HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: r-org-dm-eg-db: Update to 3.5.0.
[jackhill/guix/guix.git] / gnu / packages / crypto.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2014 David Thompson <davet@gnu.org>
3 ;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
4 ;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
5 ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
6 ;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr>
7 ;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
8 ;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org>
9 ;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
10 ;;;
11 ;;; This file is part of GNU Guix.
12 ;;;
13 ;;; GNU Guix is free software; you can redistribute it and/or modify it
14 ;;; under the terms of the GNU General Public License as published by
15 ;;; the Free Software Foundation; either version 3 of the License, or (at
16 ;;; your option) any later version.
17 ;;;
18 ;;; GNU Guix is distributed in the hope that it will be useful, but
19 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
20 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 ;;; GNU General Public License for more details.
22 ;;;
23 ;;; You should have received a copy of the GNU General Public License
24 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
25
26 (define-module (gnu packages crypto)
27 #:use-module (gnu packages)
28 #:use-module (gnu packages admin)
29 #:use-module (gnu packages aidc)
30 #:use-module (gnu packages attr)
31 #:use-module (gnu packages autotools)
32 #:use-module (gnu packages boost)
33 #:use-module (gnu packages compression)
34 #:use-module (gnu packages cryptsetup)
35 #:use-module (gnu packages gettext)
36 #:use-module (gnu packages gnupg)
37 #:use-module (gnu packages image)
38 #:use-module (gnu packages pkg-config)
39 #:use-module (gnu packages libbsd)
40 #:use-module (gnu packages libffi)
41 #:use-module (gnu packages linux)
42 #:use-module (gnu packages nettle)
43 #:use-module (gnu packages password-utils)
44 #:use-module (gnu packages perl)
45 #:use-module (gnu packages perl-check)
46 #:use-module (gnu packages readline)
47 #:use-module (gnu packages search)
48 #:use-module (gnu packages serialization)
49 #:use-module (gnu packages shells)
50 #:use-module (gnu packages tcl)
51 #:use-module (gnu packages tls)
52 #:use-module (gnu packages xml)
53 #:use-module ((guix licenses) #:prefix license:)
54 #:use-module (guix packages)
55 #:use-module (guix download)
56 #:use-module (guix git-download)
57 #:use-module (guix build-system cmake)
58 #:use-module (guix build-system gnu)
59 #:use-module (guix build-system perl))
60
61 (define-public libsodium
62 (package
63 (name "libsodium")
64 (version "1.0.15")
65 (source (origin
66 (method url-fetch)
67 (uri (list (string-append
68 "https://download.libsodium.org/libsodium/"
69 "releases/libsodium-" version ".tar.gz")
70 (string-append
71 "https://download.libsodium.org/libsodium/"
72 "releases/old/libsodium-" version ".tar.gz")))
73 (sha256
74 (base32
75 "1x3qw7lsz44vcxpcn1dvwig410phg6gmv31jwj94arrgka3rwspv"))))
76 (build-system gnu-build-system)
77 (synopsis "Portable NaCl-based crypto library")
78 (description
79 "Sodium is a new easy-to-use high-speed software library for network
80 communication, encryption, decryption, signatures, etc.")
