-key2ps" "gpglist" "gpg-mailkeys"
	369	"gpgparticipants" "gpgsigs" "gpgwrap/doc"
	370	"keyanalyze" "keyanalyze/pgpring" "keyanalyze")
	371	'("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
	372	"gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
	373	"gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
	374	"process_keys.1" "pgpring.1" "keyanalyze.1"))))
	375	%standard-phases)))))
35b9e423	376	(synopsis "Collection of scripts for simplifying gnupg key signing")
96be765c	377	(description
35b9e423	378	"Signing-party is a collection for all kinds of PGP/GnuPG related things,
96be765c AE	379	including tools for signing keys, keyring analysis, and party preparation.
	380
	381	* caff: CA - Fire and Forget signs and mails a key
	382
	383	* pgp-clean: removes all non-self signatures from key
	384
	385	* pgp-fixkey: removes broken packets from keys
	386
	387	* gpg-mailkeys: simply mail out a signed key to its owner
	388
	389	* gpg-key2ps: generate PostScript file with fingerprint paper strips
	390
	391	* gpgdir: recursive directory encryption tool
	392
	393	* gpglist: show who signed which of your UIDs
	394
	395	* gpgsigs: annotates list of GnuPG keys with already done signatures
	396
	397	* gpgparticipants: create list of party participants for the organiser
	398
	399	* gpgwrap: a passphrase wrapper
	400
	401	* keyanalyze: minimum signing distance (MSD) analysis on keyrings
	402
	403	* keylookup: ncurses wrapper around gpg --search
	404
	405	* sig2dot: converts a list of GnuPG signatures to a .dot file
	406
	407	* springgraph: creates a graph from a .dot file")
	408	;; gpl2+ for almost all programs, except for keyanalyze: gpl2
	409	;; and caff and gpgsigs: bsd-3, see
	410	;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
	411	(license gpl2)
	412	(home-page "http://pgp-tools.alioth.debian.org/")))
40d806af LC	413
	414	(define-public pinentry
	415	(package
	416	(name "pinentry")
3e74dcd0	417	(version "0.9.0")
40d806af LC	418	(source (origin
	419	(method url-fetch)
	420	(uri (string-append "mirror://gnupg/pinentry/pinentry-"
	421	version ".tar.bz2"))
	422	(sha256
	423	(base32
3e74dcd0	424	"1awhajq21hcjgqfxg9czaxg555gij4bba6axrwg8w6lfmc3ml14h"))))
40d806af LC	425	(build-system gnu-build-system)
	426	(inputs
	427	`(("ncurses" ,ncurses)
	428	("gtk+" ,gtk+-2)
	429	("glib" ,glib)))
	430	(native-inputs
	431	`(("pkg-config" ,pkg-config)))
	432	(home-page "http://gnupg.org/aegypten2/")
	433	(synopsis "GnuPG's interface to passphrase input")
	434	(description
	435	"Pinentry provides a console and a GTK+ GUI that allows users to
	436	enter a passphrase when `gpg' or `gpg2' is run and needs it.")
	437	(license gpl2+)))
4380a7b4 EB	438
	439	(define-public paperkey
	440	(package
	441	(name "paperkey")
	442	(version "1.3")
	443	(source (origin
	444	(method url-fetch)
	445	(uri (string-append "http://www.jabberwocky.com/"
	446	"software/paperkey/paperkey-"
	447	version ".tar.gz"))
	448	(sha256
	449	(base32
	450	"1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
	451	(build-system gnu-build-system)
	452	(arguments
	453	`(#:phases
d4bf49b1 EB	454	(alist-cons-before
	455	'check 'patch-check-scripts
	456	(lambda _
	457	(substitute* '("checks/roundtrip.sh"
	458	"checks/roundtrip-raw.sh")
	459	(("/bin/echo") "echo")))
4380a7b4 EB	460	%standard-phases)))
	461	(home-page "http://www.jabberwocky.com/software/paperkey/")
	462	(synopsis "Backup OpenPGP keys to paper")
	463	(description
	464	"Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
	465	for printing with paper and ink, which have amazingly long retention
	466	qualities. To reconstruct a secret key, you re-enter those
	467	bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
	468	them to transform your existing public key into a secret key.")
	469	(license gpl2+)))