1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2014 David Thompson <davet@gnu.org>
3 ;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
4 ;;; Copyright © 2016, 2017, 2018 Leo Famulari <leo@famulari.name>
5 ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
6 ;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
7 ;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
8 ;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org>
9 ;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
10 ;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
11 ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
12 ;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
14 ;;; This file is part of GNU Guix.
16 ;;; GNU Guix is free software; you can redistribute it and/or modify it
17 ;;; under the terms of the GNU General Public License as published by
18 ;;; the Free Software Foundation; either version 3 of the License, or (at
19 ;;; your option) any later version.
21 ;;; GNU Guix is distributed in the hope that it will be useful, but
22 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
23 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 ;;; GNU General Public License for more details.
26 ;;; You should have received a copy of the GNU General Public License
27 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
29 (define-module (gnu packages crypto)
30 #:use-module (gnu packages)
31 #:use-module (gnu packages admin)
32 #:use-module (gnu packages aidc)
33 #:use-module (gnu packages attr)
34 #:use-module (gnu packages autotools)
35 #:use-module (gnu packages boost)
36 #:use-module (gnu packages check)
37 #:use-module (gnu packages compression)
38 #:use-module (gnu packages cryptsetup)
39 #:use-module (gnu packages databases)
40 #:use-module (gnu packages gettext)
41 #:use-module (gnu packages gnupg)
42 #:use-module (gnu packages image)
43 #:use-module (gnu packages libbsd)
44 #:use-module (gnu packages libffi)
45 #:use-module (gnu packages linux)
46 #:use-module (gnu packages nettle)
47 #:use-module (gnu packages password-utils)
48 #:use-module (gnu packages perl)
49 #:use-module (gnu packages perl-check)
50 #:use-module (gnu packages pkg-config)
51 #:use-module (gnu packages python)
52 #:use-module (gnu packages readline)
53 #:use-module (gnu packages search)
54 #:use-module (gnu packages serialization)
55 #:use-module (gnu packages shells)
56 #:use-module (gnu packages tcl)
57 #:use-module (gnu packages tls)
58 #:use-module (gnu packages xml)
59 #:use-module ((guix licenses) #:prefix license:)
60 #:use-module (guix packages)
61 #:use-module (guix download)
62 #:use-module (guix git-download)
63 #:use-module (guix build-system cmake)
64 #:use-module (guix build-system gnu)
65 #:use-module (guix build-system perl)
66 #:use-module (srfi srfi-1)
67 #:use-module (srfi srfi-26))
69 (define-public libsodium
75 (uri (list (string-append
76 "https://download.libsodium.org/libsodium/"
77 "releases/libsodium-" version ".tar.gz")
79 "https://download.libsodium.org/libsodium/"
80 "releases/old/libsodium-" version ".tar.gz")))
83 "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf"))))
84 (build-system gnu-build-system)
85 (synopsis "Portable NaCl-based crypto library")
87 "Sodium is a new easy-to-use high-speed software library for network
88 communication, encryption, decryption, signatures, etc.")
90 (home-page "https://libsodium.org")))
100 (string-append "https://archive.hadrons.org/software/libmd/libmd-"
102 (string-append "https://libbsd.freedesktop.org/releases/libmd-"
106 "1iv45npzv0gncjgcpx5m081861zdqxw667ysghqb8721yrlyl6pj"))))
107 (build-system gnu-build-system)
108 (synopsis "Message Digest functions from BSD systems")
110 "The currently provided message digest algorithms are:
117 @item SHA-2 (SHA-256, SHA-384 and SHA-512)
119 (license (list license:bsd-3
122 license:public-domain))
123 (home-page "https://www.hadrons.org/software/libmd/")))
125 (define-public signify
131 (uri (string-append "https://github.com/aperezdc/signify/"
132 "archive/v" version ".tar.gz"))
133 (file-name (string-append name "-" version ".tar.gz"))
136 "0c70mzawgahsvmsv4xdrass4pgyynd67ipd9lij0fgi8wkq0ns8w"))))
137 (build-system gnu-build-system)
138 ;; TODO Build with libwaive (described in README.md), to implement something
139 ;; like OpenBSD's pledge().
