| 1 | ;;; GNU Guix --- Functional package management for GNU |
| 2 | ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 Ludovic Courtès <ludo@gnu.org> |
| 3 | ;;; Copyright © 2013, 2015, 2018 Andreas Enge <andreas@enge.fr> |
| 4 | ;;; Copyright © 2014, 2018 Eric Bavier <bavier@member.fsf.org> |
| 5 | ;;; Copyright © 2014, 2015, 2016, 2020 Mark H Weaver <mhw@netris.org> |
| 6 | ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org> |
| 7 | ;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il> |
| 8 | ;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net> |
| 9 | ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org> |
| 10 | ;;; Copyright © 2016, 2017 Nikita <nikita@n0.is> |
| 11 | ;;; Copyright © 2016 Christopher Baines <mail@cbaines.net> |
| 12 | ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org> |
| 13 | ;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com> |
| 14 | ;;; Copyright © 2017, 2020 Leo Famulari <leo@famulari.name> |
| 15 | ;;; Copyright © 2017 Petter <petter@mykolab.ch> |
| 16 | ;;; Copyright © 2018–2021 Tobias Geerinckx-Rice <me@tobias.gr> |
| 17 | ;;; Copyright © 2018, 2019 Marius Bakke <mbakke@fastmail.com> |
| 18 | ;;; Copyright © 2018 Björn Höfling <bjoern.hoefling@bjoernhoefling.de> |
| 19 | ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> |
| 20 | ;;; Copyright © 2020 Fredrik Salomonsson <plattfot@posteo.net> |
| 21 | ;;; |
| 22 | ;;; This file is part of GNU Guix. |
| 23 | ;;; |
| 24 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
| 25 | ;;; under the terms of the GNU General Public License as published by |
| 26 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
| 27 | ;;; your option) any later version. |
| 28 | ;;; |
| 29 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
| 30 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
| 31 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 32 | ;;; GNU General Public License for more details. |
| 33 | ;;; |
| 34 | ;;; You should have received a copy of the GNU General Public License |
| 35 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
| 36 | |
| 37 | (define-module (gnu packages gnupg) |
| 38 | #:use-module ((guix licenses) #:prefix license:) |
| 39 | #:use-module (gnu packages) |
| 40 | #:use-module (gnu packages adns) |
| 41 | #:use-module (gnu packages autotools) |
| 42 | #:use-module (gnu packages base) |
| 43 | #:use-module (gnu packages curl) |
| 44 | #:use-module (gnu packages crypto) |
| 45 | #:use-module (gnu packages emacs) |
| 46 | #:use-module (gnu packages enlightenment) |
| 47 | #:use-module (gnu packages gettext) |
| 48 | #:use-module (gnu packages guile) |
| 49 | #:use-module (gnu packages openldap) |
| 50 | #:use-module (gnu packages perl) |
| 51 | #:use-module (gnu packages perl-check) |
| 52 | #:use-module (gnu packages pth) |
| 53 | #:use-module (gnu packages python) |
| 54 | #:use-module (gnu packages python-xyz) |
| 55 | #:use-module (gnu packages qt) |
| 56 | #:use-module (gnu packages readline) |
| 57 | #:use-module (gnu packages compression) |
| 58 | #:use-module (gnu packages gtk) |
| 59 | #:use-module (gnu packages glib) |
| 60 | #:use-module (gnu packages gnome) |
| 61 | #:use-module (gnu packages pkg-config) |
| 62 | #:use-module (gnu packages ncurses) |
| 63 | #:use-module (gnu packages security-token) |
| 64 | #:use-module (gnu packages sqlite) |
| 65 | #:use-module (gnu packages swig) |
| 66 | #:use-module (gnu packages texinfo) |
| 67 | #:use-module (gnu packages tls) |
| 68 | #:use-module (gnu packages tor) |
| 69 | #:use-module (gnu packages web) |
| 70 | #:use-module (gnu packages xorg) |
| 71 | #:use-module (gnu packages xdisorg) |
| 72 | #:use-module (gnu packages xml) |
| 73 | #:use-module (guix packages) |
| 74 | #:use-module (guix download) |
| 75 | #:use-module (guix git-download) |
| 76 | #:use-module (guix build-system gnu) |
| 77 | #:use-module (guix build-system perl) |
| 78 | #:use-module (guix build-system python) |
| 79 | #:use-module (srfi srfi-1)) |
| 80 | |
| 81 | (define-public libgpg-error |
| 82 | (package |
| 83 | (name "libgpg-error") |
| 84 | (version "1.37") |
| 85 | (source |
| 86 | (origin |
| 87 | (method url-fetch) |
| 88 | (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-" |
| 89 | version ".tar.bz2")) |
| 90 | (sha256 |
| 91 | (base32 |
| 92 | "0qwpx8mbc2l421a22l0l1hpzkip9jng06bbzgxwpkkvk5bvnybdk")))) |
| 93 | (build-system gnu-build-system) |
| 94 | (arguments |
| 95 | (if (%current-target-system) |
| 96 | `(#:modules ((ice-9 match) |
| 97 | (guix build gnu-build-system) |
| 98 | (guix build utils)) |
| 99 | #:phases |
| 100 | (modify-phases %standard-phases |
| 101 | ;; When cross-compiling, some platform specific properties cannot |
| 102 | ;; be detected. Create a symlink to the appropriate platform |
| 103 | ;; file. See Cross-Compiling section at: |
| 104 | ;; https://github.com/gpg/libgpg-error/blob/master/README |
| 105 | (add-after 'unpack 'cross-symlinks |
| 106 | (lambda* (#:key target inputs #:allow-other-keys) |
| 107 | (let ((triplet |
| 108 | (match (string-take target |
| 109 | (string-index target #\-)) |
| 110 | ("armhf" "arm-unknown-linux-gnueabi") |
| 111 | ("mips64el" "mips-unknown-linux-gnu") |
| 112 | (x |
| 113 | (string-append x "-unknown-linux-gnu"))))) |
| 114 | (symlink |
| 115 | (string-append "lock-obj-pub." triplet ".h") |
| 116 | "src/syscfg/lock-obj-pub.linux-gnu.h")) |
| 117 | #t)))) |
| 118 | '())) |
| 119 | (native-inputs `(("gettext" ,gettext-minimal))) |
| 120 | (home-page "https://gnupg.org") |
| 121 | (synopsis "Library of error values for GnuPG components") |
| 122 | (description |
| 123 | "Libgpg-error is a small library that defines common error values |
| 124 | for all GnuPG components. Among these are GPG, GPGSM, GPGME, |
| 125 | GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard |
| 126 | Daemon and possibly more in the future.") |
| 127 | (license license:lgpl2.0+) |
| 128 | (properties '((ftp-server . "ftp.gnupg.org") |
| 129 | (ftp-directory . "/gcrypt/libgpg-error"))))) |
| 130 | |
| 131 | (define-public libgcrypt |
| 132 | (package |
| 133 | (name "libgcrypt") |
| 134 | (version "1.8.5") |
| 135 | (source (origin |
| 136 | (method url-fetch) |
| 137 | (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-" |
