1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014, 2015, 2016 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
4 ;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
5 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
6 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
7 ;;; Copyright © 2015, 2016 Efraim Flashner <efraim@flashner.co.il>
8 ;;; Copyright © 2015, 2016 Ricardo Wurmus <rekado@elephly.net>
9 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
10 ;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
11 ;;; Copyright © 2016 Christopher Baines <mail@cbaines.net>
12 ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
13 ;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
14 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
16 ;;; This file is part of GNU Guix.
18 ;;; GNU Guix is free software; you can redistribute it and/or modify it
19 ;;; under the terms of the GNU General Public License as published by
20 ;;; the Free Software Foundation; either version 3 of the License, or (at
21 ;;; your option) any later version.
23 ;;; GNU Guix is distributed in the hope that it will be useful, but
24 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
25 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 ;;; GNU General Public License for more details.
28 ;;; You should have received a copy of the GNU General Public License
29 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
31 (define-module (gnu packages gnupg)
32 #:use-module ((guix licenses) #:prefix license:)
33 #:use-module (gnu packages)
34 #:use-module (gnu packages adns)
35 #:use-module (gnu packages curl)
36 #:use-module (gnu packages openldap)
37 #:use-module (gnu packages perl)
38 #:use-module (gnu packages pth)
39 #:use-module (gnu packages python)
40 #:use-module (gnu packages qt)
41 #:use-module (gnu packages readline)
42 #:use-module (gnu packages compression)
43 #:use-module (gnu packages databases)
44 #:use-module (gnu packages gtk)
45 #:use-module (gnu packages glib)
46 #:use-module (gnu packages gnome)
47 #:use-module (gnu packages pkg-config)
48 #:use-module (gnu packages ncurses)
49 #:use-module (gnu packages security-token)
50 #:use-module (gnu packages swig)
51 #:use-module (gnu packages tls)
52 #:use-module (guix packages)
53 #:use-module (guix download)
54 #:use-module (guix git-download)
55 #:use-module (guix build-system gnu)
56 #:use-module (guix build-system python))
58 (define-public libgpg-error
65 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
69 "0h75sf1ngr750c3fjfn4583q7wz40qm63jhg8vjfdrbx936f2s4j"))))
70 (build-system gnu-build-system)
71 (home-page "https://gnupg.org")
72 (synopsis "Library of error values for GnuPG components")
74 "Libgpg-error is a small library that defines common error values
75 for all GnuPG components. Among these are GPG, GPGSM, GPGME,
76 GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
77 Daemon and possibly more in the future.")
78 (license license:lgpl2.0+)
79 (properties '((ftp-server . "ftp.gnupg.org")
80 (ftp-directory . "/gcrypt/libgpg-error")))))
82 (define-public libgcrypt
88 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
92 "0wbh6fq5zi9wg2xcfvfpwh7dv52jihivx1vm4h91c2kx0w8n3b6x"))))
93 (build-system gnu-build-system)
95 `(("libgpg-error-host" ,libgpg-error)))
97 ;; Needed here for the 'gpg-error' program.
98 `(("libgpg-error-native" ,libgpg-error)))
100 ;; The '--with-gpg-error-prefix' argument is needed because otherwise
101 ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
102 ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
104 (list (string-append "--with-gpg-error-prefix="
105 (assoc-ref %build-inputs "libgpg-error-host")))))
106 (outputs '("out" "debug"))
107 (home-page "https://gnupg.org/")
108 (synopsis "Cryptographic function library")
110 "Libgcrypt is a general-purpose cryptographic library. It provides the
111 standard cryptographic building blocks such as symmetric ciphers, hash
112 algorithms, public key algorithms, large integer functions and random number
114 (license license:lgpl2.0+)
115 (properties '((ftp-server . "ftp.gnupg.org")
116 (ftp-directory . "/gcrypt/libgcrypt")))))
118 (define-public libgcrypt-1.5
119 (package (inherit libgcrypt)
124 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
128 "0ydy7bgra5jbq9mxl5x031nif3m6y3balc6ndw2ngj11wnsjc61h"))))))
130 (define-public libassuan
137 (uri (string-append "mirror://gnupg/libassuan/libassuan-"
141 "0w9bmasln4z8mn16s1is55a06w3nv8jbyal496z5jvr5vcxkm112"))))
142 (build-system gnu-build-system)
144 `(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
145 (home-page "https://gnupg.org")
147 "IPC library used by GnuPG and related software")
149 "Libassuan is a small library implementing the so-called Assuan
150 protocol. This protocol is used for IPC between most newer
151 GnuPG components. Both, server and client side functions are
153 (license license:lgpl2.0+)
154 (properties '((ftp-server . "ftp.gnupg.org")
155 (ftp-directory . "/gcrypt/libassuan")))))
157 (define-public libksba
165 "mirror://gnupg/libksba/libksba-"
169 "0h53q4sns1jz1pkmhcz5wp9qrfn9f5g9i3vjv6dafwzzlvblyi21"))))
170 (build-system gnu-build-system)
172 `(("libgpg-error" ,libgpg-error)))
174 `(("libgpg-error" ,libgpg-error)))
177 (list ,@(if (%current-target-system)
178 '("CC_FOR_BUILD=gcc")
180 (string-append "--with-gpg-error-prefix="
181 (assoc-ref %build-inputs "libgpg-error")))))
182 (home-page "https://www.gnupg.org")
183 (synopsis "CMS and X.509 access library")
185 "KSBA (pronounced Kasbah) is a library to make X.509 certificates
186 as well as the CMS easily accessible by other applications. Both
187 specifications are building blocks of S/MIME and TLS.")