81 (license license:isc)
82 (home-page "https://libsodium.org")))
83
84 (define-public libmd
85 (package
86 (name "libmd")
87 (version "0.0.0")
88 (source (origin
89 (method url-fetch)
90 (uri (string-append
91 "https://archive.hadrons.org/software/libmd/libmd-"
92 version
93 ".tar.xz"))
94 (sha256
95 (base32
96 "121s73pgbqsnmy6xblbrkj9y44c5zzzpf2hcmh6zvcvg4dk26gzx"))))
97 (build-system gnu-build-system)
98 (synopsis "Message Digest functions from BSD systems")
99 (description
100 "The currently provided message digest algorithms are:
101 @itemize
102 @item MD2
103 @item MD4
104 @item MD5
105 @item RIPEMD-160
106 @item SHA-1
107 @item SHA-2 (SHA-256, SHA-384 and SHA-512)
108 @end itemize")
109 (license (list license:bsd-3
110 license:bsd-2
111 license:isc
112 license:public-domain))
113 (home-page "https://www.hadrons.org/software/libmd/")))
114
115 (define-public signify
116 (package
117 (name "signify")
118 (version "22")
119 (source (origin
120 (method url-fetch)
121 (uri (string-append "https://github.com/aperezdc/signify/"
122 "archive/v" version ".tar.gz"))
123 (file-name (string-append name "-" version ".tar.gz"))
124 (sha256
125 (base32
126 "0iv5bjaas70ymqchxasapin4c32c41kqzkfhc3kcjzd7rxy78msy"))))
127 (build-system gnu-build-system)
128 ;; TODO Build with libwaive (described in README.md), to implement something
129 ;; like OpenBSD's pledge().
130 (arguments
131 `(#:tests? #f ; no test suite
132 #:make-flags
133 (list "CC=gcc"
134 (string-append "PREFIX=" (assoc-ref %outputs "out")))
135 #:phases
136 (modify-phases %standard-phases
137 (delete 'configure))))
138 (native-inputs
139 `(("pkg-config" ,pkg-config)))
140 (inputs
141 `(("libbsd" ,libbsd)))
142 (synopsis "Create and verify cryptographic signatures")
143 (description "The signify utility creates and verifies cryptographic
144 signatures using the elliptic curve Ed25519. This is a Linux port of the
145 OpenBSD tool of the same name.")
146 (home-page "https://github.com/aperezdc/signify")
147 ;; This package includes third-party code that was originally released under
148 ;; various non-copyleft licenses. See the source files for clarification.
149 (license (list license:bsd-3 license:bsd-4 license:expat license:isc
150 license:public-domain (license:non-copyleft
151 "file://base64.c"
152 "See base64.c in the distribution for
153 the license from IBM.")))))
154
155
156 (define-public opendht
157 (package
158 (name "opendht")
159 (version "0.6.1")
160 (source
161 (origin
162 (method url-fetch)
163 (uri
164 (string-append
165 "https://github.com/savoirfairelinux/" name
166 "/archive/" version ".tar.gz"))
167 (file-name (string-append name "-" version ".tar.gz"))
168 (modules '((guix build utils)))
169 (snippet
170 '(begin
171 (delete-file-recursively "src/argon2")
172 (substitute* "src/Makefile.am"
173 (("./argon2/libargon2.la") "")
174 (("SUBDIRS = argon2") ""))
175 (substitute* "src/crypto.cpp"
176 (("argon2/argon2.h") "argon2.h"))
177 (substitute* "configure.ac"
178 (("src/argon2/Makefile") ""))))
179 (sha256
180 (base32
181 "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
182 (build-system gnu-build-system)
183 (inputs
184 `(("gnutls" ,gnutls)
185 ("nettle" ,nettle)
186 ("readline" ,readline)
187 ("argon2" ,argon2)))
188 (propagated-inputs
189 `(("msgpack" ,msgpack))) ;included in several installed headers
190 (native-inputs
191 `(("autoconf" ,autoconf)
192 ("pkg-config" ,pkg-config)
193 ("automake" ,automake)
194 ("libtool" ,libtool)))
195 (arguments
196 `(#:configure-flags '("--disable-tools" "--disable-python")
197 #:phases (modify-phases %standard-phases
198 (add-after 'unpack 'autoconf
199 (lambda _
200 (zero? (system* "autoreconf" "-vfi")))))))
201 (home-page "https://github.com/savoirfairelinux/opendht/")
202 (synopsis "Distributed Hash Table (DHT) library")
203 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
204 be used to manage peer-to-peer network connections as needed for real time
205 communication.")