| 138 | version ".tar.bz2")) |
| 139 | (sha256 |
| 140 | (base32 |
| 141 | "1hvsazms1bfd769q0ngl0r9g5i4m9mpz9jmvvrdzyzk3rfa2ljiv")))) |
| 142 | (build-system gnu-build-system) |
| 143 | (propagated-inputs |
| 144 | `(("libgpg-error-host" ,libgpg-error))) |
| 145 | (native-inputs |
| 146 | ;; Needed here for the 'gpg-error' program. |
| 147 | `(("libgpg-error-native" ,libgpg-error))) |
| 148 | (arguments |
| 149 | ;; The '--with-gpg-error-prefix' argument is needed because otherwise |
| 150 | ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and |
| 151 | ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one. |
| 152 | `(#:configure-flags |
| 153 | (list (string-append "--with-gpg-error-prefix=" |
| 154 | (assoc-ref %build-inputs "libgpg-error-host")) |
| 155 | ;; When cross-compiling, _gcry_mpih_lshift etc are undefined |
| 156 | ,@(if (%current-target-system) '("--disable-asm") |
| 157 | '())))) |
| 158 | (outputs '("out" "debug")) |
| 159 | (home-page "https://gnupg.org/") |
| 160 | (synopsis "Cryptographic function library") |
| 161 | (description |
| 162 | "Libgcrypt is a general-purpose cryptographic library. It provides the |
| 163 | standard cryptographic building blocks such as symmetric ciphers, hash |
| 164 | algorithms, public key algorithms, large integer functions and random number |
| 165 | generation.") |
| 166 | (license license:lgpl2.0+) |
| 167 | (properties '((ftp-server . "ftp.gnupg.org") |
| 168 | (ftp-directory . "/gcrypt/libgcrypt"))))) |
| 169 | |
| 170 | (define-public libassuan |
| 171 | (package |
| 172 | (name "libassuan") |
| 173 | (version "2.5.4") |
| 174 | (source |
| 175 | (origin |
| 176 | (method url-fetch) |
| 177 | (uri (string-append "mirror://gnupg/libassuan/libassuan-" |
| 178 | version ".tar.bz2")) |
| 179 | (sha256 |
| 180 | (base32 |
| 181 | "1w7vnnycq4z7gf4bk38pi4hrb8qrrzgfpz3cd7frwldxnfbfx060")))) |
| 182 | (build-system gnu-build-system) |
| 183 | (propagated-inputs |
| 184 | `(("libgpg-error" ,libgpg-error) |
| 185 | ("pth" ,pth))) |
| 186 | (home-page "https://gnupg.org") |
| 187 | (synopsis |
| 188 | "IPC library used by GnuPG and related software") |
| 189 | (description |
| 190 | "Libassuan is a small library implementing the so-called Assuan |
| 191 | protocol. This protocol is used for IPC between most newer |
| 192 | GnuPG components. Both, server and client side functions are |
| 193 | provided.") |
| 194 | (license license:lgpl2.0+) |
| 195 | (properties '((ftp-server . "ftp.gnupg.org") |
| 196 | (ftp-directory . "/gcrypt/libassuan"))))) |
| 197 | |
| 198 | (define-public libksba |
| 199 | (package |
| 200 | (name "libksba") |
| 201 | (version "1.5.0") |
| 202 | (source |
| 203 | (origin |
| 204 | (method url-fetch) |
| 205 | (uri (string-append |
| 206 | "mirror://gnupg/libksba/libksba-" |
| 207 | version ".tar.bz2")) |
| 208 | (sha256 |
| 209 | (base32 |
| 210 | "1fm0mf3wq9fmyi1rmc1vk2fafn6liiw2mgxml3g7ybbb44lz2jmf")))) |
| 211 | (build-system gnu-build-system) |
| 212 | (propagated-inputs |
| 213 | `(("libgpg-error" ,libgpg-error))) |
| 214 | (native-inputs |
| 215 | `(("libgpg-error" ,libgpg-error))) |
| 216 | (arguments |
| 217 | `(#:configure-flags |
| 218 | (list ,@(if (%current-target-system) |
| 219 | '("CC_FOR_BUILD=gcc") |
| 220 | '()) |
| 221 | (string-append "--with-gpg-error-prefix=" |
| 222 | (assoc-ref %build-inputs "libgpg-error"))))) |
| 223 | (home-page "https://www.gnupg.org") |
| 224 | (synopsis "CMS and X.509 access library") |
| 225 | (description |
| 226 | "KSBA (pronounced Kasbah) is a library to make X.509 certificates |
| 227 | as well as the CMS easily accessible by other applications. Both |
| 228 | specifications are building blocks of S/MIME and TLS.") |
| 229 | (license license:gpl3+) |
| 230 | (properties '((ftp-server . "ftp.gnupg.org") |
| 231 | (ftp-directory . "/gcrypt/libksba"))))) |
| 232 | |
| 233 | (define-public npth |
| 234 | (package |
| 235 | (name "npth") |
| 236 | (version "1.6") |
| 237 | (source |
| 238 | (origin |
| 239 | (method url-fetch) |
| 240 | (uri (string-append "mirror://gnupg/npth/npth-" version ".tar.bz2")) |
| 241 | (sha256 |
| 242 | (base32 "1lg2lkdd3z1s3rpyf88786l243adrzyk9p4q8z9n41ygmpcsp4qk")))) |
| 243 | (build-system gnu-build-system) |
| 244 | (home-page "https://www.gnupg.org") |
| 245 | (synopsis "Non-preemptive thread library") |
| 246 | (description |
| 247 | "Npth is a library to provide the GNU Pth API and thus a non-preemptive |
| 248 | threads implementation. |
| 249 | |
| 250 | In contrast to GNU Pth is is based on the system's standard threads |
| 251 | implementation. This allows the use of libraries which are not |
| 252 | compatible to GNU Pth.") |
| 253 | (license (list license:lgpl3+ license:gpl2+)) ; dual license |
| 254 | (properties '((ftp-server . "ftp.gnupg.org") |
| 255 | (ftp-directory . "/gcrypt/npth"))))) |
| 256 | |
| 257 | (define-public gnupg |
| 258 | (package |
| 259 | (name "gnupg") |
| 260 | (version "2.2.27") |
| 261 | (source (origin |
| 262 | (method url-fetch) |
| 263 | (uri (string-append "mirror://gnupg/gnupg/gnupg-" version |
| 264 | ".tar.bz2")) |
| 265 | (patches (search-patches "gnupg-default-pinentry.patch")) |
| 266 | (sha256 |
| 267 | (base32 |
| 268 | "1693s2rp9sjwvdslj94n03wnb6rxysjy0dli0q1698af044h1ril")))) |
| 269 | (build-system gnu-build-system) |
| 270 | (native-inputs |
| 271 | `(("pkg-config" ,pkg-config))) |
| 272 | (inputs |
| 273 | `(("gnutls" ,gnutls) |
| 274 | ("libassuan" ,libassuan) |
| 275 | ("libgcrypt" ,libgcrypt) |
| 276 | ("libgpg-error" ,libgpg-error) |
| 277 | ("libksba" ,libksba) |
| 278 | ("npth" ,npth) |
| 279 | ("openldap" ,openldap) |
| 280 | ("pcsc-lite" ,pcsc-lite) |
| 281 | ("readline" ,readline) |
| 282 | ("sqlite" ,sqlite) |
| 283 | ("zlib" ,zlib))) |
| 284 | (arguments |
| 285 | `(#:configure-flags '(;; Otherwise, the test suite looks for the `gpg` |
| 286 | ;; executable in its installation directory in |
| 287 | ;; /gnu/store before it has been installed. |
| 288 | "--enable-gnupg-builddir-envvar" |
| 289 | "--enable-all-tests") |
| 290 | #:phases |
| 291 | (modify-phases %standard-phases |
| 292 | (add-before 'configure 'patch-paths |
| 293 | (lambda* (#:key inputs #:allow-other-keys) |
| 294 | (substitute* "scd/scdaemon.c" |
| 295 | (("\"(libpcsclite\\.so[^\"]*)\"" _ name) |