188 (license license:gpl3+)
189 (properties '((ftp-server . "ftp.gnupg.org")
190 (ftp-directory . "/gcrypt/libksba")))))
200 "mirror://gnupg/npth/npth-"
204 "0am86vblapwz84254qpmhz0chk70g6qzh3wdxcs0gvba8d01ka5w"))))
205 (build-system gnu-build-system)
206 (home-page "https://www.gnupg.org")
207 (synopsis "Non-preemptive thread library")
209 "Npth is a library to provide the GNU Pth API and thus a non-preemptive
210 threads implementation.
212 In contrast to GNU Pth is is based on the system's standard threads
213 implementation. This allows the use of libraries which are not
214 compatible to GNU Pth.")
215 (license (list license:lgpl3+ license:gpl2+)))) ; dual license
223 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
225 (patches (search-patches "gnupg-2.1-fix-Y2038-test-failure.patch"))
228 "1w4vccmb5l50lm4yrz9vkdj7whbfvzx543r55362kkj1aqgyvk26"))))
229 (build-system gnu-build-system)
231 `(("pkg-config" ,pkg-config)))
236 ("libassuan" ,libassuan)
237 ("libgcrypt" ,libgcrypt)
238 ("libgpg-error" ,libgpg-error)
241 ("openldap" ,openldap)
242 ("pcsc-lite" ,pcsc-lite)
243 ("readline" ,readline)
247 `(#:configure-flags '("--enable-gpg2-is-gpg"
248 ;; Otherwise, the test suite looks for the `gpg`
249 ;; executable in its installation directory in
250 ;; /gnu/store before it has been installed.
251 "--enable-gnupg-builddir-envvar")
253 (modify-phases %standard-phases
254 (add-before 'configure 'patch-paths
255 (lambda* (#:key inputs #:allow-other-keys)
256 (substitute* "scd/scdaemon.c"
257 (("\"(libpcsclite\\.so[^\"]*)\"" _ name)
258 (string-append "\"" (assoc-ref inputs "pcsc-lite")
261 (add-after 'build 'patch-scheme-tests
263 (substitute* (find-files "tests" ".\\.scm$")
264 (("/usr/bin/env gpgscm")
265 (string-append (getcwd) "/tests/gpgscm/gpgscm")))
267 (add-before 'build 'patch-test-paths
268 (lambda* (#:key inputs #:allow-other-keys)
269 (let* ((coreutils (assoc-ref inputs "coreutils"))
270 (cat (string-append coreutils "/bin/cat"))
271 (pwd (string-append coreutils "/bin/pwd"))
272 (true (string-append coreutils "/bin/true"))
273 (false (string-append coreutils "/bin/false")))
274 (substitute* '("tests/inittests"
275 "tests/pkits/inittests"
277 "tests/pkits/common.sh"
278 "tests/pkits/Makefile"
281 (substitute* "common/t-exectool.c"
283 (substitute* "common/t-exectool.c"
284 (("/bin/true") true))
285 (substitute* "common/t-exectool.c"
286 (("/bin/false") false))
288 (home-page "https://gnupg.org/")
289 (synopsis "GNU Privacy Guard")
291 "The GNU Privacy Guard is a complete implementation of the OpenPGP
292 standard. It is used to encrypt and sign data and communication. It
293 features powerful key management and the ability to access public key
294 servers. It includes several libraries: libassuan (IPC between GnuPG
295 components), libgpg-error (centralized GnuPG error values), and
296 libskba (working with X.509 certificates and CMS data).")