206 (license license:gpl3)))
207
208 (define-public encfs
209 (package
210 (name "encfs")
211 (version "1.9.1")
212 (source
213 (origin
214 (method url-fetch)
215 (uri
216 (string-append "https://github.com/vgough/encfs/releases/download/v"
217 version "/encfs-" version ".tar.gz"))
218 (sha256
219 (base32
220 "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837"))
221 (modules '((guix build utils)))
222 ;; Remove bundled dependencies in favour of proper inputs.
223 (snippet '(for-each delete-file-recursively
224 (find-files "internal" "^tinyxml2-[0-9]"
225 #:directories? #t)))))
226 (build-system cmake-build-system)
227 (native-inputs
228 `(("gettext" ,gettext-minimal)
229
230 ;; Test dependencies.
231 ("expect" ,expect)
232 ("perl" ,perl)))
233 (inputs
234 `(("attr" ,attr)
235 ("fuse" ,fuse)
236 ("openssl" ,openssl)
237 ("tinyxml2" ,tinyxml2)))
238 (arguments
239 `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")))
240 (home-page "https://vgough.github.io/encfs")
241 (synopsis "Encrypted virtual file system")
242 (description
243 "EncFS creates a virtual encrypted file system in user-space. Each file
244 created under an EncFS mount point is stored as a separate encrypted file on
245 the underlying file system. Like most encrypted file systems, EncFS is meant
246 to provide security against off-line attacks, such as a drive falling into
247 the wrong hands.")
248 (license (list license:expat ; internal/easylogging++.h
249 license:lgpl3+ ; encfs library
250 license:gpl3+)))) ; command-line tools
251
252 (define-public keyutils
253 (package
254 (name "keyutils")
255 (version "1.5.9")
256 (source
257 (origin
258 (method url-fetch)
259 (uri
260 (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
261 version ".tar.bz2"))
262 (sha256
263 (base32
264 "1bl3w03ygxhc0hz69klfdlwqn33jvzxl1zfl2jmnb2v85iawb8jd"))
265 (modules '((guix build utils)))
266 ;; Create relative symbolic links instead of absolute ones to /lib/*
267 (snippet '(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
268 "$(LNS) ")))))
269 (build-system gnu-build-system)
270 (arguments
271 `(#:phases (modify-phases %standard-phases
272 (delete 'configure)) ; no configure script
273 #:make-flags (list "CC=gcc"
274 "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
275 (string-append "DESTDIR="
276 (assoc-ref %outputs "out"))
277 "INCLUDEDIR=/include"
278 "LIBDIR=/lib"
279 "MANDIR=/share/man"
280 "SHAREDIR=/share/keyutils")
281 #:test-target "test"))
282 (home-page "https://people.redhat.com/dhowells/keyutils/")
283 (synopsis "Linux key management utilities")
284 (description
285 "Keyutils is a set of utilities for managing the key retention facility in
286 the Linux kernel, which can be used by file systems, block devices, and more to
287 gain and retain the authorization and encryption keys required to perform
288 secure operations. ")
289 (license (list license:lgpl2.1+ ; the files keyutils.*
290 license:gpl2+)))) ; the rest
291
292 ;; There is no release candidate but commits point out a version number,
293 ;; furthermore no tarball exists.
294 (define-public eschalot
295 (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")
296 (revision "1"))
297 (package
298 (name "eschalot")
299 (version (string-append "1.2.0-" revision "." (string-take commit 7)))
300 (source
301 (origin
302 (method git-fetch)
303 (uri (git-reference
304 (url "https://github.com/schnabear/eschalot")
305 (commit commit)))
306 (file-name (string-append name "-" version))
307 (sha256
308 (base32
309 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))
310 (inputs
311 `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h
312 (build-system gnu-build-system)
313 (arguments
314 `(#:make-flags (list "CC=gcc"
315 (string-append "PREFIX=" (assoc-ref %outputs "out"))
316 (string-append "INSTALL=" "install"))
317 ;; XXX: make test would run a !VERY! long hashing of names with the use
318 ;; of a wordlist, the amount of computing time this would waste on build
319 ;; servers is in no relation to the size or importance of this small
320 ;; application, therefore we run our own tests on eschalot and worgen.
