HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: All snippets report errors using exceptions, else return #t.
[jackhill/guix/guix.git] / gnu / packages / crypto.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2014 David Thompson <davet@gnu.org>
3 ;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
4 ;;; Copyright © 2016, 2017 Leo Famulari <leo@famulari.name>
5 ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
6 ;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
7 ;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
8 ;;; Copyright © 2016, 2017 Eric Bavier <bavier@member.fsf.org>
9 ;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
10 ;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
11 ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
12 ;;;
13 ;;; This file is part of GNU Guix.
14 ;;;
15 ;;; GNU Guix is free software; you can redistribute it and/or modify it
16 ;;; under the terms of the GNU General Public License as published by
17 ;;; the Free Software Foundation; either version 3 of the License, or (at
18 ;;; your option) any later version.
19 ;;;
20 ;;; GNU Guix is distributed in the hope that it will be useful, but
21 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
22 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
23 ;;; GNU General Public License for more details.
24 ;;;
25 ;;; You should have received a copy of the GNU General Public License
26 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
27
28 (define-module (gnu packages crypto)
29 #:use-module (gnu packages)
30 #:use-module (gnu packages admin)
31 #:use-module (gnu packages aidc)
32 #:use-module (gnu packages attr)
33 #:use-module (gnu packages autotools)
34 #:use-module (gnu packages boost)
35 #:use-module (gnu packages compression)
36 #:use-module (gnu packages cryptsetup)
37 #:use-module (gnu packages gettext)
38 #:use-module (gnu packages gnupg)
39 #:use-module (gnu packages image)
40 #:use-module (gnu packages pkg-config)
41 #:use-module (gnu packages libbsd)
42 #:use-module (gnu packages libffi)
43 #:use-module (gnu packages linux)
44 #:use-module (gnu packages nettle)
45 #:use-module (gnu packages password-utils)
46 #:use-module (gnu packages perl)
47 #:use-module (gnu packages perl-check)
48 #:use-module (gnu packages readline)
49 #:use-module (gnu packages search)
50 #:use-module (gnu packages serialization)
51 #:use-module (gnu packages shells)
52 #:use-module (gnu packages tcl)
53 #:use-module (gnu packages tls)
54 #:use-module (gnu packages xml)
55 #:use-module ((guix licenses) #:prefix license:)
56 #:use-module (guix packages)
57 #:use-module (guix download)
58 #:use-module (guix git-download)
59 #:use-module (guix build-system cmake)
60 #:use-module (guix build-system gnu)
61 #:use-module (guix build-system perl)
62 #:use-module (srfi srfi-1)
63 #:use-module (srfi srfi-26))
64
65 (define-public libsodium
66 (package
67 (name "libsodium")
68 (version "1.0.16")
69 (source (origin
70 (method url-fetch)
71 (uri (list (string-append
72 "https://download.libsodium.org/libsodium/"
73 "releases/libsodium-" version ".tar.gz")
74 (string-append
75 "https://download.libsodium.org/libsodium/"
76 "releases/old/libsodium-" version ".tar.gz")))
77 (sha256
78 (base32
79 "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf"))))
80 (build-system gnu-build-system)
81 (synopsis "Portable NaCl-based crypto library")
82 (description
83 "Sodium is a new easy-to-use high-speed software library for network
84 communication, encryption, decryption, signatures, etc.")