141 `(#:tests? #f ; no test suite
144 (string-append "PREFIX=" (assoc-ref %outputs "out")))
146 (modify-phases %standard-phases
147 (delete 'configure))))
149 `(("pkg-config" ,pkg-config)))
151 `(("libbsd" ,libbsd)))
152 (synopsis "Create and verify cryptographic signatures")
153 (description "The signify utility creates and verifies cryptographic
154 signatures using the elliptic curve Ed25519. This is a Linux port of the
155 OpenBSD tool of the same name.")
156 (home-page "https://github.com/aperezdc/signify")
157 ;; This package includes third-party code that was originally released under
158 ;; various non-copyleft licenses. See the source files for clarification.
159 (license (list license:bsd-3 license:bsd-4 license:expat license:isc
160 license:public-domain (license:non-copyleft
162 "See base64.c in the distribution for
163 the license from IBM.")))))
166 (define-public opendht
175 "https://github.com/savoirfairelinux/" name
176 "/archive/" version ".tar.gz"))
177 (file-name (string-append name "-" version ".tar.gz"))
178 (modules '((guix build utils)))
181 (delete-file-recursively "src/argon2")
182 (substitute* "src/Makefile.am"
183 (("./argon2/libargon2.la") "")
184 (("SUBDIRS = argon2") ""))
185 (substitute* "src/crypto.cpp"
186 (("argon2/argon2.h") "argon2.h"))
187 (substitute* "configure.ac"
188 (("src/argon2/Makefile") ""))
192 "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
193 (build-system gnu-build-system)
197 ("readline" ,readline)
200 `(("msgpack" ,msgpack))) ;included in several installed headers
202 `(("autoconf" ,autoconf)
203 ("pkg-config" ,pkg-config)
204 ("automake" ,automake)
205 ("libtool" ,libtool)))
207 `(#:configure-flags '("--disable-tools" "--disable-python")
208 #:phases (modify-phases %standard-phases
209 (add-after 'unpack 'autoconf
211 (zero? (system* "autoreconf" "-vfi")))))))
212 (home-page "https://github.com/savoirfairelinux/opendht/")
213 (synopsis "Distributed Hash Table (DHT) library")
214 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
215 be used to manage peer-to-peer network connections as needed for real time
217 (license license:gpl3)))
227 (string-append "https://github.com/vgough/encfs/releases/download/v"
228 version "/encfs-" version ".tar.gz"))
231 "0qzxavvv20577bxvly8s7d3y7bqasqclc2mllp0ddfncjm9z02a7"))
232 (modules '((guix build utils)))
233 ;; Remove bundled dependencies in favour of proper inputs.
235 (for-each delete-file-recursively
236 '("vendor/github.com/leethomason/tinyxml2"
237 "vendor/github.com/google/googletest"))
239 (build-system cmake-build-system)
241 `(("gettext" ,gettext-minimal)
243 ;; Test dependencies.