321 #:phases
322 (modify-phases %standard-phases
323 (delete 'configure)
324 (replace 'check
325 (lambda _
326 (and
327 (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"
328 "3-6" "top150adjectives.txt" "3-6"))
329 (zero? (system* "./eschalot" "-r" "^guix|^guixsd"))
330 (zero? (system* "./eschalot" "-r" "^gnu|^free"))
331 (zero? (system* "./eschalot" "-r" "^cyber|^hack"))
332 (zero? (system* "./eschalot" "-r" "^troll")))))
333 ;; Make install can not create the bin dir, create it.
334 (add-before 'install 'create-bin-dir
335 (lambda* (#:key outputs #:allow-other-keys)
336 (let* ((out (assoc-ref outputs "out"))
337 (bin (string-append out "/bin")))
338 (mkdir-p bin)
339 #t))))))
340 (home-page "https://github.com/schnabear/eschalot")
341 (synopsis "Tor hidden service name generator")
342 (description
343 "Eschalot is a tor hidden service name generator, it allows one to
344 produce customized vanity .onion addresses using a brute-force method. Searches
345 for valid names can be run with regular expressions and wordlists. For the
346 generation of wordlists the included tool @code{worgen} can be used. There is
347 no man page, refer to the home page for usage details.")
348 (license (list license:isc license:expat)))))
349
350 (define-public tomb
351 (package
352 (name "tomb")
353 (version "2.4")
354 (source (origin
355 (method url-fetch)
356 (uri (string-append "https://files.dyne.org/tomb/"
357 "Tomb-" version ".tar.gz"))
358 (sha256
359 (base32
360 "1hv1w79as7swqj0n137vz8n8mwvcgwlvd91sdyssz41jarg7f1vr"))))
361 (build-system gnu-build-system)
362 (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
363 (inputs
364 `(("zsh" ,zsh)
365 ("gnupg" ,gnupg)
366 ("cryptsetup" ,cryptsetup)
367 ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
368 ("gettext" ,gettext-minimal) ;used at runtime
369 ("mlocate" ,mlocate)
370 ("pinentry" ,pinentry)
371 ("qrencode" ,qrencode)
372 ("steghide" ,steghide)))
373 (arguments
374 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
375 ;; TODO: Build and install gtk and qt trays
376 #:phases
377 (modify-phases %standard-phases
378 (delete 'configure) ;no configuration to be done
379 (add-after 'install 'i18n
380 (lambda* (#:key make-flags #:allow-other-keys)
381 (zero? (apply system*
382 "make" "-C" "extras/translations"
383 "install" make-flags))))
384 (add-after 'install 'wrap
385 (lambda* (#:key inputs outputs #:allow-other-keys)
386 (let ((out (assoc-ref outputs "out")))
387 (wrap-program (string-append out "/bin/tomb")
388 `("PATH" ":" prefix
389 (,(string-append (assoc-ref inputs "mlocate") "/bin")
390 ,@(map (lambda (program)
391 (or (and=> (which program) dirname)
392 (error "program not found:" program)))
393 '("seq" "mkfs.ext4" "pinentry" "sudo"
394 "gpg" "cryptsetup" "gettext"
395 "qrencode" "steghide")))))
396 #t)))
397 (delete 'check)
398 (add-after 'wrap 'check
399 (lambda* (#:key outputs #:allow-other-keys)
400 ;; Running the full tests requires sudo/root access for
401 ;; cryptsetup, which is not available in the build environment.
402 ;; But we can run `tomb dig` without root, so make sure that
403 ;; works. TODO: It Would Be Nice to check the expected "index",
404 ;; "search", "bury", and "exhume" features are available by
405 ;; querying `tomb -h`.