85 (license license:isc)
86 (home-page "https://libsodium.org")))
87
88 (define-public libmd
89 (package
90 (name "libmd")
91 (version "1.0.0")
92 (source (origin
93 (method url-fetch)
94 (uri
95 (list
96 (string-append "https://archive.hadrons.org/software/libmd/libmd-"
97 version ".tar.xz")
98 (string-append "https://libbsd.freedesktop.org/releases/libmd-"
99 version ".tar.xz")))
100 (sha256
101 (base32
102 "1iv45npzv0gncjgcpx5m081861zdqxw667ysghqb8721yrlyl6pj"))))
103 (build-system gnu-build-system)
104 (synopsis "Message Digest functions from BSD systems")
105 (description
106 "The currently provided message digest algorithms are:
107 @itemize
108 @item MD2
109 @item MD4
110 @item MD5
111 @item RIPEMD-160
112 @item SHA-1
113 @item SHA-2 (SHA-256, SHA-384 and SHA-512)
114 @end itemize")
115 (license (list license:bsd-3
116 license:bsd-2
117 license:isc
118 license:public-domain))
119 (home-page "https://www.hadrons.org/software/libmd/")))
120
121 (define-public signify
122 (package
123 (name "signify")
124 (version "23")
125 (source (origin
126 (method url-fetch)
127 (uri (string-append "https://github.com/aperezdc/signify/"
128 "archive/v" version ".tar.gz"))
129 (file-name (string-append name "-" version ".tar.gz"))
130 (sha256
131 (base32
132 "0c70mzawgahsvmsv4xdrass4pgyynd67ipd9lij0fgi8wkq0ns8w"))))
133 (build-system gnu-build-system)
134 ;; TODO Build with libwaive (described in README.md), to implement something
135 ;; like OpenBSD's pledge().
136 (arguments
137 `(#:tests? #f ; no test suite
138 #:make-flags
139 (list "CC=gcc"
140 (string-append "PREFIX=" (assoc-ref %outputs "out")))
141 #:phases
142 (modify-phases %standard-phases
143 (delete 'configure))))
144 (native-inputs
145 `(("pkg-config" ,pkg-config)))
146 (inputs
147 `(("libbsd" ,libbsd)))
148 (synopsis "Create and verify cryptographic signatures")
149 (description "The signify utility creates and verifies cryptographic
150 signatures using the elliptic curve Ed25519. This is a Linux port of the
151 OpenBSD tool of the same name.")
152 (home-page "https://github.com/aperezdc/signify")
153 ;; This package includes third-party code that was originally released under
154 ;; various non-copyleft licenses. See the source files for clarification.
155 (license (list license:bsd-3 license:bsd-4 license:expat license:isc
156 license:public-domain (license:non-copyleft
157 "file://base64.c"
158 "See base64.c in the distribution for
159 the license from IBM.")))))
160
161
162 (define-public opendht
163 (package
164 (name "opendht")
165 (version "0.6.1")
166 (source
167 (origin
168 (method url-fetch)
169 (uri
170 (string-append
171 "https://github.com/savoirfairelinux/" name
172 "/archive/" version ".tar.gz"))
173 (file-name (string-append name "-" version ".tar.gz"))
174 (modules '((guix build utils)))
175 (snippet
176 '(begin
177 (delete-file-recursively "src/argon2")
178 (substitute* "src/Makefile.am"
179 (("./argon2/libargon2.la") "")
180 (("SUBDIRS = argon2") ""))
181 (substitute* "src/crypto.cpp"
182 (("argon2/argon2.h") "argon2.h"))
183 (substitute* "configure.ac"
184 (("src/argon2/Makefile") ""))
185 #t))
186 (sha256
187 (base32
188 "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
189 (build-system gnu-build-system)
190 (inputs
191 `(("gnutls" ,gnutls)
192 ("nettle" ,nettle)
193 ("readline" ,readline)
194 ("argon2" ,argon2)))
195 (propagated-inputs
196 `(("msgpack" ,msgpack))) ;included in several installed headers
197 (native-inputs
198 `(("autoconf" ,autoconf)
199 ("pkg-config" ,pkg-config)
200 ("automake" ,automake)
201 ("libtool" ,libtool)))
202 (arguments
203 `(#:configure-flags '("--disable-tools" "--disable-python")
204 #:phases (modify-phases %standard-phases
205 (add-after 'unpack 'autoconf
206 (lambda _
207 (zero? (system* "autoreconf" "-vfi")))))))
208 (home-page "https://github.com/savoirfairelinux/opendht/")
209 (synopsis "Distributed Hash Table (DHT) library")
210 (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
211 be used to manage peer-to-peer network connections as needed for real time
212 communication.")