245 ("googletest-source" ,(package-source googletest))
251 ("tinyxml2" ,tinyxml2)))
253 `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")
255 (modify-phases %standard-phases
256 (add-after 'unpack 'unpack-googletest
257 (lambda* (#:key inputs #:allow-other-keys)
258 (mkdir-p "vendor/github.com/google/googletest")
259 (invoke "tar" "xvf" (assoc-ref inputs "googletest-source")
260 "-C" "vendor/github.com/google/googletest"
261 "--strip-components=1")))
262 (add-before 'check 'make-unittests
264 (invoke "make" "unittests"))))))
265 (home-page "https://vgough.github.io/encfs")
266 (synopsis "Encrypted virtual file system")
268 "EncFS creates a virtual encrypted file system in user-space. Each file
269 created under an EncFS mount point is stored as a separate encrypted file on
270 the underlying file system. Like most encrypted file systems, EncFS is meant
271 to provide security against off-line attacks, such as a drive falling into
273 (license (list license:expat ; internal/easylogging++.h
274 license:lgpl3+ ; encfs library
275 license:gpl3+)))) ; command-line tools
277 (define-public keyutils
285 (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
289 "1dmgjcf7mnwc6h72xkvpaqpzxw8vmlnsmzz0s27pg0giwzm3sp0i"))
290 (modules '((guix build utils)))
291 ;; Create relative symbolic links instead of absolute ones to /lib/*
293 (substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
296 (build-system gnu-build-system)
298 `(#:phases (modify-phases %standard-phases
299 (delete 'configure)) ; no configure script
300 #:make-flags (list "CC=gcc"
301 "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
302 (string-append "DESTDIR="
303 (assoc-ref %outputs "out"))
304 "INCLUDEDIR=/include"
307 "SHAREDIR=/share/keyutils")
308 #:test-target "test"))
309 (home-page "https://people.redhat.com/dhowells/keyutils/")
310 (synopsis "Linux key management utilities")
312 "Keyutils is a set of utilities for managing the key retention facility in
313 the Linux kernel, which can be used by file systems, block devices, and more to
314 gain and retain the authorization and encryption keys required to perform
315 secure operations. ")
316 (license (list license:lgpl2.1+ ; the files keyutils.*
317 license:gpl2+)))) ; the rest
319 ;; There is no release candidate but commits point out a version number,
320 ;; furthermore no tarball exists.
321 (define-public eschalot
322 (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")
326 (version (string-append "1.2.0-" revision "." (string-take commit 7)))
331 (url "https://github.com/schnabear/eschalot")
333 (file-name (string-append name "-" version))
336 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))
338 `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h
339 (build-system gnu-build-system)
341 `(#:make-flags (list "CC=gcc"
342 (string-append "PREFIX=" (assoc-ref %outputs "out"))
343 (string-append "INSTALL=" "install"))
344 ;; XXX: make test would run a !VERY! long hashing of names with the use
345 ;; of a wordlist, the amount of computing time this would waste on build
346 ;; servers is in no relation to the size or importance of this small
347 ;; application, therefore we run our own tests on eschalot and worgen.
349 (modify-phases %standard-phases
354 (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"
355 "3-6" "top150adjectives.txt" "3-6"))
356 (zero? (system* "./eschalot" "-r" "^guix|^guixsd"))
357 (zero? (system* "./eschalot" "-r" "^gnu|^free"))
358 (zero? (system* "./eschalot" "-r" "^cyber|^hack"))
359 (zero? (system* "./eschalot" "-r" "^troll")))))
360 ;; Make install can not create the bin dir, create it.
361 (add-before 'install 'create-bin-dir
362 (lambda* (#:key outputs #:allow-other-keys)
363 (let* ((out (assoc-ref outputs "out"))
364 (bin (string-append out "/bin")))
367 (home-page "https://github.com/schnabear/eschalot")
368 (synopsis "Tor hidden service name generator")
370 "Eschalot is a tor hidden service name generator, it allows one to
371 produce customized vanity .onion addresses using a brute-force method. Searches
372 for valid names can be run with regular expressions and wordlists. For the
373 generation of wordlists the included tool @code{worgen} can be used. There is
374 no man page, refer to the home page for usage details.")
375 (license (list license:isc license:expat)))))
383 (uri (string-append "https://files.dyne.org/tomb/"
384 "Tomb-" version ".tar.gz"))
387 "12c6qldngaw520gvb02inzkhnxbl4k0dwmddrgnaf7xashy6j0wc"))))
388 (build-system gnu-build-system)
389 (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
393 ("cryptsetup" ,cryptsetup)
394 ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
395 ("gettext" ,gettext-minimal) ;used at runtime
397 ("pinentry" ,pinentry)
398 ("qrencode" ,qrencode)
399 ("steghide" ,steghide)
400 ("util-linux" ,util-linux)))
402 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
403 ;; TODO: Build and install gtk and qt trays
405 (modify-phases %standard-phases
406 (delete 'configure) ;no configuration to be done
407 (add-after 'install 'i18n
408 (lambda* (#:key make-flags #:allow-other-keys)
409 (apply invoke "make" "-C" "extras/translations"
410 "install" make-flags)
412 (add-after 'install 'wrap
413 (lambda* (#:key inputs outputs #:allow-other-keys)
414 (let ((out (assoc-ref outputs "out")))
415 (wrap-program (string-append out "/bin/tomb")
417 (,(string-append (assoc-ref inputs "mlocate") "/bin")
418 ,@(map (lambda (program)
419 (or (and=> (which program) dirname)
420 (error "program not found:" program)))
421 '("seq" "mkfs.ext4" "pinentry" "sudo"
422 "gpg" "cryptsetup" "gettext"
423 "qrencode" "steghide" "findmnt")))))
426 (add-after 'wrap 'check
427 (lambda* (#:key outputs #:allow-other-keys)
428 ;; Running the full tests requires sudo/root access for
429 ;; cryptsetup, which is not available in the build environment.