| 296 | (string-append "\"" (assoc-ref inputs "pcsc-lite") |
| 297 | "/lib/" name "\""))) |
| 298 | #t)) |
| 299 | (add-after 'build 'patch-scheme-tests |
| 300 | (lambda _ |
| 301 | (substitute* (find-files "tests" ".\\.scm$") |
| 302 | (("/usr/bin/env gpgscm") |
| 303 | (string-append (getcwd) "/tests/gpgscm/gpgscm"))) |
| 304 | #t)) |
| 305 | (add-before 'build 'patch-test-paths |
| 306 | (lambda _ |
| 307 | (substitute* '("tests/inittests" |
| 308 | "tests/pkits/inittests" |
| 309 | "tests/Makefile" |
| 310 | "tests/pkits/common.sh" |
| 311 | "tests/pkits/Makefile") |
| 312 | (("/bin/pwd") (which "pwd"))) |
| 313 | (substitute* "common/t-exectool.c" |
| 314 | (("/bin/cat") (which "cat")) |
| 315 | (("/bin/true") (which "true")) |
| 316 | (("/bin/false") (which "false"))) |
| 317 | #t))))) |
| 318 | (home-page "https://gnupg.org/") |
| 319 | (synopsis "GNU Privacy Guard") |
| 320 | (description |
| 321 | "The GNU Privacy Guard is a complete implementation of the OpenPGP |
| 322 | standard. It is used to encrypt and sign data and communication. It |
| 323 | features powerful key management and the ability to access public key |
| 324 | servers. It includes several libraries: libassuan (IPC between GnuPG |
| 325 | components), libgpg-error (centralized GnuPG error values), and |
| 326 | libskba (working with X.509 certificates and CMS data).") |
| 327 | (license license:gpl3+) |
| 328 | (properties '((ftp-server . "ftp.gnupg.org") |
| 329 | (ftp-directory . "/gcrypt/gnupg"))))) |
| 330 | |
| 331 | (define-public gnupg-1 |
| 332 | (package (inherit gnupg) |
| 333 | (version "1.4.23") |
| 334 | (source (origin |
| 335 | (method url-fetch) |
| 336 | (uri (string-append "mirror://gnupg/gnupg/gnupg-" version |
| 337 | ".tar.bz2")) |
| 338 | (sha256 |
| 339 | (base32 |
| 340 | "1fkq4sqldvf6a25mm2qz95swv1qjg464736091w51djiwqbjyin9")))) |
| 341 | (native-inputs '()) |
| 342 | (inputs |
| 343 | `(("zlib" ,zlib) |
| 344 | ("bzip2" ,bzip2) |
| 345 | ("curl" ,curl) |
| 346 | ("readline" ,readline) |
| 347 | ("libgpg-error" ,libgpg-error))) |
| 348 | (arguments |
| 349 | `(#:phases |
| 350 | (modify-phases %standard-phases |
| 351 | (add-after 'unpack 'patch-check-sh |
| 352 | (lambda _ |
| 353 | (substitute* "checks/Makefile.in" |
| 354 | (("/bin/sh") (which "sh"))) |
| 355 | #t))))))) |
| 356 | |
| 357 | (define-public gpgme |
| 358 | (package |
| 359 | (name "gpgme") |
| 360 | (version "1.15.1") |
| 361 | (source |
| 362 | (origin |
| 363 | (method url-fetch) |
| 364 | (uri (string-append "mirror://gnupg/gpgme/gpgme-" version ".tar.bz2")) |
| 365 | (sha256 |
| 366 | (base32 "1bg13l5s8x9p1v0jyv29n84bay27pflindpzjsc9gj7i4wdkrg7f")))) |
| 367 | (build-system gnu-build-system) |
| 368 | (native-inputs |
| 369 | `(("gnupg" ,gnupg))) |
| 370 | (propagated-inputs |
| 371 | ;; Needs to be propagated because gpgme.h includes gpg-error.h. |
| 372 | `(("libgpg-error" ,libgpg-error))) |
| 373 | (inputs |
| 374 | `(("libassuan" ,libassuan))) |
| 375 | (home-page "https://www.gnupg.org/related_software/gpgme/") |
| 376 | (synopsis "Library providing simplified access to GnuPG functionality") |
| 377 | (description |
| 378 | "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG |
| 379 | easier for applications. It provides a High-Level Crypto API for encryption, |
| 380 | decryption, signing, signature verification and key management. Currently |
| 381 | it uses GnuPG as its backend but the API isn't restricted to this engine. |
| 382 | |
| 383 | Because the direct use of GnuPG from an application can be a complicated |
| 384 | programming task, it is suggested that all software should try to use GPGME |
| 385 | instead. This way bug fixes or improvements can be done at a central place |
| 386 | and every application benefits from this.") |
| 387 | (license license:lgpl2.1+) |
| 388 | (properties '((ftp-server . "ftp.gnupg.org") |
| 389 | (ftp-directory . "/gcrypt/gpgme"))))) |
| 390 | |
| 391 | (define-public qgpgme |
| 392 | (package |
| 393 | (inherit gpgme) |
| 394 | (name "qgpgme") |
| 395 | (arguments |
| 396 | `(#:phases |
| 397 | (modify-phases %standard-phases |
| 398 | (add-before 'build 'chdir-and-symlink |
| 399 | (lambda* (#:key inputs #:allow-other-keys) |
| 400 | (let ((gpgme (assoc-ref inputs "gpgme"))) |
| 401 | (symlink (string-append gpgme "/lib/libgpgmepp.la") |
| 402 | "lang/cpp/src/libgpgmepp.la") |
| 403 | (symlink (string-append gpgme "/lib/libgpgme.la") |
| 404 | "src/libgpgme.la")) |
| 405 | (chdir "lang/qt") |
| 406 | #t))))) |
| 407 | (native-inputs |
| 408 | `(("pkg-config" ,pkg-config) |
| 409 | ,@(package-native-inputs gpgme))) |
| 410 | (inputs |
| 411 | `(("gpgme" ,gpgme) |
| 412 | ("qtbase" ,qtbase) |
| 413 | ,@(package-inputs gpgme))) |
| 414 | (synopsis "Qt API bindings for gpgme") |
| 415 | (description "QGpgme provides a very high level Qt API around GpgMEpp. |
| 416 | |
| 417 | QGpgME was originally developed as part of libkleo and incorporated into |
| 418 | gpgpme starting with version 1.7.") |
| 419 | (license license:gpl2+))) ;; Note: this differs from gpgme |
| 420 | |
| 421 | (define-public guile-gcrypt |
| 422 | (package |
| 423 | (name "guile-gcrypt") |
| 424 | (version "0.3.0") |
| 425 | (home-page "https://notabug.org/cwebber/guile-gcrypt") |
| 426 | (source (origin |
| 427 | (method git-fetch) |
| 428 | (uri (git-reference |
| 429 | (url (string-append home-page ".git")) |
| 430 | (commit (string-append "v" version)))) |
| 431 | (sha256 |
| 432 | (base32 |
| 433 | "0m29fg4pdfifnqqsa437zc5c1bhbfh62mc69ba25ak4x2cla41ll")) |
| 434 | (file-name (git-file-name name version)))) |
| 435 | (build-system gnu-build-system) |
| 436 | (arguments |
| 437 | ;; Work around <https://bugs.gnu.org/20272> to achieve reproducible |
| 438 | ;; builds. |
| 439 | '(#:parallel-build? #f |
| 440 | |
| 441 | #:phases |
| 442 | (modify-phases %standard-phases |
| 443 | (add-before 'configure 'add-libgrypt-config |
| 444 | (lambda* (#:key inputs target #:allow-other-keys) |
| 445 | (when target |
| 446 | ;; When cross-compiling, the bash script 'libgcrypt-config' |
| 447 | ;; must be accessible during the configure phase. |
| 448 | (setenv "PATH" |
| 449 | (string-append (assoc-ref inputs "libgcrypt") |
| 450 | "/bin:" (getenv "PATH"))))))))) |
| 451 | (native-inputs |
