HCoop / jackhill / guix / guix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gnu: GnuPG: Update to 2.2.11.
[jackhill/guix/guix.git] / gnu / packages / gnupg.scm
1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2013, 2015, 2018 Andreas Enge <andreas@enge.fr>
4 ;;; Copyright © 2014, 2018 Eric Bavier <bavier@member.fsf.org>
5 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
6 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
7 ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
8 ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
9 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
10 ;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
11 ;;; Copyright © 2016 Christopher Baines <mail@cbaines.net>
12 ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
13 ;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
14 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
15 ;;; Copyright © 2017 Petter <petter@mykolab.ch>
16 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
17 ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
18 ;;;
19 ;;; This file is part of GNU Guix.
20 ;;;
21 ;;; GNU Guix is free software; you can redistribute it and/or modify it
22 ;;; under the terms of the GNU General Public License as published by
23 ;;; the Free Software Foundation; either version 3 of the License, or (at
24 ;;; your option) any later version.
25 ;;;
26 ;;; GNU Guix is distributed in the hope that it will be useful, but
27 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
28 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29 ;;; GNU General Public License for more details.
30 ;;;
31 ;;; You should have received a copy of the GNU General Public License
32 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
33
34 (define-module (gnu packages gnupg)
35 #:use-module ((guix licenses) #:prefix license:)
36 #:use-module (gnu packages)
37 #:use-module (gnu packages adns)
38 #:use-module (gnu packages autotools)
39 #:use-module (gnu packages base)
40 #:use-module (gnu packages curl)
41 #:use-module (gnu packages crypto)
42 #:use-module (gnu packages emacs)
43 #:use-module (gnu packages guile)
44 #:use-module (gnu packages openldap)
45 #:use-module (gnu packages perl)
46 #:use-module (gnu packages perl-check)
47 #:use-module (gnu packages pth)
48 #:use-module (gnu packages python)
49 #:use-module (gnu packages qt)
50 #:use-module (gnu packages readline)
51 #:use-module (gnu packages compression)
52 #:use-module (gnu packages databases)
53 #:use-module (gnu packages gtk)
54 #:use-module (gnu packages glib)
55 #:use-module (gnu packages gnome)
56 #:use-module (gnu packages pkg-config)
57 #:use-module (gnu packages ncurses)
58 #:use-module (gnu packages security-token)
59 #:use-module (gnu packages swig)
60 #:use-module (gnu packages texinfo)
61 #:use-module (gnu packages tls)
62 #:use-module (gnu packages tor)
63 #:use-module (gnu packages web)
64 #:use-module (gnu packages xml)
65 #:use-module (guix packages)
66 #:use-module (guix download)
67 #:use-module (guix git-download)
68 #:use-module (guix build-system gnu)
69 #:use-module (guix build-system perl)
70 #:use-module (guix build-system python)
71 #:use-module (srfi srfi-1))
72
73 (define-public libgpg-error
74 (package
75 (name "libgpg-error")
76 (version "1.28")
77 (source
78 (origin
79 (method url-fetch)
80 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
81 version ".tar.bz2"))
82 (sha256
83 (base32
84 "0jfsfnh9bxlxiwxws60yah4ybjw2hshmvqp31pri4m4h8ivrbnry"))
85 (patches (search-patches "libgpg-error-aarch64-logging-fix.patch"))))
86 (build-system gnu-build-system)
87 (home-page "https://gnupg.org")
88 (synopsis "Library of error values for GnuPG components")
89 (description
90 "Libgpg-error is a small library that defines common error values
91 for all GnuPG components. Among these are GPG, GPGSM, GPGME,
92 GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
93 Daemon and possibly more in the future.")
94 (license license:lgpl2.0+)
95 (properties '((ftp-server . "ftp.gnupg.org")
96 (ftp-directory . "/gcrypt/libgpg-error")))))
97
98 ;; Some packages (e.g. GPGME) require a newer libgpg-error to deal with
99 ;; error codes from recent GnuPG. Remove this in the next rebuild cycle.
100 (define-public libgpg-error-1.31
101 (package
102 (inherit libgpg-error)
103 (version "1.31")
104 (source (origin
105 (method url-fetch)
106 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
107 version ".tar.bz2"))
108 (sha256
109 (base32
110 "1vx4nw6rxh2biy3h8n96fyr86q29h8gjl6837437i51jr4isil20"))))))
111
112 (define-public libgcrypt
113 (package
114 (replacement libgcrypt/fixed)
115 (name "libgcrypt")
116 (version "1.8.2")
117 (source (origin
118 (method url-fetch)
119 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
120 version ".tar.bz2"))
121 (sha256
122 (base32
123 "01sca9m8hm6b5v8hmqsfdjhyz013869p1f0fxw9ln52qfnp4q1n8"))))
124 (build-system gnu-build-system)
125 (propagated-inputs
126 `(("libgpg-error-host" ,libgpg-error)))
127 (native-inputs
128 ;; Needed here for the 'gpg-error' program.