430 ;; But we can run `tomb dig` without root, so make sure that
431 ;; works. TODO: It Would Be Nice to check the expected "index",
432 ;; "search", "bury", and "exhume" features are available by
433 ;; querying `tomb -h`.
434 (let ((tomb (string-append (assoc-ref outputs "out")
436 (invoke tomb "dig" "-s" "10" "secrets.tomb")
438 (home-page "https://www.dyne.org/software/tomb")
439 (synopsis "File encryption for secret data")
441 "Tomb is an application to manage the creation and access of encrypted
442 storage files: it can be operated from commandline and it can integrate with a
443 user's graphical desktop.")
444 (license license:gpl3+)))
446 (define-public scrypt
453 (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-"
457 "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
458 (build-system gnu-build-system)
460 `(#:phases (modify-phases %standard-phases
461 (add-after 'unpack 'patch-command-invocations
463 (substitute* "Makefile.in"
466 (add-after 'install 'install-docs
467 (lambda* (#:key outputs #:allow-other-keys)
468 (let* ((out (assoc-ref %outputs "out"))
469 (misc (string-append out "/share/doc/scrypt")))
470 (install-file "FORMAT" misc)
473 `(("openssl" ,openssl)))
474 (home-page "https://www.tarsnap.com/scrypt.html")
475 (synopsis "Memory-hard encryption tool based on scrypt")
476 (description "This packages provides a simple password-based encryption
477 utility as a demonstration of the @code{scrypt} key derivation function.
478 @code{Scrypt} is designed to be far more resistant against hardware brute-force
479 attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
480 (license license:bsd-2)))
482 (define-public libscrypt
490 (url "https://github.com/technion/libscrypt.git")
491 (commit (string-append "v" version))))
492 (file-name (git-file-name name version))
495 "1d76ys6cp7fi4ng1w3mz2l0p9dbr7ljbk33dcywyimzjz8bahdng"))))
496 (build-system gnu-build-system)
498 `(#:make-flags (list (string-append "PREFIX=" %output)
501 (modify-phases %standard-phases
502 (delete 'configure))))
503 (home-page "https://lolware.net/libscrypt.html")
504 (synopsis "Password hashing library")
505 (description "@code{libscrypt} implements @code{scrypt} key derivation
506 function. It is designed to be far more secure against hardware brute-force
507 attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
508 (license license:bsd-3)))
510 (define-public perl-math-random-isaac-xs
512 (name "perl-math-random-isaac-xs")
517 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
518 "Math-Random-ISAAC-XS-" version ".tar.gz"))
521 "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
522 (build-system perl-build-system)
524 `(("perl-module-build" ,perl-module-build)
525 ("perl-test-nowarnings" ,perl-test-nowarnings)))
526 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
527 (synopsis "C implementation of the ISAAC PRNG algorithm")
528 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
529 fast pseudo-random number generator. It is suitable for applications where a
530 significant amount of random data needs to be produced quickly, such as
531 solving using the Monte Carlo method or for games. The results are uniformly
532 distributed, unbiased, and unpredictable unless you know the seed.