| 452 | `(("pkg-config" ,pkg-config) |
| 453 | ("autoconf" ,autoconf) |
| 454 | ("automake" ,automake) |
| 455 | ("texinfo" ,texinfo) |
| 456 | ("guile" ,guile-3.0))) |
| 457 | (inputs |
| 458 | `(("guile" ,guile-3.0) |
| 459 | ("libgcrypt" ,libgcrypt))) |
| 460 | (synopsis "Cryptography library for Guile using Libgcrypt") |
| 461 | (description |
| 462 | "Guile-Gcrypt provides a Guile interface to a subset of the |
| 463 | GNU Libgcrypt crytographic library. It provides modules for cryptographic |
| 464 | hash functions, message authentication codes (MAC), public-key cryptography, |
| 465 | strong randomness, and more. It is implemented using the foreign function |
| 466 | interface (FFI) of Guile.") |
| 467 | (license license:gpl3+))) |
| 468 | |
| 469 | (define-public guile2.0-gcrypt |
| 470 | (package (inherit guile-gcrypt) |
| 471 | (name "guile2.0-gcrypt") |
| 472 | (native-inputs |
| 473 | `(("guile" ,guile-2.0) |
| 474 | ,@(alist-delete "guile" (package-native-inputs guile-gcrypt)))) |
| 475 | (inputs |
| 476 | `(("guile" ,guile-2.0) |
| 477 | ,@(alist-delete "guile" (package-inputs guile-gcrypt)))))) |
| 478 | |
| 479 | (define-public guile2.2-gcrypt |
| 480 | (package |
| 481 | (inherit guile-gcrypt) |
| 482 | (name "guile2.2-gcrypt") |
| 483 | (native-inputs |
| 484 | `(("guile" ,guile-2.2) |
| 485 | ,@(alist-delete "guile" (package-native-inputs guile-gcrypt)))) |
| 486 | (inputs |
| 487 | `(("guile" ,guile-2.2) |
| 488 | ,@(alist-delete "guile" (package-inputs guile-gcrypt)))))) |
| 489 | |
| 490 | (define-public guile3.0-gcrypt |
| 491 | (deprecated-package "guile3.0-gcrypt" guile-gcrypt)) |
| 492 | |
| 493 | (define-public python-gpg |
| 494 | (package |
| 495 | (name "python-gpg") |
| 496 | (version "1.10.0") |
| 497 | (source (origin |
| 498 | (method url-fetch) |
| 499 | (uri (pypi-uri "gpg" version)) |
| 500 | (sha256 |
| 501 | (base32 |
| 502 | "1ji3ynhp36m1ccx7bmaq75dhij9frpn19v9mpi4aajn8csl194il")))) |
| 503 | (build-system python-build-system) |
| 504 | (arguments |
| 505 | '(#:phases |
| 506 | (modify-phases %standard-phases |
| 507 | (add-before 'build 'set-environment |
| 508 | (lambda _ |
| 509 | (substitute* "setup.py" |
| 510 | (("cc") (which "gcc"))) |
| 511 | #t))) |
| 512 | #:tests? #f)) ; No test suite. |
| 513 | (inputs |
| 514 | `(("gpgme" ,gpgme))) |
| 515 | (native-inputs |
| 516 | `(("swig" ,swig))) |
| 517 | (home-page (package-home-page gpgme)) |
| 518 | (synopsis "Python bindings for GPGME GnuPG cryptography library") |
| 519 | (description "This package provides Python bindings to the GPGME GnuPG |
| 520 | cryptographic library. It is developed in the GPGME source code, and then |
| 521 | distributed separately.") |
| 522 | (license license:lgpl2.1+))) |
| 523 | |
| 524 | (define-public python2-gpg |
| 525 | (package-with-python2 python-gpg)) |
| 526 | |
| 527 | (define-public python-pygpgme |
| 528 | (package |
| 529 | (name "python-pygpgme") |
| 530 | (version "0.3") |
| 531 | (source |
| 532 | (origin |
| 533 | (method url-fetch) |
| 534 | (uri (pypi-uri "pygpgme" version)) |
| 535 | (sha256 |
| 536 | (base32 |
| 537 | "1q82p3gs6lwq8j8dxk4pvrwk3jpww1zqcjrzznl9clh10z28gn2z")) |
| 538 | ;; Unfortunately, we have to disable some tests due to some gpg-agent |
| 539 | ;; goofiness... see: |
| 540 | ;; https://bugs.launchpad.net/pygpgme/+bug/999949 |
| 541 | (patches (search-patches "pygpgme-disable-problematic-tests.patch" |
| 542 | "python-pygpgme-fix-pinentry-tests.patch")))) |
| 543 | (arguments |
| 544 | `(#:phases |
| 545 | (modify-phases %standard-phases |
| 546 | (add-before 'build 'make-build |
| 547 | (lambda _ (invoke "make" "build"))) |
| 548 | (replace 'check |
| 549 | (lambda _ (invoke "make" "check")))))) |
| 550 | (build-system python-build-system) |
| 551 | (native-inputs |
| 552 | `(("gnupg" ,gnupg-1))) |
| 553 | (inputs |
| 554 | `(("gpgme" ,gpgme))) |
| 555 | (home-page "https://launchpad.net/pygpgme") |
| 556 | (synopsis "Python module for working with OpenPGP messages") |
| 557 | (description |
| 558 | "PyGPGME is a Python module that lets you sign, verify, encrypt and |
| 559 | decrypt messages using the OpenPGP format by making use of GPGME.") |
| 560 | (license license:lgpl2.1+))) |
| 561 | |
| 562 | (define-public python2-pygpgme |
| 563 | (package-with-python2 python-pygpgme)) |
| 564 | |
| 565 | (define-public python-gnupg |
| 566 | (package |
| 567 | (name "python-gnupg") |
| 568 | (version "0.4.4") |
| 569 | (source |
| 570 | (origin |
| 571 | (method url-fetch) |
| 572 | (uri (pypi-uri "python-gnupg" version)) |
| 573 | (sha256 |
| 574 | (base32 |
| 575 | "03pvjyp6q9pr8qa22i38az06ddzhvzy5kj192hxa3gbhnchg1nj5")))) |
| 576 | (build-system python-build-system) |
| 577 | (arguments |
| 578 | `(#:phases |
| 579 | (modify-phases %standard-phases |
| 580 | (replace 'check |
| 581 | (lambda _ |
| 582 | (substitute* "test_gnupg.py" |
| 583 | ;; Unsure why this test fails. |
| 584 | (("'test_search_keys'") "True") |
| 585 | (("def test_search_keys") "def disabled__search_keys")) |
| 586 | (setenv "USERNAME" "guixbuilder") |
| 587 | ;; The doctests are extremely slow and sometimes time out, |
| 588 | ;; so we disable them. |
| 589 | (invoke "python" |
| 590 | "test_gnupg.py" "--no-doctests")))))) |
| 591 | (native-inputs |
| 592 | `(("gnupg" ,gnupg-1))) |
| 593 | (home-page "https://packages.python.org/python-gnupg/index.html") |
| 594 | (synopsis "Wrapper for the GNU Privacy Guard") |
| 595 | (description |
| 596 | "This module allows easy access to GnuPG’s key management, encryption |
| 597 | and signature functionality from Python programs.") |
| 598 | (license license:bsd-3))) |
| 599 | |
| 600 | (define-public python2-gnupg |
| 601 | (package-with-python2 python-gnupg)) |
| 602 | |
| 603 | (define-public perl-gnupg-interface |
| 604 | (package |
| 605 | (name "perl-gnupg-interface") |
| 606 | (version "0.52") |
| 607 | (source (origin |
| 608 | (method url-fetch) |
| 609 | (uri (string-append "mirror://cpan/authors/id/A/AL/ALEXMV/" |
| 610 | "GnuPG-Interface-" version ".tar.gz")) |
| 611 | (sha256 |
| 612 | (base32 |
| 613 | "0dgx8yhdsmhkazcrz14n4flrk1afv7azgl003hl4arxvi1d9yyi4")))) |
| 614 | (build-system perl-build-system) |
| 615 | (arguments |
| 616 | `(#:phases |
| 617 | (modify-phases %standard-phases |