129 `(("libgpg-error-native" ,libgpg-error)))
130 (arguments
131 ;; The '--with-gpg-error-prefix' argument is needed because otherwise
132 ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
133 ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
134 `(#:configure-flags
135 (list (string-append "--with-gpg-error-prefix="
136 (assoc-ref %build-inputs "libgpg-error-host")))))
137 (outputs '("out" "debug"))
138 (home-page "https://gnupg.org/")
139 (synopsis "Cryptographic function library")
140 (description
141 "Libgcrypt is a general-purpose cryptographic library. It provides the
142 standard cryptographic building blocks such as symmetric ciphers, hash
143 algorithms, public key algorithms, large integer functions and random number
144 generation.")
145 (license license:lgpl2.0+)
146 (properties '((ftp-server . "ftp.gnupg.org")
147 (ftp-directory . "/gcrypt/libgcrypt")))))
148
149 (define libgcrypt/fixed
150 (package
151 (inherit libgcrypt)
152 (name "libgcrypt")
153 (version "1.8.3")
154 (source (origin
155 (method url-fetch)
156 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
157 version ".tar.bz2"))
158 (sha256
159 (base32
160 "0z5gs1khzyknyfjr19k8gk4q148s6q987ya85cpn0iv70fz91v36"))))))
161
162 (define-public libassuan
163 (package
164 (name "libassuan")
165 (version "2.5.1")
166 (source
167 (origin
168 (method url-fetch)
169 (uri (string-append "mirror://gnupg/libassuan/libassuan-"
170 version ".tar.bz2"))
171 (sha256
172 (base32
173 "0jb4nb4nrjr949gd3lw8lh4v5d6qigxaq6xwy24w5apjnhvnrya7"))))
174 (build-system gnu-build-system)
175 (propagated-inputs
176 `(("libgpg-error" ,libgpg-error)
177 ("pth" ,pth)))
178 (home-page "https://gnupg.org")
179 (synopsis
180 "IPC library used by GnuPG and related software")
181 (description
182 "Libassuan is a small library implementing the so-called Assuan
183 protocol. This protocol is used for IPC between most newer
184 GnuPG components. Both, server and client side functions are
185 provided.")
186 (license license:lgpl2.0+)
187 (properties '((ftp-server . "ftp.gnupg.org")
188 (ftp-directory . "/gcrypt/libassuan")))))
189
190 (define-public libksba
191 (package
192 (name "libksba")
193 (version "1.3.5")
194 (source
195 (origin
196 (method url-fetch)
197 (uri (string-append
198 "mirror://gnupg/libksba/libksba-"
199 version ".tar.bz2"))
200 (sha256
201 (base32
202 "0h53q4sns1jz1pkmhcz5wp9qrfn9f5g9i3vjv6dafwzzlvblyi21"))))
203 (build-system gnu-build-system)
204 (propagated-inputs
205 `(("libgpg-error" ,libgpg-error)))
206 (native-inputs
207 `(("libgpg-error" ,libgpg-error)))
208 (arguments
209 `(#:configure-flags
210 (list ,@(if (%current-target-system)
211 '("CC_FOR_BUILD=gcc")
212 '())
213 (string-append "--with-gpg-error-prefix="
214 (assoc-ref %build-inputs "libgpg-error")))))
215 (home-page "https://www.gnupg.org")
216 (synopsis "CMS and X.509 access library")
217 (description
218 "KSBA (pronounced Kasbah) is a library to make X.509 certificates
219 as well as the CMS easily accessible by other applications. Both
220 specifications are building blocks of S/MIME and TLS.")
221 (license license:gpl3+)
222 (properties '((ftp-server . "ftp.gnupg.org")
223 (ftp-directory . "/gcrypt/libksba")))))
224
225 (define-public npth
226 (package
227 (name "npth")
228 (version "1.5")
229 (source
230 (origin
231 (method url-fetch)
232 (uri (string-append "mirror://gnupg/npth/npth-" version ".tar.bz2"))
233 (sha256
234 (base32
235 "1hmkkp6vzyrh8v01c2ynzf9vwikyagp7p1lxhbnr4ysk3w66jji9"))))
236 (build-system gnu-build-system)
237 (home-page "https://www.gnupg.org")
238 (synopsis "Non-preemptive thread library")
239 (description
240 "Npth is a library to provide the GNU Pth API and thus a non-preemptive
241 threads implementation.
242
243 In contrast to GNU Pth is is based on the system's standard threads
244 implementation. This allows the use of libraries which are not
245 compatible to GNU Pth.")