213 (license license:gpl3)))
214
215 (define-public encfs
216 (package
217 (name "encfs")
218 (version "1.9.1")
219 (source
220 (origin
221 (method url-fetch)
222 (uri
223 (string-append "https://github.com/vgough/encfs/releases/download/v"
224 version "/encfs-" version ".tar.gz"))
225 (sha256
226 (base32
227 "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837"))
228 (modules '((guix build utils)))
229 ;; Remove bundled dependencies in favour of proper inputs.
230 (snippet '(begin
231 (for-each delete-file-recursively
232 (find-files "internal" "^tinyxml2-[0-9]"
233 #:directories? #t))
234 #t))))
235 (build-system cmake-build-system)
236 (native-inputs
237 `(("gettext" ,gettext-minimal)
238
239 ;; Test dependencies.
240 ("expect" ,expect)
241 ("perl" ,perl)))
242 (inputs
243 `(("attr" ,attr)
244 ("fuse" ,fuse)
245 ("openssl" ,openssl)
246 ("tinyxml2" ,tinyxml2)))
247 (arguments
248 `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")))
249 (home-page "https://vgough.github.io/encfs")
250 (synopsis "Encrypted virtual file system")
251 (description
252 "EncFS creates a virtual encrypted file system in user-space. Each file
253 created under an EncFS mount point is stored as a separate encrypted file on
254 the underlying file system. Like most encrypted file systems, EncFS is meant
255 to provide security against off-line attacks, such as a drive falling into
256 the wrong hands.")
257 (license (list license:expat ; internal/easylogging++.h
258 license:lgpl3+ ; encfs library
259 license:gpl3+)))) ; command-line tools
260
261 (define-public keyutils
262 (package
263 (name "keyutils")
264 (version "1.5.10")
265 (source
266 (origin
267 (method url-fetch)
268 (uri
269 (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
270 version ".tar.bz2"))
271 (sha256
272 (base32
273 "1dmgjcf7mnwc6h72xkvpaqpzxw8vmlnsmzz0s27pg0giwzm3sp0i"))
274 (modules '((guix build utils)))
275 ;; Create relative symbolic links instead of absolute ones to /lib/*
276 (snippet '(begin
277 (substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
278 "$(LNS) "))
279 #t))))
280 (build-system gnu-build-system)
281 (arguments
282 `(#:phases (modify-phases %standard-phases
283 (delete 'configure)) ; no configure script
284 #:make-flags (list "CC=gcc"
285 "RPATH=-Wl,-rpath,$(DESTDIR)$(LIBDIR)"
286 (string-append "DESTDIR="
287 (assoc-ref %outputs "out"))
288 "INCLUDEDIR=/include"
289 "LIBDIR=/lib"
290 "MANDIR=/share/man"
291 "SHAREDIR=/share/keyutils")
292 #:test-target "test"))
293 (home-page "https://people.redhat.com/dhowells/keyutils/")
294 (synopsis "Linux key management utilities")
295 (description
296 "Keyutils is a set of utilities for managing the key retention facility in
297 the Linux kernel, which can be used by file systems, block devices, and more to
298 gain and retain the authorization and encryption keys required to perform
299 secure operations. ")
300 (license (list license:lgpl2.1+ ; the files keyutils.*
301 license:gpl2+)))) ; the rest
302
303 ;; There is no release candidate but commits point out a version number,
304 ;; furthermore no tarball exists.
305 (define-public eschalot
306 (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44")
307 (revision "1"))
308 (package
309 (name "eschalot")
310 (version (string-append "1.2.0-" revision "." (string-take commit 7)))
311 (source
312 (origin
313 (method git-fetch)
314 (uri (git-reference
315 (url "https://github.com/schnabear/eschalot")
316 (commit commit)))
317 (file-name (string-append name "-" version))
318 (sha256
319 (base32
320 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98"))))
321 (inputs
322 `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h
323 (build-system gnu-build-system)
324 (arguments
325 `(#:make-flags (list "CC=gcc"
326 (string-append "PREFIX=" (assoc-ref %outputs "out"))
327 (string-append "INSTALL=" "install"))
328 ;; XXX: make test would run a !VERY! long hashing of names with the use
329 ;; of a wordlist, the amount of computing time this would waste on build
330 ;; servers is in no relation to the size or importance of this small
331 ;; application, therefore we run our own tests on eschalot and worgen.