| 618 | ;; FIXME: This test fails for unknown reasons |
| 619 | (add-after 'unpack 'delete-broken-test |
| 620 | (lambda _ |
| 621 | (delete-file "t/encrypt_symmetrically.t") |
| 622 | #t))))) |
| 623 | (inputs |
| 624 | `(("gnupg" ,gnupg-1))) |
| 625 | (propagated-inputs |
| 626 | `(("perl-moo" ,perl-moo) |
| 627 | ("perl-moox-handlesvia" ,perl-moox-handlesvia) |
| 628 | ("perl-moox-late" ,perl-moox-late))) |
| 629 | (native-inputs |
| 630 | `(("which" ,which) |
| 631 | ("perl-module-install" ,perl-module-install))) |
| 632 | (home-page "https://metacpan.org/release/GnuPG-Interface") |
| 633 | (synopsis "Perl interface to GnuPG") |
| 634 | (description "@code{GnuPG::Interface} and its associated modules are |
| 635 | designed to provide an object-oriented method for interacting with GnuPG, |
| 636 | being able to perform functions such as but not limited to encrypting, |
| 637 | signing, decryption, verification, and key-listing parsing.") |
| 638 | (license license:perl-license))) |
| 639 | |
| 640 | (define-public pius |
| 641 | (package |
| 642 | (name "pius") |
| 643 | (version "2.2.7") |
| 644 | (source (origin |
| 645 | (method url-fetch) |
| 646 | (uri (string-append |
| 647 | "https://github.com/jaymzh/pius/releases/download/v" |
| 648 | version "/pius-" version ".tar.bz2")) |
| 649 | (sha256 |
| 650 | (base32 |
| 651 | "1nsl7czicv95j0gfz4s82ys3g3h2mwr6cq3ilid8bpz3iy7z4ipy")))) |
| 652 | (build-system python-build-system) |
| 653 | (inputs `(("perl" ,perl) ; for 'pius-party-worksheet' |
| 654 | ("gpg" ,gnupg) |
| 655 | ("python-six" ,python2-six))) |
| 656 | (arguments |
| 657 | `(#:tests? #f |
| 658 | #:python ,python-2 ; uses the Python 2 'print' syntax |
| 659 | #:phases |
| 660 | (modify-phases %standard-phases |
| 661 | (add-before |
| 662 | 'build 'set-gpg-file-name |
| 663 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 664 | (let* ((gpg (string-append (assoc-ref inputs "gpg") |
| 665 | "/bin/gpg"))) |
| 666 | (substitute* "libpius/constants.py" |
| 667 | (("/usr/bin/gpg2") gpg)) |
| 668 | #t)))))) |
| 669 | (synopsis "Programs to simplify GnuPG key signing") |
| 670 | (description |
| 671 | "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning |
| 672 | parties. It is the main utility and makes it possible to quickly and easily |
| 673 | sign each UID on a set of PGP keys. It is designed to take the pain out of |
| 674 | the sign-all-the-keys part of PGP Keysigning Party while adding security |
| 675 | to the process. |
| 676 | |
| 677 | pius-keyring-mgr and pius-party-worksheet help organisers of |
| 678 | PGP keysigning parties.") |
| 679 | (license license:gpl2) |
| 680 | (home-page "https://www.phildev.net/pius/index.shtml"))) |
| 681 | |
| 682 | (define-public signing-party |
| 683 | (package |
| 684 | (name "signing-party") |
| 685 | (version "2.11") |
| 686 | (home-page "https://salsa.debian.org/signing-party-team/signing-party") |
| 687 | (source (origin |
| 688 | (method git-fetch) |
| 689 | (uri (git-reference |
| 690 | (url home-page) |
| 691 | (commit (string-append "v" version)))) |
| 692 | (file-name (git-file-name name version)) |
| 693 | (sha256 |
| 694 | (base32 |
| 695 | "1aig5ssabzbk4mih7xd04vgr931bw0flbi8dz902wlr610gyv5s5")))) |
| 696 | (build-system gnu-build-system) |
| 697 | (native-inputs |
| 698 | ;; autoconf-wrapper is required due to the non-standard |
| 699 | ;; 'configure phase. |
| 700 | `(("autoconf" ,autoconf-wrapper) |
| 701 | ("automake" ,automake))) |
| 702 | (inputs `(("perl" ,perl) |
| 703 | ("perl-text-template" ,perl-text-template) |
| 704 | ("perl-mime-tools" ,perl-mime-tools) |
| 705 | ("perl-gnupg-interface" ,perl-gnupg-interface) |
| 706 | ("perl-net-idn-encode" ,perl-net-idn-encode) |
| 707 | ("libmd" ,libmd))) |
| 708 | (arguments |
| 709 | `(#:tests? #f ; no test suite |
| 710 | #:phases |
| 711 | (modify-phases %standard-phases |
| 712 | (replace 'configure |
| 713 | (lambda* (#:key outputs #:allow-other-keys) |
| 714 | (let ((out (assoc-ref outputs "out"))) |
| 715 | (substitute* "keyanalyze/Makefile" |
| 716 | (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS"))) |
| 717 | (substitute* "keyanalyze/Makefile" |
| 718 | (("\\./configure") (string-append "./configure --prefix=" out))) |
| 719 | (substitute* "gpgwrap/Makefile" |
| 720 | (("\\} clean") |
| 721 | (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap " |
| 722 | out "/bin/gpgwrap\n"))) |
| 723 | (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile" |
| 724 | "keylookup/Makefile" "sig2dot/Makefile" |
| 725 | "springgraph/Makefile") |
| 726 | (("/usr") out)) |
| 727 | (setenv "CONFIG_SHELL" (which "sh"))) |
| 728 | #t)) |
| 729 | (replace 'install |
| 730 | (lambda* (#:key outputs #:allow-other-keys #:rest args) |
| 731 | (let ((out (assoc-ref outputs "out")) |
| 732 | (install (assoc-ref %standard-phases 'install))) |
| 733 | (apply install args) |
| 734 | (for-each |
| 735 | (lambda (dir file) |
| 736 | (copy-file (string-append dir "/" file) |
| 737 | (string-append out "/bin/" file))) |
| 738 | '("caff" "caff" "caff" "gpgdir" "gpg-key2ps" |
| 739 | "gpglist" "gpg-mailkeys" "gpgparticipants") |
| 740 | '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps" |
| 741 | "gpglist" "gpg-mailkeys" "gpgparticipants")) |
| 742 | (for-each |
| 743 | (lambda (dir file) |
| 744 | (copy-file (string-append dir "/" file) |
| 745 | (string-append out "/share/man/man1/" file))) |
| 746 | '("caff" "caff" "caff" "gpgdir" |
| 747 | "gpg-key2ps" "gpglist" "gpg-mailkeys" |
| 748 | "gpgparticipants" "gpgsigs" "gpgwrap/doc" |
| 749 | "keyanalyze" "keyanalyze/pgpring" "keyanalyze") |
| 750 | '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1" |
| 751 | "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1" |
| 752 | "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1" |
| 753 | "process_keys.1" "pgpring.1" "keyanalyze.1"))) |
| 754 | #t)) |
| 755 | (add-after 'install 'wrap-programs |
| 756 | (lambda* (#:key outputs #:allow-other-keys) |
| 757 | (let* ((out (assoc-ref outputs "out"))) |
| 758 | (wrap-program |
| 759 | (string-append out "/bin/caff") |
| 760 | `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB"))))) |
| 761 | #t))))) |
| 762 | (synopsis "Collection of scripts for simplifying gnupg key signing") |
| 763 | (description |
