1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
4 ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
5 ;;; Copyright © 2014 Mark H Weaver <mhw@netris.org>
7 ;;; This file is part of GNU Guix.
9 ;;; GNU Guix is free software; you can redistribute it and/or modify it
10 ;;; under the terms of the GNU General Public License as published by
11 ;;; the Free Software Foundation; either version 3 of the License, or (at
12 ;;; your option) any later version.
14 ;;; GNU Guix is distributed in the hope that it will be useful, but
15 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
16 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 ;;; GNU General Public License for more details.
19 ;;; You should have received a copy of the GNU General Public License
20 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
22 (define-module (gnu packages gnupg)
23 #:use-module (guix licenses)
24 #:use-module (gnu packages curl)
25 #:use-module (gnu packages openldap)
26 #:use-module (gnu packages perl)
27 #:use-module (gnu packages pth)
28 #:use-module (gnu packages python)
29 #:use-module (gnu packages readline)
30 #:use-module ((gnu packages compression) #:prefix guix:)
31 #:use-module (gnu packages gtk)
32 #:use-module (gnu packages glib)
33 #:use-module (gnu packages pkg-config)
34 #:use-module (gnu packages ncurses)
35 #:use-module (guix packages)
36 #:use-module (guix download)
37 #:use-module (guix build-system gnu))
39 (define-public libgpg-error
46 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
50 "0408v19h3h0q6w61g51hgbdg6cyw81nyzkh70qfprvsc3pkddwcz"))))
51 (build-system gnu-build-system)
52 (home-page "http://gnupg.org")
53 (synopsis "Library of error values for GnuPG components")
55 "Libgpg-error is a small library that defines common error values
56 for all GnuPG components. Among these are GPG, GPGSM, GPGME,
57 GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
58 Daemon and possibly more in the future.")
61 (define-public libgcrypt
67 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
71 "0k2wi34qhp5hq71w1ab3kw1gfsx7xff79bvynqkxp35kls94826y"))))
72 (build-system gnu-build-system)
74 `(("libgpg-error-host" ,libgpg-error)))
76 ;; Needed here for the 'gpg-error' program.
77 `(("libgpg-error-native" ,libgpg-error)))
79 ;; The '--with-gpg-error-prefix' argument is needed because otherwise
80 ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
81 ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
83 (list (string-append "--with-gpg-error-prefix="
84 (assoc-ref %build-inputs "libgpg-error-host")))))
85 (outputs '("out" "debug"))
86 (home-page "http://gnupg.org/")
87 (synopsis "Cryptographic function library")
89 "Libgcrypt is a general-purpose cryptographic library. It provides the
90 standard cryptographic building blocks such as symmetric ciphers, hash
91 algorithms, public key algorithms, large integer functions and random number
95 (define-public libgcrypt-1.5
96 (package (inherit libgcrypt)
101 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
105 "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))
107 (define-public libassuan
114 (uri (string-append "mirror://gnupg/libassuan/libassuan-"
118 "1ikf9whfi7rg71qa610ynyv12qrw20zkn7zxgvvr9dp41gbqxxbx"))))
119 (build-system gnu-build-system)
121 `(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
122 (home-page "http://gnupg.org")
124 "IPC library used by GnuPG and related software")
126 "Libassuan is a small library implementing the so-called Assuan
127 protocol. This protocol is used for IPC between most newer
128 GnuPG components. Both, server and client side functions are
132 (define-public libksba
140 "mirror://gnupg/libksba/libksba-"
144 "01l4hvcknk9nb4bvyb6aqaid19jg0wv3ik54j1b89hnzamwm75gb"))))
145 (build-system gnu-build-system)
147 `(("libgpg-error" ,libgpg-error)))
149 `(("libgpg-error" ,libgpg-error)))
152 (list ,@(if (%current-target-system)
153 '("CC_FOR_BUILD=gcc")
155 (string-append "--with-gpg-error-prefix="
156 (assoc-ref %build-inputs "libgpg-error")))))
157 (home-page "http://www.gnupg.org")
158 (synopsis "CMS and X.509 access library")
160 "KSBA (pronounced Kasbah) is a library to make X.509 certificates
161 as well as the CMS easily accessible by other applications. Both
162 specifications are building blocks of S/MIME and TLS.")
173 "mirror://gnupg/npth/npth-"
177 "0zyzwmk4mp6pas87jz35zx0jvwdz7x5b13w225gs73gcn8g5cv49"))))
178 (build-system gnu-build-system)
179 (home-page "http://www.gnupg.org")
180 (synopsis "Non-preemptive thread library")
182 "Npth is a library to provide the GNU Pth API and thus a non-preemptive
183 threads implementation.