534 This package implements the same interface as @code{Math::Random::ISAAC}.")
535 (license license:public-domain)))
537 (define-public perl-math-random-isaac
539 (name "perl-math-random-isaac")
544 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
545 "Math-Random-ISAAC-" version ".tar.gz"))
548 "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
549 (build-system perl-build-system)
551 `(("perl-test-nowarnings" ,perl-test-nowarnings)))
553 `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
554 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
555 (synopsis "Perl interface to the ISAAC PRNG algorithm")
556 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
557 fast pseudo-random number generator. It is suitable for applications where a
558 significant amount of random data needs to be produced quickly, such as
559 solving using the Monte Carlo method or for games. The results are uniformly
560 distributed, unbiased, and unpredictable unless you know the seed.
562 This package provides a Perl interface to the ISAAC pseudo random number
564 (license license:public-domain)))
566 (define-public perl-crypt-random-source
568 (name "perl-crypt-random-source")
573 (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
574 "Crypt-Random-Source-" version ".tar.gz"))
577 "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
578 (build-system perl-build-system)
580 `(("perl-module-build-tiny" ,perl-module-build-tiny)
581 ("perl-test-exception" ,perl-test-exception)))
583 `(("perl-capture-tiny" ,perl-capture-tiny)
584 ("perl-module-find" ,perl-module-find)
585 ("perl-module-runtime" ,perl-module-runtime)
586 ("perl-moo" ,perl-moo)
587 ("perl-namespace-clean" ,perl-namespace-clean)
588 ("perl-sub-exporter" ,perl-sub-exporter)
589 ("perl-type-tiny" ,perl-type-tiny)))
590 (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
591 (synopsis "Get weak or strong random data from pluggable sources")
592 (description "This module provides implementations for a number of
593 byte-oriented sources of random data.")
594 (license license:perl-license)))
596 (define-public perl-math-random-secure
598 (name "perl-math-random-secure")
603 (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
604 "Math-Random-Secure-" version ".tar.gz"))
607 "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
608 (build-system perl-build-system)
610 `(("perl-list-moreutils" ,perl-list-moreutils)
611 ("perl-test-leaktrace" ,perl-test-leaktrace)
612 ("perl-test-sharedfork" ,perl-test-sharedfork)
613 ("perl-test-warn" ,perl-test-warn)))
615 `(("perl-crypt-random-source" ,perl-crypt-random-source)
616 ("perl-math-random-isaac" ,perl-math-random-isaac)
617 ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
618 ("perl-moo" ,perl-moo)))
619 (home-page "http://search.cpan.org/dist/Math-Random-Secure")
620 (synopsis "Cryptographically secure replacement for rand()")
621 (description "This module is intended to provide a
622 cryptographically-secure replacement for Perl's built-in @code{rand} function.
623 \"Crytographically secure\", in this case, means:
626 @item No matter how many numbers you see generated by the random number
627 generator, you cannot guess the future numbers, and you cannot guess the seed.
628 @item There are so many possible seeds that it would take decades, centuries,
629 or millennia for an attacker to try them all.
630 @item The seed comes from a source that generates relatively strong random
631 data on your platform, so the seed itself will be as random as possible.
633 (license license:artistic2.0)))
635 (define-public crypto++
640 (method url-fetch/zipbomb)
641 (uri (string-append "https://cryptopp.com/cryptopp"
642 (string-join (string-split version #\.) "")
646 "1nidm6xbdza5cbgf5md2zznmaq692rfyjasycwipl6rzdfwjvb34"))))
647 (build-system gnu-build-system)
650 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
652 (modify-phases %standard-phases
653 (add-after 'unpack 'disable-native-optimisation
654 ;; This package installs more than just headers. Ensure that the
655 ;; cryptest.exe binary & static library aren't CPU model specific.
657 (substitute* "GNUmakefile"
658 ((" -march=native") ""))
660 (delete 'configure))))
663 (home-page "https://cryptopp.com/")
664 (synopsis "C++ class library of cryptographic schemes")
665 (description "Crypto++ is a C++ class library of cryptographic schemes.")
666 ;; The compilation is distributed under the Boost license; the individual
667 ;; files in the compilation are in the public domain.