| 764 | "Signing-party is a collection for all kinds of PGP/GnuPG related things, |
| 765 | including tools for signing keys, keyring analysis, and party preparation. |
| 766 | @enumerate |
| 767 | @item caff: CA - Fire and Forget signs and mails a key |
| 768 | @item pgp-clean: removes all non-self signatures from key |
| 769 | @item pgp-fixkey: removes broken packets from keys |
| 770 | @item gpg-mailkeys: simply mail out a signed key to its owner |
| 771 | @item gpg-key2ps: generate PostScript file with fingerprint paper strips |
| 772 | @item gpgdir: recursive directory encryption tool |
| 773 | @item gpglist: show who signed which of your UIDs |
| 774 | @item gpgsigs: annotates list of GnuPG keys with already done signatures |
| 775 | @item gpgparticipants: create list of party participants for the organiser |
| 776 | @item gpgwrap: a passphrase wrapper |
| 777 | @item keyanalyze: minimum signing distance (MSD) analysis on keyrings |
| 778 | @item keylookup: ncurses wrapper around gpg --search |
| 779 | @item sig2dot: converts a list of GnuPG signatures to a .dot file |
| 780 | @item springgraph: creates a graph from a .dot file |
| 781 | @end enumerate") |
| 782 | ;; gpl2+ for almost all programs, except for keyanalyze: gpl2 |
| 783 | ;; and caff and gpgsigs: bsd-3, see |
| 784 | ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright |
| 785 | (license license:gpl2))) |
| 786 | |
| 787 | (define-public pinentry-tty |
| 788 | (package |
| 789 | (name "pinentry-tty") |
| 790 | (version "1.1.1") |
| 791 | (source (origin |
| 792 | (method url-fetch) |
| 793 | (uri (string-append "mirror://gnupg/pinentry/pinentry-" |
| 794 | version ".tar.bz2")) |
| 795 | (sha256 |
| 796 | (base32 |
| 797 | "0zx5vg6wws2sp2yxwi01b8i1pnsqkydncpj7x0p8xl9y05ja04nd")))) |
| 798 | (build-system gnu-build-system) |
| 799 | (arguments |
| 800 | `(#:configure-flags '("--enable-pinentry-tty"))) |
| 801 | (inputs |
| 802 | `(("ncurses" ,ncurses) |
| 803 | ("libassuan" ,libassuan) |
| 804 | ("libsecret" ,libsecret "out"))) |
| 805 | (native-inputs |
| 806 | `(("pkg-config" ,pkg-config))) |
| 807 | (home-page "https://gnupg.org/aegypten2/") |
| 808 | (synopsis "GnuPG's interface to passphrase input") |
| 809 | (description |
| 810 | "Pinentry provides a console that allows users to enter a passphrase when |
| 811 | @code{gpg} is run and needs it.") |
| 812 | (license license:gpl2+) |
| 813 | (properties '((ftp-server . "ftp.gnupg.org") |
| 814 | (ftp-directory . "/gcrypt/pinentry") |
| 815 | (upstream-name . "pinentry"))))) |
| 816 | |
| 817 | (define-public pinentry-emacs |
| 818 | (package |
| 819 | (inherit pinentry-tty) |
| 820 | (name "pinentry-emacs") |
| 821 | (arguments |
| 822 | `(#:configure-flags '("--enable-pinentry-emacs"))) |
| 823 | (description |
| 824 | "Pinentry provides a console and an Emacs interface that allows users to |
| 825 | enter a passphrase when required by @code{gpg} or other software."))) |
| 826 | |
| 827 | (define-public pinentry-gtk2 |
| 828 | (package |
| 829 | (inherit pinentry-tty) |
| 830 | (name "pinentry-gtk2") |
| 831 | (arguments |
| 832 | `(#:configure-flags '("--enable-fallback-curses"))) |
| 833 | (inputs |
| 834 | `(("gtk+" ,gtk+-2) |
| 835 | ("glib" ,glib) |
| 836 | ,@(package-inputs pinentry-tty))) |
| 837 | (description |
| 838 | "Pinentry provides a console and a GTK+ GUI that allows users to enter a |
| 839 | passphrase when @code{gpg} is run and needs it."))) |
| 840 | |
| 841 | (define-public pinentry-gnome3 |
| 842 | (package |
| 843 | (inherit pinentry-tty) |
| 844 | (name "pinentry-gnome3") |
| 845 | (inputs |
| 846 | `(("gtk+" ,gtk+-2) |
| 847 | ("gcr" ,gcr) |
| 848 | ("glib" ,glib) |
| 849 | ,@(package-inputs pinentry-tty))) |
| 850 | (arguments |
| 851 | `(#:configure-flags '("--enable-pinentry-gnome3" |
| 852 | "--enable-fallback-curses"))) |
| 853 | (description |
| 854 | "Pinentry provides a console and a GUI designed for use with GNOME@tie{}3 |
| 855 | that allows users to enter a passphrase when required by @code{gpg} or other |
| 856 | software."))) |
| 857 | |
| 858 | (define-public pinentry-qt |
| 859 | (package |
| 860 | (inherit pinentry-tty) |
| 861 | (name "pinentry-qt") |
| 862 | (arguments |
| 863 | `(#:configure-flags '("--enable-fallback-curses"))) |
| 864 | (inputs |
| 865 | `(("qtbase" ,qtbase) |
| 866 | ,@(package-inputs pinentry-tty))) |
| 867 | (description |
| 868 | "Pinentry provides a console and a Qt GUI that allows users to enter a |
| 869 | passphrase when @code{gpg} is run and needs it."))) |
| 870 | |
| 871 | (define-public pinentry-efl |
| 872 | (package |
| 873 | (inherit pinentry-tty) |
| 874 | (name "pinentry-efl") |
| 875 | (arguments |
| 876 | '(#:configure-flags '("--enable-pinentry-efl" |
| 877 | "--enable-fallback-curses") |
| 878 | #:phases |
| 879 | (modify-phases %standard-phases |
| 880 | (replace 'bootstrap |
| 881 | (lambda _ |
| 882 | (invoke "sh" "autogen.sh")))))) |
| 883 | (native-inputs |
| 884 | `(("autoconf" ,autoconf) |
| 885 | ("automake" ,automake) |
| 886 | ("gettext" ,gettext-minimal) |
| 887 | ,@(package-native-inputs pinentry-tty))) |
| 888 | (inputs |
| 889 | `(("efl" ,efl) |
| 890 | ,@(package-inputs pinentry-tty))) |
| 891 | (description |
| 892 | "Pinentry provides a console and a graphical interface for @acronym{EFL, |
| 893 | the Enlightenment Foundation Libraries} that allows users to enter a |
| 894 | passphrase when @code{gpg} is run and needs it."))) |
| 895 | |
| 896 | (define-public pinentry-rofi |
| 897 | (package |
| 898 | (name "pinentry-rofi") |
| 899 | (version "2.0.3") |
| 900 | (source (origin |
| 901 | (method git-fetch) |
| 902 | (uri (git-reference |
| 903 | (url "https://github.com/plattfot/pinentry-rofi/") |
| 904 | (commit version))) |
| 905 | (file-name (git-file-name name version)) |
| 906 | (sha256 |
| 907 | (base32 "0kjzvgni9srl8h5c52pqrvgdxs6avv0nhgk19apd97sx10qdwdhk")))) |
| 908 | (build-system gnu-build-system) |
| 909 | (arguments |
| 910 | `(#:modules |
| 911 | ((ice-9 match) |
| 912 | (ice-9 ftw) |
| 913 | ,@%gnu-build-system-modules) |
| 914 | #:phases |
| 915 | (modify-phases |
| 916 | %standard-phases |
| 917 | (add-after 'install 'hall-wrap-binaries |
| 918 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 919 | (let* ((out (assoc-ref outputs "out")) |