246 (license (list license:lgpl3+ license:gpl2+)))) ; dual license
247
248 (define-public gnupg
249 (package
250 (name "gnupg")
251 (version "2.2.11")
252 (source (origin
253 (method url-fetch)
254 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
255 ".tar.bz2"))
256 (sha256
257 (base32
258 "1ncwqjhcxh46fgkp84g2lhf91amcha7abk6wdm1kagzm7q93wv29"))))
259 (build-system gnu-build-system)
260 (native-inputs
261 `(("pkg-config" ,pkg-config)))
262 (inputs
263 `(("gnutls" ,gnutls)
264 ("libassuan" ,libassuan)
265 ("libgcrypt" ,libgcrypt)
266 ("libgpg-error" ,libgpg-error)
267 ("libksba" ,libksba)
268 ("npth" ,npth)
269 ("openldap" ,openldap)
270 ("pcsc-lite" ,pcsc-lite)
271 ("readline" ,readline)
272 ("sqlite" ,sqlite)
273 ("zlib" ,zlib)))
274 (arguments
275 `(#:configure-flags '(;; Otherwise, the test suite looks for the `gpg`
276 ;; executable in its installation directory in
277 ;; /gnu/store before it has been installed.
278 "--enable-gnupg-builddir-envvar"
279 "--enable-all-tests")
280 #:phases
281 (modify-phases %standard-phases
282 (add-before 'configure 'patch-paths
283 (lambda* (#:key inputs #:allow-other-keys)
284 (substitute* "scd/scdaemon.c"
285 (("\"(libpcsclite\\.so[^\"]*)\"" _ name)
286 (string-append "\"" (assoc-ref inputs "pcsc-lite")
287 "/lib/" name "\"")))
288 #t))
289 (add-after 'build 'patch-scheme-tests
290 (lambda _
291 (substitute* (find-files "tests" ".\\.scm$")
292 (("/usr/bin/env gpgscm")
293 (string-append (getcwd) "/tests/gpgscm/gpgscm")))
294 #t))
295 (add-before 'build 'patch-test-paths
296 (lambda _
297 (substitute* '("tests/inittests"
298 "tests/pkits/inittests"
299 "tests/Makefile"
300 "tests/pkits/common.sh"
301 "tests/pkits/Makefile")
302 (("/bin/pwd") (which "pwd")))
303 (substitute* "common/t-exectool.c"
304 (("/bin/cat") (which "cat"))
305 (("/bin/true") (which "true"))
306 (("/bin/false") (which "false")))
307 #t)))))
308 (home-page "https://gnupg.org/")
309 (synopsis "GNU Privacy Guard")
310 (description
311 "The GNU Privacy Guard is a complete implementation of the OpenPGP
312 standard. It is used to encrypt and sign data and communication. It
313 features powerful key management and the ability to access public key
314 servers. It includes several libraries: libassuan (IPC between GnuPG
315 components), libgpg-error (centralized GnuPG error values), and
316 libskba (working with X.509 certificates and CMS data).")
317 (license license:gpl3+)
318 (properties '((ftp-server . "ftp.gnupg.org")
319 (ftp-directory . "/gcrypt/gnupg")))))
320
321 (define-public gnupg-2.0
322 (package (inherit gnupg)
323 (version "2.0.30")
324 (source (origin
325 (method url-fetch)
326 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
327 ".tar.bz2"))
328 (sha256
329 (base32
330 "0wax4cy14hh0h7kg9hj0hjn9424b71z8lrrc5kbsasrn9xd7hag3"))))
331 (native-inputs '())
332 (inputs
333 `(("adns" ,adns)
334 ("bzip2" ,bzip2)
335 ("curl" ,curl)
336 ("libassuan" ,libassuan)
337 ("libgcrypt" ,libgcrypt)
338 ("libgpg-error" ,libgpg-error)
339 ("libksba" ,libksba)
340 ("pth" ,pth)
341 ("openldap" ,openldap)
342 ("zlib" ,zlib)
343 ("readline" ,readline)))
344 (arguments
345 `(#:phases
346 (modify-phases %standard-phases
347 (add-before 'configure 'patch-config-files
348 (lambda _
349 (substitute* "tests/openpgp/Makefile.in"
350 (("/bin/sh") (which "sh")))
351 #t))
352 (add-after 'install 'rename-v2-commands
353 (lambda* (#:key outputs #:allow-other-keys)
354 ;; Upstream suggests removing the trailing '2' from command names:
355 ;; <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#58>.
356 (let ((out (assoc-ref outputs "out")))
357 (with-directory-excursion (string-append out "/bin")
358 (rename-file "gpgv2" "gpgv")
359 (rename-file "gpg2" "gpg")
360
361 ;; Keep the old name around to ease transition.