332 #:phases
333 (modify-phases %standard-phases
334 (delete 'configure)
335 (replace 'check
336 (lambda _
337 (and
338 (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt"
339 "3-6" "top150adjectives.txt" "3-6"))
340 (zero? (system* "./eschalot" "-r" "^guix|^guixsd"))
341 (zero? (system* "./eschalot" "-r" "^gnu|^free"))
342 (zero? (system* "./eschalot" "-r" "^cyber|^hack"))
343 (zero? (system* "./eschalot" "-r" "^troll")))))
344 ;; Make install can not create the bin dir, create it.
345 (add-before 'install 'create-bin-dir
346 (lambda* (#:key outputs #:allow-other-keys)
347 (let* ((out (assoc-ref outputs "out"))
348 (bin (string-append out "/bin")))
349 (mkdir-p bin)
350 #t))))))
351 (home-page "https://github.com/schnabear/eschalot")
352 (synopsis "Tor hidden service name generator")
353 (description
354 "Eschalot is a tor hidden service name generator, it allows one to
355 produce customized vanity .onion addresses using a brute-force method. Searches
356 for valid names can be run with regular expressions and wordlists. For the
357 generation of wordlists the included tool @code{worgen} can be used. There is
358 no man page, refer to the home page for usage details.")
359 (license (list license:isc license:expat)))))
360
361 (define-public tomb
362 (package
363 (name "tomb")
364 (version "2.4")
365 (source (origin
366 (method url-fetch)
367 (uri (string-append "https://files.dyne.org/tomb/"
368 "Tomb-" version ".tar.gz"))
369 (sha256
370 (base32
371 "1hv1w79as7swqj0n137vz8n8mwvcgwlvd91sdyssz41jarg7f1vr"))))
372 (build-system gnu-build-system)
373 (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
374 (inputs
375 `(("zsh" ,zsh)
376 ("gnupg" ,gnupg)
377 ("cryptsetup" ,cryptsetup)
378 ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
379 ("gettext" ,gettext-minimal) ;used at runtime
380 ("mlocate" ,mlocate)
381 ("pinentry" ,pinentry)
382 ("qrencode" ,qrencode)
383 ("steghide" ,steghide)))
384 (arguments
385 `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
386 ;; TODO: Build and install gtk and qt trays
387 #:phases
388 (modify-phases %standard-phases
389 (delete 'configure) ;no configuration to be done
390 (add-after 'install 'i18n
391 (lambda* (#:key make-flags #:allow-other-keys)
392 (apply invoke "make" "-C" "extras/translations"
393 "install" make-flags)
394 #t))
395 (add-after 'install 'wrap
396 (lambda* (#:key inputs outputs #:allow-other-keys)
397 (let ((out (assoc-ref outputs "out")))
398 (wrap-program (string-append out "/bin/tomb")
399 `("PATH" ":" prefix
400 (,(string-append (assoc-ref inputs "mlocate") "/bin")
401 ,@(map (lambda (program)
402 (or (and=> (which program) dirname)
403 (error "program not found:" program)))
404 '("seq" "mkfs.ext4" "pinentry" "sudo"
405 "gpg" "cryptsetup" "gettext"
406 "qrencode" "steghide")))))
407 #t)))
408 (delete 'check)
409 (add-after 'wrap 'check
410 (lambda* (#:key outputs #:allow-other-keys)
411 ;; Running the full tests requires sudo/root access for
412 ;; cryptsetup, which is not available in the build environment.
413 ;; But we can run `tomb dig` without root, so make sure that
414 ;; works. TODO: It Would Be Nice to check the expected "index",
415 ;; "search", "bury", and "exhume" features are available by
416 ;; querying `tomb -h`.