185 In contrast to GNU Pth is is based on the system's standard threads
186 implementation. This allows the use of libraries which are not
187 compatible to GNU Pth.")
188 (license (list lgpl3+ gpl2+)))) ; dual license
196 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
200 "14k7c5spai3yppz6izf1ggbnffskl54ln87v1wgy9pwism1mlks0"))))
201 (build-system gnu-build-system)
203 `(("bzip2" ,guix:bzip2)
205 ("libassuan" ,libassuan)
206 ("libgcrypt" ,libgcrypt)
207 ("libgpg-error" ,libgpg-error)
210 ("openldap" ,openldap)
212 ("readline" ,readline)))
216 'configure 'patch-config-files
218 (substitute* "tests/openpgp/defs.inc"
219 (("/bin/pwd") (which "pwd"))))
221 (home-page "http://gnupg.org/")
222 (synopsis "GNU Privacy Guard")
224 "The GNU Privacy Guard is a complete implementation of the OpenPGP
225 standard. It is used to encrypt and sign data and communication. It
226 features powerful key management and the ability to access public key
227 servers. It includes several libraries: libassuan (IPC between GnuPG
228 components), libgpg-error (centralized GnuPG error values), and
229 libskba (working with X.509 certificates and CMS data).")
232 (define-public gnupg-2.0
233 (package (inherit gnupg)
237 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
241 "1q5qcl5panrvcvpwvz6nl9gayl5a6vwvfhgdcxqpmbl2qc6y6n3p"))))
243 `(("bzip2" ,guix:bzip2)
245 ("libassuan" ,libassuan)
246 ("libgcrypt" ,libgcrypt)
247 ("libgpg-error" ,libgpg-error)
250 ("openldap" ,openldap)
252 ("readline" ,readline)))
256 'configure 'patch-config-files
258 (substitute* "tests/openpgp/Makefile.in"
259 (("/bin/sh") (which "bash"))))
260 %standard-phases)))))
262 (define-public gnupg-1
263 (package (inherit gnupg)
267 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
271 "1233bppjvdpbbl425ii6l7xvgy0879ghhnmwrph5b6c4g3dgvddp"))))
273 `(("zlib" ,guix:zlib)
274 ("bzip2" ,guix:bzip2)
276 ("readline" ,readline)
277 ("libgpg-error" ,libgpg-error)))
279 `(#:phases (alist-cons-after
280 'unpack 'patch-check-sh
282 (substitute* "checks/Makefile.in"
283 (("/bin/sh") (which "bash"))))
284 %standard-phases)))))
293 (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
297 "1jgwmra6cf0i5x2prj92w77vl7hmj276qmmll3lwysbyn32l1c0d"))))
298 (build-system gnu-build-system)
300 ;; Needs to be propagated because gpgme.h includes gpg-error.h.
301 `(("libgpg-error" ,libgpg-error)))
304 ("libassuan" ,libassuan)))
305 (arguments '(#:make-flags '("GPG=gpg2")))
306 (home-page "http://www.gnupg.org/related_software/gpgme/")
307 (synopsis "Library providing simplified access to GnuPG functionality")
309 "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
310 easier for applications. It provides a High-Level Crypto API for encryption,
311 decryption, signing, signature verification and key management. Currently
312 it uses GnuPG as its backend but the API isn't restricted to this engine.
314 Because the direct use of GnuPG from an application can be a complicated
315 programming task, it is suggested that all software should try to use GPGME
316 instead. This way bug fixes or improvements can be done at a central place
317 and every application benefits from this.")
326 (uri (string-append "mirror://sourceforge/pgpius/pius/"
330 "0pdbyqz6k0bm182cz81ss7yckmpms5qhrrw0wcr4a1srzcjyzf5f"))))
331 (build-system gnu-build-system)
332 (inputs `(("perl" ,perl)
333 ("python" ,python-2) ; uses the Python 2 'print' syntax
344 (lambda* (#:key inputs outputs #:allow-other-keys)
345 (let* ((out (assoc-ref outputs "out"))
346 (gpg (string-append (assoc-ref inputs "gpg")
349 (mkdir (string-append out "/bin"))
350 (for-each (lambda (file)
352 (("/usr/bin/gpg") gpg))
353 (copy-file file (string-append out "/bin/" file)))
354 '("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
355 %standard-phases)))))
356 (synopsis "Programs to simplify GnuPG key signing")