362 (symlink "gpgv" "gpgv2")
363 (symlink "gpg" "gpg2")
364 #t)))))))
365 (properties `((superseded . ,gnupg)))))
366
367 (define-public gnupg-1
368 (package (inherit gnupg)
369 (version "1.4.23")
370 (source (origin
371 (method url-fetch)
372 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
373 ".tar.bz2"))
374 (sha256
375 (base32
376 "1fkq4sqldvf6a25mm2qz95swv1qjg464736091w51djiwqbjyin9"))))
377 (native-inputs '())
378 (inputs
379 `(("zlib" ,zlib)
380 ("bzip2" ,bzip2)
381 ("curl" ,curl)
382 ("readline" ,readline)
383 ("libgpg-error" ,libgpg-error)))
384 (arguments
385 `(#:phases
386 (modify-phases %standard-phases
387 (add-after 'unpack 'patch-check-sh
388 (lambda _
389 (substitute* "checks/Makefile.in"
390 (("/bin/sh") (which "sh")))
391 #t)))))))
392
393 (define-public gpgme
394 (package
395 (name "gpgme")
396 (version "1.11.1")
397 (source
398 (origin
399 (method url-fetch)
400 (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
401 ".tar.bz2"))
402 (sha256
403 (base32
404 "0vxx5xaag3rhp4g2arp5qm77gvz4kj0m3hnpvhkdvqyjfhbi26rd"))))
405 (build-system gnu-build-system)
406 (native-inputs
407 `(("gnupg" ,gnupg)))
408 (propagated-inputs
409 ;; Needs to be propagated because gpgme.h includes gpg-error.h.
410 `(("libgpg-error" ,libgpg-error-1.31)))
411 (inputs
412 `(("libassuan" ,libassuan)))
413 (home-page "https://www.gnupg.org/related_software/gpgme/")
414 (synopsis "Library providing simplified access to GnuPG functionality")
415 (description
416 "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
417 easier for applications. It provides a High-Level Crypto API for encryption,
418 decryption, signing, signature verification and key management. Currently
419 it uses GnuPG as its backend but the API isn't restricted to this engine.
420
421 Because the direct use of GnuPG from an application can be a complicated
422 programming task, it is suggested that all software should try to use GPGME
423 instead. This way bug fixes or improvements can be done at a central place
424 and every application benefits from this.")
425 (license license:lgpl2.1+)))
426
427 (define-public qgpgme
428 (package
429 (inherit gpgme)
430 (name "qgpgme")
431 (arguments
432 `(#:phases
433 (modify-phases %standard-phases
434 (add-before 'build 'chdir-and-symlink
435 (lambda* (#:key inputs #:allow-other-keys)
436 (let ((gpgme (assoc-ref inputs "gpgme")))
437 (symlink (string-append gpgme "/lib/libgpgmepp.la")
438 "lang/cpp/src/libgpgmepp.la")
439 (symlink (string-append gpgme "/lib/libgpgme.la")
440 "src/libgpgme.la"))
441 (chdir "lang/qt")
442 #t)))))
443 (native-inputs
444 `(("pkg-config" ,pkg-config)
445 ,@(package-native-inputs gpgme)))
446 (inputs
447 `(("gpgme" ,gpgme)
448 ("qtbase" ,qtbase)
449 ,@(package-inputs gpgme)))
450 (synopsis "Qt API bindings for gpgme")
451 (description "QGpgme provides a very high level Qt API around GpgMEpp.
452
453 QGpgME was originally developed as part of libkleo and incorporated into
454 gpgpme starting with version 1.7.")
455 (license license:gpl2+))) ;; Note: this differs from gpgme
456
457 (define-public guile-gcrypt
458 (package
459 (name "guile-gcrypt")
460 (version "0.1.0")
461 (home-page "https://notabug.org/cwebber/guile-gcrypt")
462 (source (origin
463 (method git-fetch)
464 (uri (git-reference
465 (url (string-append home-page ".git"))
466 (commit (string-append "v" version))))
467 (sha256
468 (base32
469 "1lhgh3105yi0ggrjsjibv4wp1ipz8s17pa820hk2wln3rc04wpvf"))
470 (file-name (string-append name "-" version "-checkout"))))
471 (build-system gnu-build-system)
472 (native-inputs
473 `(("pkg-config" ,pkg-config)
474 ("autoconf" ,autoconf)
475 ("automake" ,automake)
476 ("texinfo" ,texinfo)))
477 (inputs
478 `(("guile" ,guile-2.2)
479 ("libgcrypt" ,libgcrypt)))
480 (synopsis "Cryptography library for Guile using Libgcrypt")
481 (description
482 "Guile-Gcrypt provides a Guile 2.x interface to a subset of the
483 GNU Libgcrypt crytographic library. It provides modules for cryptographic
484 hash functions, message authentication codes (MAC), public-key cryptography,
485 strong randomness, and more. It is implemented using the foreign function
486 interface (FFI) of Guile.")