406 (let ((tomb (string-append (assoc-ref outputs "out")
407 "/bin/tomb")))
408 (zero? (system* tomb "dig" "-s" "10" "secrets.tomb"))))))))
409 (home-page "http://www.dyne.org/software/tomb")
410 (synopsis "File encryption for secret data")
411 (description
412 "Tomb is an application to manage the creation and access of encrypted
413 storage files: it can be operated from commandline and it can integrate with a
414 user's graphical desktop.")
415 (license license:gpl3+)))
416
417 (define-public scrypt
418 (package
419 (name "scrypt")
420 (version "1.2.1")
421 (source
422 (origin
423 (method url-fetch)
424 (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-"
425 version ".tgz"))
426 (sha256
427 (base32
428 "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
429 (build-system gnu-build-system)
430 (arguments
431 `(#:phases (modify-phases %standard-phases
432 (add-after 'unpack 'patch-command-invocations
433 (lambda _
434 (substitute* "Makefile.in"
435 (("command -p") ""))
436 #t))
437 (add-after 'install 'install-docs
438 (lambda* (#:key outputs #:allow-other-keys)
439 (let* ((out (assoc-ref %outputs "out"))
440 (misc (string-append out "/share/doc/scrypt")))
441 (install-file "FORMAT" misc)
442 #t))))))
443 (inputs
444 `(("openssl" ,openssl)))
445 (home-page "https://www.tarsnap.com/scrypt.html")
446 (synopsis "Memory-hard encryption tool based on scrypt")
447 (description "This packages provides a simple password-based encryption
448 utility as a demonstration of the @code{scrypt} key derivation function.
449 @code{Scrypt} is designed to be far more resistant against hardware brute-force
450 attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
451 (license license:bsd-2)))
452
453 (define-public perl-math-random-isaac-xs
454 (package
455 (name "perl-math-random-isaac-xs")
456 (version "1.004")
457 (source
458 (origin
459 (method url-fetch)
460 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
461 "Math-Random-ISAAC-XS-" version ".tar.gz"))
462 (sha256
463 (base32
464 "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
465 (build-system perl-build-system)
466 (native-inputs
467 `(("perl-module-build" ,perl-module-build)
468 ("perl-test-nowarnings" ,perl-test-nowarnings)))
469 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
470 (synopsis "C implementation of the ISAAC PRNG algorithm")
471 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
472 fast pseudo-random number generator. It is suitable for applications where a
473 significant amount of random data needs to be produced quickly, such as
474 solving using the Monte Carlo method or for games. The results are uniformly
475 distributed, unbiased, and unpredictable unless you know the seed.
476
477 This package implements the same interface as @code{Math::Random::ISAAC}.")
478 (license license:public-domain)))
479
480 (define-public perl-math-random-isaac
481 (package
482 (name "perl-math-random-isaac")
483 (version "1.004")
484 (source
485 (origin
486 (method url-fetch)
487 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
488 "Math-Random-ISAAC-" version ".tar.gz"))
489 (sha256
490 (base32
491 "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
492 (build-system perl-build-system)
493 (native-inputs
494 `(("perl-test-nowarnings" ,perl-test-nowarnings)))
495 (propagated-inputs
496 `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
497 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
498 (synopsis "Perl interface to the ISAAC PRNG algorithm")
499 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
500 fast pseudo-random number generator. It is suitable for applications where a
501 significant amount of random data needs to be produced quickly, such as
502 solving using the Monte Carlo method or for games. The results are uniformly
503 distributed, unbiased, and unpredictable unless you know the seed.
504
505 This package provides a Perl interface to the ISAAC pseudo random number
506 generator.")