358 "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
359 parties. It is the main utility and makes it possible to quickly and easily
360 sign each UID on a set of PGP keys. It is designed to take the pain out of
361 the sign-all-the-keys part of PGP Keysigning Party while adding security
364 pius-keyring-mgr and pius-party-worksheet help organisers of
365 PGP keysigning parties.")
367 (home-page "http://www.phildev.net/pius/index.shtml")))
369 (define-public signing-party
371 (name "signing-party")
375 (uri (string-append "http://ftp.debian.org/debian/pool/main/s/signing-party/signing-party_"
376 version ".orig.tar.gz"))
378 "188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
379 (build-system gnu-build-system)
380 (inputs `(("perl" ,perl)))
385 'unpack 'remove-spurious-links
386 (lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
389 (lambda* (#:key outputs #:allow-other-keys)
390 (let ((out (assoc-ref outputs "out")))
391 (substitute* "keyanalyze/Makefile"
392 (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
393 (substitute* "keyanalyze/Makefile"
394 (("./configure") (string-append "./configure --prefix=" out)))
395 (substitute* "keyanalyze/pgpring/configure"
396 (("/bin/sh") (which "bash")))
397 (substitute* "gpgwrap/Makefile"
398 (("\\} clean") (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
399 out "/bin/gpgwrap\n")))
400 (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
401 "keylookup/Makefile" "sig2dot/Makefile"
402 "springgraph/Makefile")
406 (lambda* (#:key outputs #:allow-other-keys #:rest args)
407 (let ((out (assoc-ref outputs "out"))
408 (install (assoc-ref %standard-phases 'install)))
412 (copy-file (string-append dir "/" file)
413 (string-append out "/bin/" file)))
414 '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
415 "gpglist" "gpg-mailkeys" "gpgparticipants")
416 '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
417 "gpglist" "gpg-mailkeys" "gpgparticipants"))
420 (copy-file (string-append dir "/" file)
421 (string-append out "/share/man/man1/" file)))
422 '("caff" "caff" "caff" "gpgdir"
423 "gpg-key2ps" "gpglist" "gpg-mailkeys"
424 "gpgparticipants" "gpgsigs" "gpgwrap/doc"
425 "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
426 '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
427 "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
428 "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
429 "process_keys.1" "pgpring.1" "keyanalyze.1"))))
430 %standard-phases)))))
431 (synopsis "Collection of scripts for simplifying gnupg key signing")
433 "Signing-party is a collection for all kinds of PGP/GnuPG related things,
434 including tools for signing keys, keyring analysis, and party preparation.
436 * caff: CA - Fire and Forget signs and mails a key
438 * pgp-clean: removes all non-self signatures from key
440 * pgp-fixkey: removes broken packets from keys
442 * gpg-mailkeys: simply mail out a signed key to its owner
444 * gpg-key2ps: generate PostScript file with fingerprint paper strips
446 * gpgdir: recursive directory encryption tool
448 * gpglist: show who signed which of your UIDs
450 * gpgsigs: annotates list of GnuPG keys with already done signatures
452 * gpgparticipants: create list of party participants for the organiser
454 * gpgwrap: a passphrase wrapper
456 * keyanalyze: minimum signing distance (MSD) analysis on keyrings
458 * keylookup: ncurses wrapper around gpg --search
460 * sig2dot: converts a list of GnuPG signatures to a .dot file
462 * springgraph: creates a graph from a .dot file")
463 ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
464 ;; and caff and gpgsigs: bsd-3, see
465 ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
467 (home-page "http://pgp-tools.alioth.debian.org/")))
469 (define-public pinentry
475 (uri (string-append "mirror://gnupg/pinentry/pinentry-"
479 "1awhajq21hcjgqfxg9czaxg555gij4bba6axrwg8w6lfmc3ml14h"))))
480 (build-system gnu-build-system)
482 `(("ncurses" ,ncurses)
486 `(("pkg-config" ,pkg-config)))
487 (home-page "http://gnupg.org/aegypten2/")
488 (synopsis "GnuPG's interface to passphrase input")
490 "Pinentry provides a console and a GTK+ GUI that allows users to
491 enter a passphrase when `gpg' or `gpg2' is run and needs it.")
494 (define-public paperkey
500 (uri (string-append "http://www.jabberwocky.com/"
501 "software/paperkey/paperkey-"
505 "1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
506 (build-system gnu-build-system)
510 'check 'patch-check-scripts
512 (substitute* '("checks/roundtrip.sh"
513 "checks/roundtrip-raw.sh")
514 (("/bin/echo") "echo")))
516 (home-page "http://www.jabberwocky.com/software/paperkey/")
517 (synopsis "Backup OpenPGP keys to paper")
519 "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
520 for printing with paper and ink, which have amazingly long retention
521 qualities. To reconstruct a secret key, you re-enter those
522 bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
523 them to transform your existing public key into a secret key.")