487 (license license:gpl3+)))
488
489 (define-public guile2.0-gcrypt
490 (package (inherit guile-gcrypt)
491 (name "guile2.0-gcrypt")
492 (inputs
493 `(("guile" ,guile-2.0)
494 ,@(alist-delete "guile" (package-inputs guile-gcrypt))))))
495
496 (define-public python-gpg
497 (package
498 (name "python-gpg")
499 (version "1.8.0")
500 (source (origin
501 (method url-fetch)
502 (uri (pypi-uri "gpg" version))
503 (sha256
504 (base32
505 "1x74i6q713c0bckls7rdm8kgsmllf9qvy9x62jghszlhgjkyh9nd"))))
506 (build-system python-build-system)
507 (arguments
508 '(#:tests? #f)) ; No test suite.
509 (inputs
510 `(("gpgme" ,gpgme)))
511 (native-inputs
512 `(("swig" ,swig)))
513 (home-page (package-home-page gpgme))
514 (synopsis "Python bindings for GPGME GnuPG cryptography library")
515 (description "This package provides Python bindings to the GPGME GnuPG
516 cryptographic library. It is developed in the GPGME source code, and then
517 distributed separately.")
518 (license license:lgpl2.1+)))
519
520 (define-public python2-gpg
521 (package-with-python2 python-gpg))
522
523 (define-public python-pygpgme
524 (package
525 (name "python-pygpgme")
526 (version "0.3")
527 (source
528 (origin
529 (method url-fetch)
530 (uri (pypi-uri "pygpgme" version))
531 (sha256
532 (base32
533 "1q82p3gs6lwq8j8dxk4pvrwk3jpww1zqcjrzznl9clh10z28gn2z"))
534 ;; Unfortunately, we have to disable some tests due to some gpg-agent
535 ;; goofiness... see:
536 ;; https://bugs.launchpad.net/pygpgme/+bug/999949
537 (patches (search-patches "pygpgme-disable-problematic-tests.patch"
538 "python-pygpgme-fix-pinentry-tests.patch"))))
539 (arguments
540 `(#:phases
541 (modify-phases %standard-phases
542 (add-before 'build 'make-build
543 (lambda _
544 (zero? (system* "make" "build"))))
545 (replace 'check
546 (lambda _
547 (zero? (system* "make" "check")))))))
548 (build-system python-build-system)
549 (native-inputs
550 `(("gnupg" ,gnupg-1)))
551 (inputs
552 `(("gpgme" ,gpgme)))
553 (home-page "https://launchpad.net/pygpgme")
554 (synopsis "Python module for working with OpenPGP messages")
555 (description
556 "PyGPGME is a Python module that lets you sign, verify, encrypt and
557 decrypt messages using the OpenPGP format by making use of GPGME.")
558 (license license:lgpl2.1+)))
559
560 (define-public python2-pygpgme
561 (package-with-python2 python-pygpgme))
562
563 (define-public python-gnupg
564 (package
565 (name "python-gnupg")
566 (version "0.4.3")
567 (source
568 (origin
569 (method url-fetch)
570 (uri (pypi-uri "python-gnupg" version))
571 (sha256
572 (base32
573 "03dc8whhvk7ccspbk8vzfhkxli8cd9zfbss5p597g4jldgy8s59d"))))
574 (build-system python-build-system)
575 (arguments
576 `(#:phases
577 (modify-phases %standard-phases
578 (replace 'check
579 (lambda _
580 (substitute* "test_gnupg.py"
581 ;; Unsure why this test fails.
582 (("'test_search_keys'") "True")
583 (("def test_search_keys") "def disabled__search_keys"))
584 (setenv "USERNAME" "guixbuilder")
585 ;; The doctests are extremely slow and sometimes time out,
586 ;; so we disable them.
587 (invoke "python"
588 "test_gnupg.py" "--no-doctests"))))))
589 (native-inputs
590 `(("gnupg" ,gnupg-1)))
591 (home-page "https://packages.python.org/python-gnupg/index.html")
592 (synopsis "Wrapper for the GNU Privacy Guard")
593 (description
594 "This module allows easy access to GnuPG’s key management, encryption
595 and signature functionality from Python programs.")
596 (license license:bsd-3)))
597
598 (define-public python2-gnupg
599 (package-with-python2 python-gnupg))
600
601 (define-public perl-gnupg-interface
602 (package
603 (name "perl-gnupg-interface")
604 (version "0.52")
605 (source (origin
606 (method url-fetch)
607 (uri (string-append "mirror://cpan/authors/id/A/AL/ALEXMV/"
608 "GnuPG-Interface-" version ".tar.gz"))
609 (sha256
610 (base32
611 "0dgx8yhdsmhkazcrz14n4flrk1afv7azgl003hl4arxvi1d9yyi4"))))
612 (build-system perl-build-system)
613 (arguments
614 `(#:phases
615 (modify-phases %standard-phases
616 ;; FIXME: This test fails for unknown reasons
617 (add-after 'unpack 'delete-broken-test
618 (lambda _
619 (delete-file "t/encrypt_symmetrically.t")
620 #t)))))
621 (inputs
622 `(("gnupg" ,gnupg-1)))
623 (propagated-inputs
624 `(("perl-moo" ,perl-moo)
625 ("perl-moox-handlesvia" ,perl-moox-handlesvia)
626 ("perl-moox-late" ,perl-moox-late)))
627 (native-inputs
628 `(("which" ,which)
629 ("perl-module-install" ,perl-module-install)))
630 (home-page "https://metacpan.org/release/GnuPG-Interface")
631 (synopsis "Perl interface to GnuPG")
632 (description "@code{GnuPG::Interface} and its associated modules are
633 designed to provide an object-oriented method for interacting with GnuPG,
634 being able to perform functions such as but not limited to encrypting,
635 signing, decryption, verification, and key-listing parsing.")