297 (license license:gpl3+)
298 (properties '((ftp-server . "ftp.gnupg.org")
299 (ftp-directory . "/gcrypt/gnupg")))))
301 (define-public gnupg-2.0
302 (package (inherit gnupg)
306 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
310 "0wax4cy14hh0h7kg9hj0hjn9424b71z8lrrc5kbsasrn9xd7hag3"))))
316 ("libassuan" ,libassuan)
317 ("libgcrypt" ,libgcrypt)
318 ("libgpg-error" ,libgpg-error)
321 ("openldap" ,openldap)
323 ("readline" ,readline)))
326 (modify-phases %standard-phases
327 (add-before 'configure 'patch-config-files
329 (substitute* "tests/openpgp/Makefile.in"
330 (("/bin/sh") (which "sh")))
332 (add-after 'install 'rename-v2-commands
333 (lambda* (#:key outputs #:allow-other-keys)
334 ;; Upstream suggests removing the trailing '2' from command names:
335 ;; <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#58>.
336 (let ((out (assoc-ref outputs "out")))
337 (with-directory-excursion (string-append out "/bin")
338 (rename-file "gpgv2" "gpgv")
339 (rename-file "gpg2" "gpg")
341 ;; Keep the old name around to ease transition.
342 (symlink "gpgv" "gpgv2")
343 (symlink "gpg" "gpg2")
346 (define-public gnupg-1
347 (package (inherit gnupg)
351 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
355 "0xi2mshq8f6zbarb5f61c9w2qzwrdbjm4q8fqsrwlzc51h8a6ivb"))))
361 ("readline" ,readline)
362 ("libgpg-error" ,libgpg-error)))
365 (modify-phases %standard-phases
366 (add-after 'unpack 'patch-check-sh
368 (substitute* "checks/Makefile.in"
369 (("/bin/sh") (which "sh"))))))))))
378 (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
382 "0csx3qnycwm0n90ql6gs65if5xi4gqyzzy21fxs2xqicghjrfq2r"))))
383 (build-system gnu-build-system)
385 ;; Needs to be propagated because gpgme.h includes gpg-error.h.
386 `(("libgpg-error" ,libgpg-error)))
388 `(("gnupg" ,gnupg-2.0)
389 ("libassuan" ,libassuan)))
392 (modify-phases %standard-phases
393 (add-after 'configure 'patch-cmake-file
395 ;; Work around <https://bugs.gnupg.org/gnupg/issue2877>.
396 (substitute* "lang/cpp/src/GpgmeppConfig.cmake.in"
397 (("@libsuffix@") ".so"))
399 (home-page "https://www.gnupg.org/related_software/gpgme/")
400 (synopsis "Library providing simplified access to GnuPG functionality")
402 "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
403 easier for applications. It provides a High-Level Crypto API for encryption,
404 decryption, signing, signature verification and key management. Currently
405 it uses GnuPG as its backend but the API isn't restricted to this engine.
407 Because the direct use of GnuPG from an application can be a complicated
408 programming task, it is suggested that all software should try to use GPGME
409 instead. This way bug fixes or improvements can be done at a central place
410 and every application benefits from this.")
411 (license license:lgpl2.1+)))
413 (define-public python-gpg
416 (version (package-version gpgme))
419 (uri (pypi-uri "gpg" version))
422 "1x74i6q713c0bckls7rdm8kgsmllf9qvy9x62jghszlhgjkyh9nd"))))
423 (build-system python-build-system)
425 '(#:tests? #f)) ; No test suite.
430 (home-page (package-home-page gpgme))
431 (synopsis "Python bindings for GPGME GnuPG cryptography library")
432 (description "This package provides Python bindings to the GPGME GnuPG
433 cryptographic library. It is developed in the GPGME source code, and then
434 distributed separately.")
435 (license license:lgpl2.1+)))
437 (define-public python2-gpg
438 (package-with-python2 python-gpg))
440 (define-public python-pygpgme
442 (name "python-pygpgme")
447 (uri (pypi-uri "pygpgme" version))
450 "1q82p3gs6lwq8j8dxk4pvrwk3jpww1zqcjrzznl9clh10z28gn2z"))
451 ;; Unfortunately, we have to disable some tests due to some gpg-agent
453 ;; https://bugs.launchpad.net/pygpgme/+bug/999949
454 (patches (search-patches "pygpgme-disable-problematic-tests.patch"
455 "python-pygpgme-fix-pinentry-tests.patch"))))
458 (modify-phases %standard-phases
459 (add-before 'build 'make-build
461 (zero? (system* "make" "build"))))
464 (zero? (system* "make" "check")))))))
465 (build-system python-build-system)
467 `(("gnupg" ,gnupg-2.0)
469 (home-page "https://launchpad.net/pygpgme")
470 (synopsis "Python module for working with OpenPGP messages")
472 "PyGPGME is a Python module that lets you sign, verify, encrypt and
473 decrypt messages using the OpenPGP format by making use of GPGME.")