| 920 | (bin (string-append out "/bin/")) |
| 921 | (site (string-append out "/share/guile/site")) |
| 922 | (rofi-bin (string-append (assoc-ref inputs "rofi") "/bin"))) |
| 923 | (match (scandir site) |
| 924 | (("." ".." version) |
| 925 | (wrap-program |
| 926 | (string-append bin "pinentry-rofi") |
| 927 | (list "PATH" ":" 'prefix `(,rofi-bin))) |
| 928 | #t))))) |
| 929 | (add-after 'compress-documentation 'installcheck |
| 930 | (lambda* rest |
| 931 | (invoke "make" "installcheck")))))) |
| 932 | (native-inputs |
| 933 | `(("autoconf" ,autoconf) |
| 934 | ("autoconf-archive" ,autoconf-archive) |
| 935 | ("automake" ,automake) |
| 936 | ("pkg-config" ,pkg-config) |
| 937 | ("texinfo" ,texinfo))) |
| 938 | (inputs `(("guile" ,guile-3.0) |
| 939 | ("rofi" ,rofi))) |
| 940 | (synopsis "Rofi GUI for GnuPG's passphrase input") |
| 941 | (description "Pinentry-rofi is a simple graphical user interface for |
| 942 | passphrase or PIN when required by @code{gpg} or other software. It is using |
| 943 | the Rofi application launcher as the user interface. Which makes it combined |
| 944 | with @code{rofi-pass} a good front end for @code{password-store}.") |
| 945 | (home-page "https://github.com/plattfot/pinentry-rofi/") |
| 946 | (license license:gpl3+))) |
| 947 | |
| 948 | (define-public pinentry |
| 949 | (package (inherit pinentry-gtk2) |
| 950 | (name "pinentry"))) |
| 951 | |
| 952 | (define-public paperkey |
| 953 | (package |
| 954 | (name "paperkey") |
| 955 | (version "1.6") |
| 956 | (source (origin |
| 957 | (method url-fetch) |
| 958 | (uri (string-append "https://www.jabberwocky.com/" |
| 959 | "software/paperkey/paperkey-" |
| 960 | version ".tar.gz")) |
| 961 | (sha256 |
| 962 | (base32 |
| 963 | "1xq5gni6gksjkd5avg0zpd73vsr97appksfx0gx2m38s4w9zsid2")))) |
| 964 | (build-system gnu-build-system) |
| 965 | (arguments |
| 966 | `(#:phases |
| 967 | (modify-phases %standard-phases |
| 968 | (add-before 'check 'patch-check-scripts |
| 969 | (lambda _ |
| 970 | (substitute* '("checks/roundtrip.sh" |
| 971 | "checks/roundtrip-raw.sh") |
| 972 | (("/bin/echo") "echo")) |
| 973 | #t))))) |
| 974 | (home-page "https://www.jabberwocky.com/software/paperkey/") |
| 975 | (synopsis "Backup OpenPGP keys to paper") |
| 976 | (description |
| 977 | "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key |
| 978 | for printing with paper and ink, which have amazingly long retention |
| 979 | qualities. To reconstruct a secret key, you re-enter those |
| 980 | bytes (whether by hand, OCR, QR code, or the like) and paperkey can use |
| 981 | them to transform your existing public key into a secret key.") |
| 982 | (license license:gpl2+))) |
| 983 | |
| 984 | (define-public pgpdump |
| 985 | (package |
| 986 | (name "pgpdump") |
| 987 | (version "0.33") |
| 988 | (source |
| 989 | (origin |
| 990 | (method url-fetch) |
| 991 | (uri (string-append "https://www.mew.org/~kazu/proj/pgpdump/pgpdump-" |
| 992 | version ".tar.gz")) |
| 993 | (sha256 |
| 994 | (base32 "1j001jra2m89n6cys3n0hs574bipjdzfxhzpnd4jfyv95mqwl7n4")))) |
| 995 | (build-system gnu-build-system) |
| 996 | (arguments |
| 997 | `(#:tests? #f ; no make check |
| 998 | #:configure-flags (list "--prefix=/") |
| 999 | #:make-flags (list "CC=gcc" |
| 1000 | (string-append "DESTDIR=" (assoc-ref %outputs "out"))))) |
| 1001 | (inputs |
| 1002 | `(("zlib" ,zlib))) |
| 1003 | (home-page "https://www.mew.org/~kazu/proj/pgpdump/en/") |
| 1004 | (synopsis "PGP packet visualizer") |
| 1005 | (description "pgpdump displays the sequence of OpenPGP or PGP version 2 |
| 1006 | packets from a file. |
| 1007 | |
| 1008 | The output of this command is similar to GnuPG's list packets command, |
| 1009 | however, pgpdump produces more detailed and easier to understand output.") |
| 1010 | (license license:bsd-3))) |
| 1011 | |
| 1012 | (define-public gpa |
| 1013 | (package |
| 1014 | (name "gpa") |
| 1015 | (version "0.10.0") |
| 1016 | (source (origin |
| 1017 | (method url-fetch) |
| 1018 | (uri (string-append "mirror://gnupg/gpa/" |
| 1019 | name "-" version ".tar.bz2")) |
| 1020 | (sha256 |
| 1021 | (base32 |
| 1022 | "1cbpc45f8qbdkd62p12s3q2rdq6fa5xdzwmcwd3xrj55bzkspnwm")))) |
| 1023 | (build-system gnu-build-system) |
| 1024 | (arguments |
| 1025 | `(#:phases |
| 1026 | (modify-phases %standard-phases |
| 1027 | (add-after 'install 'wrap-program |
| 1028 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 1029 | (let ((out (assoc-ref outputs "out")) |
| 1030 | (gnupg (assoc-ref inputs "gnupg"))) |
| 1031 | (wrap-program (string-append out "/bin/gpa") |
| 1032 | `("PATH" ":" prefix (,(string-append gnupg "/bin")))) |
| 1033 | #t)))))) |
| 1034 | (native-inputs |
| 1035 | `(("pkg-config" ,pkg-config))) |
| 1036 | (inputs |
| 1037 | `(("gnupg" ,gnupg) |
| 1038 | ("gpgme" ,gpgme) |
| 1039 | ("libassuan" ,libassuan) |
| 1040 | ("libgpg-error" ,libgpg-error) |
| 1041 | ("gtk+-2" ,gtk+-2))) |
| 1042 | (home-page "https://gnupg.org/software/gpa/") |
| 1043 | (synopsis "Graphical user interface for GnuPG") |
| 1044 | (description |
| 1045 | "GPA, the GNU Privacy Assistant, is a graphical user interface for |
| 1046 | @uref{https://gnupg.org, GnuPG}. It can be used to encrypt, decrypt, and sign |
| 1047 | files, to verify signatures, and to manage the private and public keys.") |
| 1048 | (license license:gpl3+) |
| 1049 | (properties '((ftp-server . "ftp.gnupg.org") |
| 1050 | (ftp-directory . "/gcrypt/gpa"))))) |
| 1051 | |
| 1052 | (define-public parcimonie |
| 1053 | (package |
| 1054 | (name "parcimonie") |
| 1055 | (version "0.11.0") |
| 1056 | (source (origin |
| 1057 | (method url-fetch) |
| 1058 | (uri (string-append "https://gaffer.boum.org/intrigeri/files/" |
| 1059 | "parcimonie/App-Parcimonie-" |
| 1060 | version ".tar.gz")) |
| 1061 | (sha256 |
| 1062 | (base32 |
| 1063 | "14pvapvzrxh1yh8zgcj1llmc2dd8g1fgzskxlja21gmw8c88aqdk")))) |
| 1064 | (build-system perl-build-system) |
| 1065 | (inputs |
| 1066 | `(("gnupg" ,gnupg) |
| 1067 | ("perl-config-general" ,perl-config-general) |
| 1068 | ("perl-clone" ,perl-clone) |
| 1069 | ("perl-data" ,perl-data) |
| 1070 | ("perl-exporter-tiny" ,perl-exporter-tiny) |
| 1071 | ("perl-file-homedir" ,perl-file-homedir) |
| 1072 | ("perl-file-sharedir" ,perl-file-sharedir) |