417 (let ((tomb (string-append (assoc-ref outputs "out")
418 "/bin/tomb")))
419 (invoke tomb "dig" "-s" "10" "secrets.tomb")
420 #t))))))
421 (home-page "https://www.dyne.org/software/tomb")
422 (synopsis "File encryption for secret data")
423 (description
424 "Tomb is an application to manage the creation and access of encrypted
425 storage files: it can be operated from commandline and it can integrate with a
426 user's graphical desktop.")
427 (license license:gpl3+)))
428
429 (define-public scrypt
430 (package
431 (name "scrypt")
432 (version "1.2.1")
433 (source
434 (origin
435 (method url-fetch)
436 (uri (string-append "https://www.tarsnap.com/scrypt/scrypt-"
437 version ".tgz"))
438 (sha256
439 (base32
440 "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
441 (build-system gnu-build-system)
442 (arguments
443 `(#:phases (modify-phases %standard-phases
444 (add-after 'unpack 'patch-command-invocations
445 (lambda _
446 (substitute* "Makefile.in"
447 (("command -p") ""))
448 #t))
449 (add-after 'install 'install-docs
450 (lambda* (#:key outputs #:allow-other-keys)
451 (let* ((out (assoc-ref %outputs "out"))
452 (misc (string-append out "/share/doc/scrypt")))
453 (install-file "FORMAT" misc)
454 #t))))))
455 (inputs
456 `(("openssl" ,openssl)))
457 (home-page "https://www.tarsnap.com/scrypt.html")
458 (synopsis "Memory-hard encryption tool based on scrypt")
459 (description "This packages provides a simple password-based encryption
460 utility as a demonstration of the @code{scrypt} key derivation function.
461 @code{Scrypt} is designed to be far more resistant against hardware brute-force
462 attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
463 (license license:bsd-2)))
464
465 (define-public perl-math-random-isaac-xs
466 (package
467 (name "perl-math-random-isaac-xs")
468 (version "1.004")
469 (source
470 (origin
471 (method url-fetch)
472 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
473 "Math-Random-ISAAC-XS-" version ".tar.gz"))
474 (sha256
475 (base32
476 "0yxqqcqvj51fn7b7j5xqhz65v74arzgainn66c6k7inijbmr1xws"))))
477 (build-system perl-build-system)
478 (native-inputs
479 `(("perl-module-build" ,perl-module-build)
480 ("perl-test-nowarnings" ,perl-test-nowarnings)))
481 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
482 (synopsis "C implementation of the ISAAC PRNG algorithm")
483 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
484 fast pseudo-random number generator. It is suitable for applications where a
485 significant amount of random data needs to be produced quickly, such as
486 solving using the Monte Carlo method or for games. The results are uniformly
487 distributed, unbiased, and unpredictable unless you know the seed.
488
489 This package implements the same interface as @code{Math::Random::ISAAC}.")
490 (license license:public-domain)))
491
492 (define-public perl-math-random-isaac
493 (package
494 (name "perl-math-random-isaac")
495 (version "1.004")
496 (source
497 (origin
498 (method url-fetch)
499 (uri (string-append "mirror://cpan/authors/id/J/JA/JAWNSY/"
500 "Math-Random-ISAAC-" version ".tar.gz"))
501 (sha256
502 (base32
503 "0z1b3xbb3xz71h25fg6jgsccra7migq7s0vawx2rfzi0pwpz0wr7"))))
504 (build-system perl-build-system)
505 (native-inputs
506 `(("perl-test-nowarnings" ,perl-test-nowarnings)))
507 (propagated-inputs
508 `(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
509 (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
510 (synopsis "Perl interface to the ISAAC PRNG algorithm")
511 (description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
512 fast pseudo-random number generator. It is suitable for applications where a
513 significant amount of random data needs to be produced quickly, such as
514 solving using the Monte Carlo method or for games. The results are uniformly
515 distributed, unbiased, and unpredictable unless you know the seed.
516
517 This package provides a Perl interface to the ISAAC pseudo random number
518 generator.")