474 (license license:lgpl2.1+)))
476 (define-public python2-pygpgme
477 (package-with-python2 python-pygpgme))
479 (define-public python-gnupg
481 (name "python-gnupg")
486 (uri (pypi-uri "python-gnupg" version))
489 "0nkbs9c8f30lra7ca39kg91x8cyxn0jb61vih4qky839gpbwwwiq"))))
490 (build-system python-build-system)
493 (modify-phases %standard-phases
496 (substitute* "test_gnupg.py"
497 ;; Exported keys don't have a version line!
498 (("del k1\\[1\\]") "#")
499 ;; Unsure why this test fails.
500 (("'test_search_keys'") "True")
501 (("def test_search_keys") "def disabled__search_keys"))
502 (setenv "USERNAME" "guixbuilder")
503 ;; The doctests are extremely slow and sometimes time out,
504 ;; so we disable them.
505 (zero? (system* "python"
506 "test_gnupg.py" "--no-doctests")))))))
508 `(("gnupg" ,gnupg-1)))
509 (home-page "https://packages.python.org/python-gnupg/index.html")
510 (synopsis "Wrapper for the GNU Privacy Guard")
512 "This module allows easy access to GnuPG’s key management, encryption
513 and signature functionality from Python programs.")
514 (license license:bsd-3)))
516 (define-public python2-gnupg
517 (package-with-python2 python-gnupg))
526 "https://github.com/jaymzh/pius/releases/download/v"
527 version "/pius-" version ".tar.bz2"))
530 "0iy0gnms6lv9hpvk29313kc495a2f7pq2mg6ljxhy233vxsmjsk6"))))
531 (build-system python-build-system)
532 (inputs `(("perl" ,perl) ;for 'pius-party-worksheet'
536 #:python ,python-2 ;uses the Python 2 'print' syntax
538 (modify-phases %standard-phases
540 'build 'set-gpg-file-name
541 (lambda* (#:key inputs outputs #:allow-other-keys)
542 (let* ((gpg (string-append (assoc-ref inputs "gpg")
544 (substitute* "libpius/constants.py"
545 (("/usr/bin/gpg2") gpg))
547 (synopsis "Programs to simplify GnuPG key signing")
549 "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
550 parties. It is the main utility and makes it possible to quickly and easily
551 sign each UID on a set of PGP keys. It is designed to take the pain out of
552 the sign-all-the-keys part of PGP Keysigning Party while adding security
555 pius-keyring-mgr and pius-party-worksheet help organisers of
556 PGP keysigning parties.")
557 (license license:gpl2)
558 (home-page "https://www.phildev.net/pius/index.shtml")))
560 (define-public signing-party
562 (name "signing-party")
566 (uri (string-append "mirror://debian/pool/main/s/signing-party/"
567 "signing-party_" version ".orig.tar.gz"))
569 "188gp0prbh8qs29lq3pbf0qibfd6jq4fk7i0pfrybl8aahvm84rx"))))
570 (build-system gnu-build-system)
571 (inputs `(("perl" ,perl)))
575 (modify-phases %standard-phases
576 (add-after 'unpack 'remove-spurious-links
577 (lambda _ (delete-file "keyanalyze/pgpring/depcomp")))
579 (lambda* (#:key outputs #:allow-other-keys)
580 (let ((out (assoc-ref outputs "out")))
581 (substitute* "keyanalyze/Makefile"
582 (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
583 (substitute* "keyanalyze/Makefile"
584 (("./configure") (string-append "./configure --prefix=" out)))
585 (substitute* "keyanalyze/pgpring/configure"
586 (("/bin/sh") (which "sh")))
587 (substitute* "gpgwrap/Makefile"
589 (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
590 out "/bin/gpgwrap\n")))
591 (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
592 "keylookup/Makefile" "sig2dot/Makefile"
593 "springgraph/Makefile")
596 (lambda* (#:key outputs #:allow-other-keys #:rest args)
597 (let ((out (assoc-ref outputs "out"))
598 (install (assoc-ref %standard-phases 'install)))
602 (copy-file (string-append dir "/" file)
603 (string-append out "/bin/" file)))
604 '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
605 "gpglist" "gpg-mailkeys" "gpgparticipants")
606 '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
607 "gpglist" "gpg-mailkeys" "gpgparticipants"))
610 (copy-file (string-append dir "/" file)
611 (string-append out "/share/man/man1/" file)))
612 '("caff" "caff" "caff" "gpgdir"
613 "gpg-key2ps" "gpglist" "gpg-mailkeys"
614 "gpgparticipants" "gpgsigs" "gpgwrap/doc"
615 "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
616 '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
617 "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
618 "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
619 "process_keys.1" "pgpring.1" "keyanalyze.1"))))))))
620 (synopsis "Collection of scripts for simplifying gnupg key signing")
622 "Signing-party is a collection for all kinds of PGP/GnuPG related things,
623 including tools for signing keys, keyring analysis, and party preparation.