| 1073 | ("perl-file-which" ,perl-file-which) |
| 1074 | ("perl-getopt-long-descriptive" ,perl-getopt-long-descriptive) |
| 1075 | ("perl-gnupg-interface" ,perl-gnupg-interface) |
| 1076 | ("perl-ipc-system-simple" ,perl-ipc-system-simple) |
| 1077 | ("perl-list-moreutils" ,perl-list-moreutils) |
| 1078 | ("perl-libintl-perl" ,perl-libintl-perl) ; Locale::TextDomain |
| 1079 | ("perl-lwp-online" ,perl-lwp-online) |
| 1080 | ("perl-module-build" ,perl-module-build) |
| 1081 | ("perl-module-pluggable-object" ,perl-module-pluggable) |
| 1082 | ("perl-moo" ,perl-moo) |
| 1083 | ("perl-moox-handlesvia" ,perl-moox-handlesvia) |
| 1084 | ("perl-moox-late" ,perl-moox-late) |
| 1085 | ("perl-moox-options" ,perl-moox-options) |
| 1086 | ("perl-moox-strictconstructor" ,perl-moox-strictconstructor) |
| 1087 | ("perl-namespace-clean" ,perl-namespace-clean) |
| 1088 | ("perl-net-dbus" ,perl-net-dbus) |
| 1089 | ("perl-net-dbus-glib" ,perl-net-dbus-glib) |
| 1090 | ("perl-path-tiny" ,perl-path-tiny) |
| 1091 | ("perl-strictures" ,perl-strictures-2) |
| 1092 | ("perl-test-most" ,perl-test-most) |
| 1093 | ("perl-test-trap" ,perl-test-trap) |
| 1094 | ("perl-time-duration" ,perl-time-duration) |
| 1095 | ("perl-time-duration-parse" ,perl-time-duration-parse) |
| 1096 | ("perl-try-tiny" ,perl-try-tiny) |
| 1097 | ("perl-type-tiny" ,perl-type-tiny) |
| 1098 | ("perl-types-path-tiny" ,perl-types-path-tiny) |
| 1099 | ("perl-unicode-linebreak" ,perl-unicode-linebreak) |
| 1100 | ("perl-xml-parser" ,perl-xml-parser) |
| 1101 | ("perl-xml-twig" ,perl-xml-twig) |
| 1102 | ("torsocks" ,torsocks))) |
| 1103 | (native-inputs |
| 1104 | `(("xorg-server" ,xorg-server-for-tests))) |
| 1105 | (arguments |
| 1106 | `(#:phases |
| 1107 | (modify-phases %standard-phases |
| 1108 | ;; Needed for using gpg-connect-agent during tests. |
| 1109 | (add-before 'check 'prepare-for-tests |
| 1110 | (lambda* (#:key inputs #:allow-other-keys) |
| 1111 | (let ((xorg-server (assoc-ref inputs "xorg-server"))) |
| 1112 | (system (string-append xorg-server "/bin/Xvfb :1 &")) |
| 1113 | (setenv "DISPLAY" ":1") |
| 1114 | (setenv "HOME" "/tmp") |
| 1115 | ;; These tests are known to fail |
| 1116 | (delete-file "t/32-keyserver_defined_on_command_line.t") |
| 1117 | (delete-file "t/33-checkGpgHasDefinedKeyserver.t") |
| 1118 | ;; The applet is deprecated upstream. |
| 1119 | (delete-file "t/00-load_all.t") |
| 1120 | #t))) |
| 1121 | (add-before 'install 'fix-references |
| 1122 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 1123 | (substitute* "lib/App/Parcimonie/GnuPG/Interface.pm" |
| 1124 | ;; Skip check whether dependencies are in the PATH |
| 1125 | (("defined which.*") "")) |
| 1126 | #t)) |
| 1127 | (add-after 'install 'wrap-program |
| 1128 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 1129 | (let* ((out (assoc-ref outputs "out")) |
| 1130 | (perllib (string-append out "/lib/perl5/site_perl/" |
| 1131 | ,(package-version perl)))) |
| 1132 | (wrap-program (string-append out "/bin/parcimonie") |
| 1133 | `("PERL5LIB" ":" |
| 1134 | prefix (,(string-append perllib ":" (getenv "PERL5LIB"))))) |
| 1135 | #t)))))) |
| 1136 | (home-page "https://gaffer.boum.org/intrigeri/code/parcimonie/") |
| 1137 | (synopsis "Incrementally refreshes a GnuPG keyring") |
| 1138 | (description "Parcimonie incrementaly refreshes a GnuPG keyring in a way |
| 1139 | that makes it hard to correlate the keyring content to an individual, and |
| 1140 | makes it hard to locate an individual based on an identifying subset of her |
| 1141 | keyring content. Parcimonie is a daemon that fetches one key at a time using |
| 1142 | the Tor network, waits a bit, changes the Tor circuit being used, and starts |
| 1143 | over.") |
| 1144 | (license license:gpl1+))) |
| 1145 | |
| 1146 | (define-public jetring |
| 1147 | (package |
| 1148 | (name "jetring") |
| 1149 | (version "0.30") |
| 1150 | (source |
| 1151 | (origin |
| 1152 | (method git-fetch) |
| 1153 | (uri (git-reference |
| 1154 | (url "https://salsa.debian.org/debian/jetring") |
| 1155 | (commit "535380166eb1b222ba34864af07f3e36f4fb52c9"))) |
| 1156 | (file-name (git-file-name name version)) |
| 1157 | (sha256 |
| 1158 | (base32 "19m7rj446pr4nql44khwq0cfxfrm8cslj5v9jll08p7nk6glq5px")))) |
| 1159 | (build-system gnu-build-system) |
| 1160 | (arguments |
| 1161 | '(#:phases |
| 1162 | (modify-phases %standard-phases |
| 1163 | (delete 'configure) ; no configure script |
| 1164 | (add-before 'install 'hardlink-gnupg |
| 1165 | (lambda* (#:key inputs #:allow-other-keys) |
| 1166 | (let ((gpg (string-append (assoc-ref inputs "gnupg") |
| 1167 | "/bin/gpg"))) |
| 1168 | (substitute* (find-files "." "jetring-[[:alpha:]]+$") |
| 1169 | (("gpg -") (string-append gpg " -")) |
| 1170 | (("\\\"gpg\\\"") (string-append "\"" gpg "\""))) |
| 1171 | #t))) |
| 1172 | (replace 'install |
| 1173 | (lambda* (#:key outputs #:allow-other-keys) |
| 1174 | (let* ((out (assoc-ref outputs "out")) |
| 1175 | (man (string-append out "/share/man"))) |
| 1176 | (for-each (lambda (file) |
| 1177 | (install-file file (string-append out "/bin/"))) |
| 1178 | (find-files "." "jetring-[[:alpha:]]+$")) |
| 1179 | (for-each (lambda (file) |
| 1180 | (install-file file (string-append man "/man1/"))) |
| 1181 | (find-files "." ".*\\.1$")) |
| 1182 | (install-file "jetring.7" (string-append man "/man7/")) |
| 1183 | #t)))) |
| 1184 | #:tests? #f)) ; no test phase |
| 1185 | (inputs |
| 1186 | `(("gnupg" ,gnupg) |
| 1187 | ("perl" ,perl))) |
| 1188 | (home-page "https://joeyh.name/code/jetring/") |
| 1189 | (synopsis "GnuPG keyring maintenance using changesets") |
| 1190 | (description |
| 1191 | "Jetring is a collection of tools that allow for gpg keyrings to be |
| 1192 | maintained using changesets. It was developed with the Debian keyring in mind, |
| 1193 | and aims to solve the problem that a gpg keyring is a binary blob that's hard |
| 1194 | for multiple people to collaboratively edit. |
| 1195 | |
| 1196 | With jetring, changesets can be submitted, reviewed to see exactly what they |
| 1197 | will do, applied, and used to build a keyring. The origin of every change made |
| 1198 | to the keyring is available for auditing, and gpg signatures can be used for |
| 1199 | integrity guarantees.") |
| 1200 | (license license:gpl2+))) |