519 (license license:public-domain)))
520
521 (define-public perl-crypt-random-source
522 (package
523 (name "perl-crypt-random-source")
524 (version "0.12")
525 (source
526 (origin
527 (method url-fetch)
528 (uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
529 "Crypt-Random-Source-" version ".tar.gz"))
530 (sha256
531 (base32
532 "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
533 (build-system perl-build-system)
534 (native-inputs
535 `(("perl-module-build-tiny" ,perl-module-build-tiny)
536 ("perl-test-exception" ,perl-test-exception)))
537 (propagated-inputs
538 `(("perl-capture-tiny" ,perl-capture-tiny)
539 ("perl-module-find" ,perl-module-find)
540 ("perl-module-runtime" ,perl-module-runtime)
541 ("perl-moo" ,perl-moo)
542 ("perl-namespace-clean" ,perl-namespace-clean)
543 ("perl-sub-exporter" ,perl-sub-exporter)
544 ("perl-type-tiny" ,perl-type-tiny)))
545 (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
546 (synopsis "Get weak or strong random data from pluggable sources")
547 (description "This module provides implementations for a number of
548 byte-oriented sources of random data.")
549 (license license:perl-license)))
550
551 (define-public perl-math-random-secure
552 (package
553 (name "perl-math-random-secure")
554 (version "0.080001")
555 (source
556 (origin
557 (method url-fetch)
558 (uri (string-append "mirror://cpan/authors/id/F/FR/FREW/"
559 "Math-Random-Secure-" version ".tar.gz"))
560 (sha256
561 (base32
562 "0dgbf4ncll4kmgkyb9fsaxn0vf2smc9dmwqzgh3259zc2zla995z"))))
563 (build-system perl-build-system)
564 (native-inputs
565 `(("perl-list-moreutils" ,perl-list-moreutils)
566 ("perl-test-leaktrace" ,perl-test-leaktrace)
567 ("perl-test-sharedfork" ,perl-test-sharedfork)
568 ("perl-test-warn" ,perl-test-warn)))
569 (inputs
570 `(("perl-crypt-random-source" ,perl-crypt-random-source)
571 ("perl-math-random-isaac" ,perl-math-random-isaac)
572 ("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
573 ("perl-moo" ,perl-moo)))
574 (home-page "http://search.cpan.org/dist/Math-Random-Secure")
575 (synopsis "Cryptographically secure replacement for rand()")
576 (description "This module is intended to provide a
577 cryptographically-secure replacement for Perl's built-in @code{rand} function.
578 \"Crytographically secure\", in this case, means:
579
580 @enumerate
581 @item No matter how many numbers you see generated by the random number
582 generator, you cannot guess the future numbers, and you cannot guess the seed.
583 @item There are so many possible seeds that it would take decades, centuries,
584 or millenia for an attacker to try them all.
585 @item The seed comes from a source that generates relatively strong random
586 data on your platform, so the seed itself will be as random as possible.
587 @end enumerate\n")
588 (license license:artistic2.0)))
589
590 (define-public crypto++
591 (package
592 (name "crypto++")
593 (version "6.0.0")
594 (source (origin
595 (method url-fetch/zipbomb)
596 (uri (string-append "https://cryptopp.com/cryptopp"
597 (string-join (string-split version #\.) "")
598 ".zip"))
599 (sha256
600 (base32
601 "1nidm6xbdza5cbgf5md2zznmaq692rfyjasycwipl6rzdfwjvb34"))))
602 (build-system gnu-build-system)
603 (arguments
604 `(#:make-flags
605 (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
606 #:phases
607 (modify-phases %standard-phases
608 (add-after 'unpack 'disable-native-optimisation
609 ;; This package installs more than just headers. Ensure that the
610 ;; cryptest.exe binary & static library aren't CPU model specific.
611 (lambda _
612 (substitute* "GNUmakefile"
613 ((" -march=native") ""))
614 #t))
615 (delete 'configure))))
616 (native-inputs
617 `(("unzip" ,unzip)))
618 (home-page "https://cryptopp.com/")
619 (synopsis "C++ class library of cryptographic schemes")
620 (description "Crypto++ is a C++ class library of cryptographic schemes.")