636 (license license:perl-license)))
637
638 (define-public pius
639 (package
640 (name "pius")
641 (version "2.2.6")
642 (source (origin
643 (method url-fetch)
644 (uri (string-append
645 "https://github.com/jaymzh/pius/releases/download/v"
646 version "/pius-" version ".tar.bz2"))
647 (sha256
648 (base32
649 "1893hzpx3zv724drqv48csrn0cm98xw4ymb1zmhs2jvjj1778zfj"))
650 (patches (search-patches "pius.patch"))))
651 (build-system python-build-system)
652 (inputs `(("perl" ,perl) ;for 'pius-party-worksheet'
653 ("gpg" ,gnupg)
654 ("python-six" ,python2-six)))
655 (arguments
656 `(#:tests? #f
657 #:python ,python-2 ;uses the Python 2 'print' syntax
658 #:phases
659 (modify-phases %standard-phases
660 (add-before
661 'build 'set-gpg-file-name
662 (lambda* (#:key inputs outputs #:allow-other-keys)
663 (let* ((gpg (string-append (assoc-ref inputs "gpg")
664 "/bin/gpg")))
665 (substitute* "libpius/constants.py"
666 (("/usr/bin/gpg2") gpg))
667 #t))))))
668 (synopsis "Programs to simplify GnuPG key signing")
669 (description
670 "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
671 parties. It is the main utility and makes it possible to quickly and easily
672 sign each UID on a set of PGP keys. It is designed to take the pain out of
673 the sign-all-the-keys part of PGP Keysigning Party while adding security
674 to the process.
675
676 pius-keyring-mgr and pius-party-worksheet help organisers of
677 PGP keysigning parties.")
678 (license license:gpl2)
679 (home-page "https://www.phildev.net/pius/index.shtml")))
680
681 (define-public signing-party
682 ;; Upstream moved from alioth.debian.org to salsa.debian.org but the
683 ;; automatic svn import did not preserve tags apparently, so there's no real
684 ;; version number.
685 (let ((commit "d6f2296325605ee96ddf9f5b156e5e3f667a6df3")
686 (revision "0"))
687 (package
688 (name "signing-party")
689 (version (git-version "2.6" revision commit))
690 (home-page "https://salsa.debian.org/stappers/pgp-tools")
691 (source (origin
692 (method git-fetch)
693 (uri (git-reference
694 (url home-page)
695 (commit commit)))
696 (sha256
697 (base32
698 "00f7zasbwcbjzd92br2j10pyjxv0aw1qb4540qfz2dxzxgmdscrz"))))
699 (build-system gnu-build-system)
700 (native-inputs
701 `(("autoconf" ,autoconf-wrapper)
702 ("automake" ,automake)))
703 (inputs `(("perl" ,perl)
704 ("perl-text-template" ,perl-text-template)
705 ("perl-mime-tools" ,perl-mime-tools)
706 ("perl-gnupg-interface" ,perl-gnupg-interface)
707 ("perl-net-idn-encode" ,perl-net-idn-encode)
708 ("libmd" ,libmd)))
709 (arguments
710 `(#:tests? #f
711 #:phases
712 (modify-phases %standard-phases
713 (replace 'configure
714 (lambda* (#:key outputs #:allow-other-keys)
715 (let ((out (assoc-ref outputs "out")))
716 (substitute* "keyanalyze/Makefile"
717 (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
718 (substitute* "keyanalyze/Makefile"
719 (("\\./configure") (string-append "./configure --prefix=" out)))
720 (substitute* "gpgwrap/Makefile"
721 (("\\} clean")
722 (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
723 out "/bin/gpgwrap\n")))
724 (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
725 "keylookup/Makefile" "sig2dot/Makefile"
726 "springgraph/Makefile")
727 (("/usr") out))
728 (setenv "CONFIG_SHELL" (which "sh")))))
729 (replace 'install
730 (lambda* (#:key outputs #:allow-other-keys #:rest args)
731 (let ((out (assoc-ref outputs "out"))
732 (install (assoc-ref %standard-phases 'install)))
733 (apply install args)
734 (for-each
735 (lambda (dir file)
736 (copy-file (string-append dir "/" file)
737 (string-append out "/bin/" file)))
738 '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
739 "gpglist" "gpg-mailkeys" "gpgparticipants")
740 '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
741 "gpglist" "gpg-mailkeys" "gpgparticipants"))
742 (for-each
743 (lambda (dir file)
744 (copy-file (string-append dir "/" file)
745 (string-append out "/share/man/man1/" file)))
746 '("caff" "caff" "caff" "gpgdir"
747 "gpg-key2ps" "gpglist" "gpg-mailkeys"
748 "gpgparticipants" "gpgsigs" "gpgwrap/doc"
749 "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
750 '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
751 "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
752 "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
753 "process_keys.1" "pgpring.1" "keyanalyze.1")))))
754 (add-after 'install 'wrap-programs
755 (lambda* (#:key outputs #:allow-other-keys)
756 (let* ((out (assoc-ref outputs "out")))
757 (wrap-program
758 (string-append out "/bin/caff")
759 `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB"))))))))))
760 (synopsis "Collection of scripts for simplifying gnupg key signing")
761 (description
762 "Signing-party is a collection for all kinds of PGP/GnuPG related things,
763 including tools for signing keys, keyring analysis, and party preparation.