507 (license license:public-domain)))
508
509 (define-public perl-crypt-random-source
510 (package
511 (name "perl-crypt-random-source")
512 (version "0.12")
513 (source
514 (origin
515 (method url-fetch)
516 (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
517 "Crypt-Random-Source-" version ".tar.gz"))
518 (sha256
519 (base32
520 "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
521 (build-system perl-build-system)
522 (native-inputs
523 `(("perl-module-build-tiny" ,perl-module-build-tiny)
524 ("perl-test-exception" ,perl-test-exception)))
525 (propagated-inputs
526 `(("perl-capture-tiny" ,perl-capture-tiny)
527 ("perl-module-find" ,perl-module-find)
528 ("perl-module-runtime" ,perl-module-runtime)
529 ("perl-moo" ,perl-moo)
530 ("perl-namespace-clean" ,perl-namespace-clean)
531 ("perl-sub-exporter" ,perl-sub-exporter)
532 ("perl-type-tiny" ,perl-type-tiny)))
533 (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
534 (synopsis "Get weak or strong random data from pluggable sources")
535 (description "This module provides implementations for a number of
536 byte-oriented sources of random data.")
537 (license license:perl-license)))
538
539 (define-public perl-math-random-secure
540 (package
541 (name "perl-math-random-secure")
542 (version "0.080001")
543 (source
544 (origin
545 (method url-fetch)
546 (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
547 "Math-Random-Secure-" version ".tar.gz"))
548 (sha256
549 (base32
550 "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
551 (build-system perl-build-system)
552 (native-inputs
553 `(("perl-list-moreutils" ,perl-list-moreutils)
554 ("perl-test-leaktrace" ,perl-test-leaktrace)
555 ("perl-test-sharedfork" ,perl-test-sharedfork)
556 ("perl-test-warn" ,perl-test-warn)))
557 (inputs
558 `(("perl-crypt-random-source" ,perl-crypt-random-source)
559 ("perl-math-random-isaac" ,perl-math-random-isaac)
560 ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
561 ("perl-moo" ,perl-moo)))
562 (home-page "http://search.cpan.org/dist/Math-Random-Secure")
563 (synopsis "Cryptographically secure replacement for rand()")
564 (description "This module is intended to provide a
565 cryptographically-secure replacement for Perl's built-in @code{rand} function.
566 \"Crytographically secure\", in this case, means:
567
568 @enumerate
569 @item No matter how many numbers you see generated by the random number
570 generator, you cannot guess the future numbers, and you cannot guess the seed.
571 @item There are so many possible seeds that it would take decades, centuries,
572 or millenia for an attacker to try them all.
573 @item The seed comes from a source that generates relatively strong random
574 data on your platform, so the seed itself will be as random as possible.
575 @end enumerate\n")
576 (license license:artistic2.0)))
577
578 (define-public crypto++
579 (package
580 (name "crypto++")
581 (version "5.6.5")
582 (source (origin
583 (method url-fetch/zipbomb)
584 (uri (string-append "https://cryptopp.com/cryptopp"
585 (string-join (string-split version #\.) "")
586 ".zip"))
587 (sha256
588 (base32
589 "0d1cqdz369ivi082k59025wvxzywvkizw7i0pf5h0a1izs3g8pm7"))
590 (patches
591 (search-patches "crypto++-fix-dos-in-asn.1-decoders.patch"))))
592 (build-system gnu-build-system)
593 (arguments
594 `(#:make-flags
595 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
596 #:phases
597 (modify-phases %standard-phases
598 (delete 'configure))))
599 (native-inputs
600 `(("unzip" ,unzip)))
601 (home-page "https://cryptopp.com/")
602 (synopsis "C++ class library of cryptographic schemes")
603 (description "Crypto++ is a C++ class library of cryptographic schemes.")
604 ;; The compilation is distributed under the Boost license; the individual
605 ;; files in the compilation are in the public domain.
606 (license (list license:boost1.0 license:public-domain))))
607
jackhill's copy of GNU Guix: https://guix.gnu.org/