621 ;; The compilation is distributed under the Boost license; the individual
622 ;; files in the compilation are in the public domain.
623 (license (list license:boost1.0 license:public-domain))))
624
625 (define-public libb2
626 (let ((revision "1") ; upstream doesn't ‘do’ releases
627 (commit "60ea749837362c226e8501718f505ab138e5c19d"))
628 (package
629 (name "libb2")
630 (version (git-version "0.0.0" revision commit))
631 (source (origin
632 (method git-fetch)
633 (uri (git-reference
634 (url "https://github.com/BLAKE2/libb2")
635 (commit commit)))
636 (file-name (git-file-name name version))
637 (sha256
638 (base32
639 "07a2m8basxrsj9dsp5lj24y8jraj85lfy56756a7za1nfkgy04z7"))))
640 (build-system gnu-build-system)
641 (native-inputs
642 `(("autoconf" ,autoconf)
643 ("automake" ,automake)
644 ("libtool" ,libtool)))
645 (arguments
646 `(#:configure-flags
647 (list
648 ,@(if (any (cute string-prefix? <> (or (%current-system)
649 (%current-target-system)))
650 '("x86_64" "i686"))
651 ;; fat only checks for Intel optimisations
652 '("--enable-fat")
653 '())
654 "--disable-native"))) ;don't optimise at build time
655 (home-page "https://blake2.net/")
656 (synopsis "Library implementing the BLAKE2 family of hash functions")
657 (description
658 "libb2 is a portable implementation of the BLAKE2 family of cryptographic
659 hash functions. It includes optimised implementations for IA-32 and AMD64
660 processors, and an interface layer that automatically selects the best
661 implementation for the processor it is run on.
662
663 @dfn{BLAKE2} (RFC 7693) is a family of high-speed cryptographic hash functions
664 that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure
665 as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist
666 BLAKE.")
667 (license license:public-domain))))
668
669 (define-public rhash
670 (package
671 (name "rhash")
672 (version "1.3.5")
673 (source
674 (origin
675 (method url-fetch)
676 (uri (string-append "https://github.com/rhash/RHash/archive/v"
677 version ".tar.gz"))
678 (file-name (string-append name "-" version ".tar.gz"))
679 (sha256
680 (base32
681 "0bhz3xdl6r06k1bqigdjz42l31iqz2qdpg7zk316i7p2ra56iq4q"))))
682 (build-system gnu-build-system)
683 (arguments
684 `(#:make-flags (list "CC=gcc"
685 (string-append "PREFIX=" %output))
686 #:test-target "test"
687 #:phases
688 (modify-phases %standard-phases
689 (replace 'configure
690 (lambda* (#:key outputs #:allow-other-keys)
691 (substitute* "Makefile"
692 (("\\$\\(DESTDIR\\)/etc")
693 (string-append (assoc-ref outputs "out") "/etc")))
694 #t))
695 (add-after 'build 'build-library
696 (lambda* (#:key make-flags #:allow-other-keys)
697 (apply invoke "make" "lib-shared" make-flags)))
698 (add-after 'install 'install-library
699 (lambda* (#:key make-flags #:allow-other-keys)
700 (apply invoke "make" "install-lib-shared" make-flags)
701 (apply invoke
702 "make" "-C" "librhash" "install-headers"
703 "install-so-link" make-flags)))
704 (add-after 'check 'check-library
705 (lambda* (#:key make-flags #:allow-other-keys)
706 (apply invoke "make" "test-shared-lib" make-flags))))))
707 (home-page "https://sourceforge.net/projects/rhash/")
708 (synopsis "Utility for computing hash sums")
709 (description "RHash is a console utility for calculation and verification
710 of magnet links and a wide range of hash sums like CRC32, MD4, MD5, SHA1,
711 SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R
712 34.11-94, RIPEMD-160, HAS-160, EDON-R, Whirlpool and Snefru.")
713 (license (license:non-copyleft "file://COPYING"))))
jackhill's copy of GNU Guix: https://guix.gnu.org/