764 @enumerate
765 @item caff: CA - Fire and Forget signs and mails a key
766 @item pgp-clean: removes all non-self signatures from key
767 @item pgp-fixkey: removes broken packets from keys
768 @item gpg-mailkeys: simply mail out a signed key to its owner
769 @item gpg-key2ps: generate PostScript file with fingerprint paper strips
770 @item gpgdir: recursive directory encryption tool
771 @item gpglist: show who signed which of your UIDs
772 @item gpgsigs: annotates list of GnuPG keys with already done signatures
773 @item gpgparticipants: create list of party participants for the organiser
774 @item gpgwrap: a passphrase wrapper
775 @item keyanalyze: minimum signing distance (MSD) analysis on keyrings
776 @item keylookup: ncurses wrapper around gpg --search
777 @item sig2dot: converts a list of GnuPG signatures to a .dot file
778 @item springgraph: creates a graph from a .dot file
779 @end enumerate")
780 ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
781 ;; and caff and gpgsigs: bsd-3, see
782 ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
783 (license license:gpl2))))
784
785 (define-public pinentry-tty
786 (package
787 (name "pinentry-tty")
788 (version "1.1.0")
789 (source (origin
790 (method url-fetch)
791 (uri (string-append "mirror://gnupg/pinentry/pinentry-"
792 version ".tar.bz2"))
793 (sha256
794 (base32
795 "0w35ypl960pczg5kp6km3dyr000m1hf0vpwwlh72jjkjza36c1v8"))))
796 (build-system gnu-build-system)
797 (arguments
798 `(#:configure-flags '("--enable-pinentry-tty")))
799 (inputs
800 `(("ncurses" ,ncurses)
801 ("libassuan" ,libassuan)
802 ("libsecret" ,libsecret "out")))
803 (native-inputs
804 `(("pkg-config" ,pkg-config)))
805 (home-page "https://gnupg.org/aegypten2/")
806 (synopsis "GnuPG's interface to passphrase input")
807 (description
808 "Pinentry provides a console that allows users to enter a passphrase when
809 @code{gpg} is run and needs it.")
810 (license license:gpl2+)
811 (properties '((ftp-server . "ftp.gnupg.org")
812 (ftp-directory . "/gcrypt/pinentry")
813 (upstream-name . "pinentry")))))
814
815 (define-public pinentry-emacs
816 (package
817 (inherit pinentry-tty)
818 (name "pinentry-emacs")
819 (arguments
820 `(#:configure-flags '("--enable-pinentry-emacs")))
821 (description
822 "Pinentry provides a console and an Emacs interface that allows users to
823 enter a passphrase when required by @code{gpg} or other software.")))
824
825 (define-public pinentry-gtk2
826 (package
827 (inherit pinentry-tty)
828 (name "pinentry-gtk2")
829 (inputs
830 `(("gtk+" ,gtk+-2)
831 ("glib" ,glib)
832 ,@(package-inputs pinentry-tty)))
833 (description
834 "Pinentry provides a console and a GTK+ GUI that allows users to enter a
835 passphrase when @code{gpg} is run and needs it.")))
836
837 (define-public pinentry-gnome3
838 (package
839 (inherit pinentry-tty)
840 (name "pinentry-gnome3")
841 (inputs
842 `(("gtk+" ,gtk+-2)
843 ("gcr" ,gcr)
844 ("glib" ,glib)
845 ,@(package-inputs pinentry-tty)))
846 (arguments
847 `(#:configure-flags '("--enable-pinentry-gnome3")))
848 (description
849 "Pinentry provides a console and a GUI designed for use with GNOME@tie{}3
850 that allows users to enter a passphrase when required by @code{gpg} or other
851 software.")))