625 @item caff: CA - Fire and Forget signs and mails a key
626 @item pgp-clean: removes all non-self signatures from key
627 @item pgp-fixkey: removes broken packets from keys
628 @item gpg-mailkeys: simply mail out a signed key to its owner
629 @item gpg-key2ps: generate PostScript file with fingerprint paper strips
630 @item gpgdir: recursive directory encryption tool
631 @item gpglist: show who signed which of your UIDs
632 @item gpgsigs: annotates list of GnuPG keys with already done signatures
633 @item gpgparticipants: create list of party participants for the organiser
634 @item gpgwrap: a passphrase wrapper
635 @item keyanalyze: minimum signing distance (MSD) analysis on keyrings
636 @item keylookup: ncurses wrapper around gpg --search
637 @item sig2dot: converts a list of GnuPG signatures to a .dot file
638 @item springgraph: creates a graph from a .dot file
640 ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
641 ;; and caff and gpgsigs: bsd-3, see
642 ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
643 (license license:gpl2)
644 (home-page "https://pgp-tools.alioth.debian.org/")))
646 (define-public pinentry-tty
648 (name "pinentry-tty")
652 (uri (string-append "mirror://gnupg/pinentry/pinentry-"
656 "0ni7g4plq6x78p32al7m8h2zsakvg1rhfz0qbc3kdc7yq7nw4whn"))))
657 (build-system gnu-build-system)
659 `(#:configure-flags '("--enable-pinentry-tty")))
661 `(("ncurses" ,ncurses)
662 ("libassuan" ,libassuan)
663 ("libsecret" ,libsecret "out")))
665 `(("pkg-config" ,pkg-config)))
666 (home-page "https://gnupg.org/aegypten2/")
667 (synopsis "GnuPG's interface to passphrase input")
669 "Pinentry provides a console that allows users to enter a passphrase when
670 @code{gpg} is run and needs it.")
671 (license license:gpl2+)))
673 (define-public pinentry-gtk2
675 (inherit pinentry-tty)
676 (name "pinentry-gtk2")
680 ,@(package-inputs pinentry-tty)))
682 "Pinentry provides a console and a GTK+ GUI that allows users to enter a
683 passphrase when @code{gpg} is run and needs it.")))
685 (define-public pinentry-gnome3
687 (inherit pinentry-tty)
688 (name "pinentry-gnome3")
693 ,@(package-inputs pinentry-tty)))
695 `(#:configure-flags '("--enable-pinentry-gnome3")))
697 "Pinentry provides a console and a GUI designed for use with GNOME@tie{}3
698 that allows users to enter a passphrase when required by @code{gpg} or other
701 (define-public pinentry-qt
703 (inherit pinentry-tty)
707 ,@(package-inputs pinentry-tty)))
709 `(#:configure-flags '("CXXFLAGS=-std=gnu++11")))
711 "Pinentry provides a console and a Qt GUI that allows users to enter a
712 passphrase when @code{gpg} is run and needs it.")))
714 (define-public pinentry
715 (package (inherit pinentry-gtk2)
718 (define-public paperkey
724 (uri (string-append "http://www.jabberwocky.com/"
725 "software/paperkey/paperkey-"
729 "1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
730 (build-system gnu-build-system)
733 (modify-phases %standard-phases
734 (add-before 'check 'patch-check-scripts
736 (substitute* '("checks/roundtrip.sh"
737 "checks/roundtrip-raw.sh")
738 (("/bin/echo") "echo"))
740 (home-page "http://www.jabberwocky.com/software/paperkey/")
741 (synopsis "Backup OpenPGP keys to paper")
743 "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
744 for printing with paper and ink, which have amazingly long retention
745 qualities. To reconstruct a secret key, you re-enter those
746 bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
747 them to transform your existing public key into a secret key.")
748 (license license:gpl2+)))