668 (license (list license:boost1.0 license:public-domain))))
677 "https://github.com/BLAKE2/libb2/releases/download/v"
678 version "/libb2-" version ".tar.gz"))
681 "0vq39cvwy05754l565xl11rqr2jvjb6ykjzca886vi9vm71y0sg8"))))
682 (build-system gnu-build-system)
686 ,@(if (any (cute string-prefix? <> (or (%current-system)
687 (%current-target-system)))
689 ;; fat only checks for Intel optimisations
692 "--disable-native"))) ;don't optimise at build time
693 (home-page "https://blake2.net/")
694 (synopsis "Library implementing the BLAKE2 family of hash functions")
696 "libb2 is a portable implementation of the BLAKE2 family of cryptographic
697 hash functions. It includes optimised implementations for IA-32 and AMD64
698 processors, and an interface layer that automatically selects the best
699 implementation for the processor it is run on.
701 @dfn{BLAKE2} (RFC 7693) is a family of high-speed cryptographic hash functions
702 that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure
703 as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist
705 (license license:public-domain)))
714 (uri (string-append "https://github.com/rhash/RHash/archive/v"
716 (file-name (string-append name "-" version ".tar.gz"))
719 "14ngzfgmd1lfp7m78sn49x8ymf2s37nrr67c6p5vas85nrrgjkcn"))))
720 (build-system gnu-build-system)
723 ;; The binaries in /bin need some help finding librhash.so.0.
724 (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib"))
725 #:test-target "test" ; ‘make check’ just checks the sources
727 (modify-phases %standard-phases
729 ;; ./configure is not GNU autotools' and doesn't gracefully handle
730 ;; unrecognized options, so we must call it manually.
731 (lambda* (#:key outputs #:allow-other-keys)
732 (invoke "./configure"
733 (string-append "--prefix=" (assoc-ref outputs "out")))))
734 (add-after 'install 'install-library-extras
735 (lambda* (#:key make-flags #:allow-other-keys)
737 "make" "-C" "librhash"
738 "install-headers" "install-so-link"
740 (home-page "https://sourceforge.net/projects/rhash/")
741 (synopsis "Utility for computing hash sums")
742 (description "RHash is a console utility for calculation and verification
743 of magnet links and a wide range of hash sums like CRC32, MD4, MD5, SHA1,
744 SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R
745 34.11-94, RIPEMD-160, HAS-160, EDON-R, Whirlpool and Snefru.")
746 (license (license:non-copyleft "file://COPYING"))))
754 (uri (string-append "https://botan.randombit.net/releases/"
755 "Botan-" version ".tgz"))
758 "142aqabwc266jxn8wrp0f1ffrmcvdxwvyh8frb38hx9iaqazjbg4"))))
759 (build-system gnu-build-system)
762 (modify-phases %standard-phases
764 (lambda* (#:key inputs outputs #:allow-other-keys)
765 (let* ((out (assoc-ref %outputs "out"))
766 (lib (string-append out "/lib")))
767 (invoke "python" "./configure.py"
768 (string-append "--prefix=" out)
769 ;; Otherwise, the `botan` executable cannot find
771 (string-append "--ldflags=-Wl,-rpath=" lib)
773 ;; Recommended by upstream
774 "--with-zlib" "--with-bzip2" "--with-sqlite3"))))
776 (lambda _ (invoke "./botan-test"))))))
778 `(("python" ,python-minimal-wrapper)
779 ("python-docutils" ,python-docutils)))
784 (synopsis "Cryptographic library in C++11")
785 (description "Botan is a cryptography library, written in C++11, offering
786 the tools necessary to implement a range of practical systems, such as TLS/DTLS,
787 PKIX certificate handling, PKCS#11 and TPM hardware support, password hashing,
788 and post-quantum crypto schemes. In addition to the C++, botan has a C89 API
789 specifically designed to be easy to call from other languages. A Python binding
790 using ctypes is included, and several other language bindings are available.")
791 (home-page "https://botan.randombit.net")
792 (license license:bsd-2)))