852
853 (define-public pinentry-qt
854 (package
855 (inherit pinentry-tty)
856 (name "pinentry-qt")
857 (inputs
858 `(("qtbase" ,qtbase)
859 ,@(package-inputs pinentry-tty)))
860 (arguments
861 `(#:configure-flags '("CXXFLAGS=-std=gnu++11")))
862 (description
863 "Pinentry provides a console and a Qt GUI that allows users to enter a
864 passphrase when @code{gpg} is run and needs it.")))
865
866 (define-public pinentry
867 (package (inherit pinentry-gtk2)
868 (name "pinentry")))
869
870 (define-public paperkey
871 (package
872 (name "paperkey")
873 (version "1.5")
874 (source (origin
875 (method url-fetch)
876 (uri (string-append "http://www.jabberwocky.com/"
877 "software/paperkey/paperkey-"
878 version ".tar.gz"))
879 (sha256
880 (base32
881 "1prd2jaf4zjad3xhv160hmi5n408ssljfg7iz90jxs9w111pjwy4"))))
882 (build-system gnu-build-system)
883 (arguments
884 `(#:phases
885 (modify-phases %standard-phases
886 (add-before 'check 'patch-check-scripts
887 (lambda _
888 (substitute* '("checks/roundtrip.sh"
889 "checks/roundtrip-raw.sh")
890 (("/bin/echo") "echo"))
891 #t)))))
892 (home-page "http://www.jabberwocky.com/software/paperkey/")
893 (synopsis "Backup OpenPGP keys to paper")
894 (description
895 "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
896 for printing with paper and ink, which have amazingly long retention
897 qualities. To reconstruct a secret key, you re-enter those
898 bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
899 them to transform your existing public key into a secret key.")
900 (license license:gpl2+)))
901
902 (define-public gpa
903 (package
904 (name "gpa")
905 (version "0.9.10")
906 (source (origin
907 (method url-fetch)
908 (uri (string-append "mirror://gnupg/gpa/"
909 name "-" version ".tar.bz2"))
910 (sha256
911 (base32
912 "09xphbi2456qynwqq5n0yh0zdmdi2ggrj3wk4hsyh5lrzlvcrff3"))))
913 (build-system gnu-build-system)
914 (native-inputs
915 `(("pkg-config" ,pkg-config)))
916 (inputs
917 `(("gnupg" ,gnupg)
918 ("gpgme" ,gpgme)
919 ("libassuan" ,libassuan)
920 ("libgpg-error" ,libgpg-error)
921 ("gtk+-2" ,gtk+-2)))
922 (home-page "https://gnupg.org/software/gpa/")
923 (synopsis "Graphical user interface for GnuPG")
924 (description
925 "GPA, the GNU Privacy Assistant, is a graphical user interface for
926 @uref{https://gnupg.org, GnuPG}. It can be used to encrypt, decrypt, and sign
927 files, to verify signatures, and to manage the private and public keys.")
928 (license license:gpl3+)))
929
930 (define-public parcimonie
931 (package
932 (name "parcimonie")
933 (version "0.10.3")
934 (source (origin
935 (method url-fetch)
936 (uri (string-append "https://gaffer.ptitcanardnoir.org/"
937 "intrigeri/files/parcimonie/App-Parcimonie-"
938 version ".tar.gz"))
939 (sha256
940 (base32
941 "1kf891117s1f3k6lxvbjdb21va9gxh29vlp9bd664ssgw266rcyb"))))
942 (build-system perl-build-system)
943 (inputs
944 `(("gnupg" ,gnupg-1) ; This is the version used by perl-gnupg-interface
945 ("perl-config-general" ,perl-config-general)
946 ("perl-clone" ,perl-clone)
947 ("perl-data" ,perl-data)
948 ("perl-exporter-tiny" ,perl-exporter-tiny)
949 ("perl-file-homedir" ,perl-file-homedir)
950 ("perl-file-sharedir" ,perl-file-sharedir)
951 ("perl-file-which" ,perl-file-which)
952 ("perl-getopt-long-descriptive" ,perl-getopt-long-descriptive)
953 ("perl-gnupg-interface" ,perl-gnupg-interface)
954 ("perl-ipc-system-simple" ,perl-ipc-system-simple)
955 ("perl-list-moreutils" ,perl-list-moreutils)
956 ("perl-libintl-perl" ,perl-libintl-perl) ; Locale::TextDomain
957 ("perl-lwp-online" ,perl-lwp-online)
958 ("perl-module-build" ,perl-module-build)
959 ("perl-module-pluggable-object" ,perl-module-pluggable)
960 ("perl-moo" ,perl-moo)
961 ("perl-moox-handlesvia" ,perl-moox-handlesvia)
962 ("perl-moox-late" ,perl-moox-late)
963 ("perl-moox-options" ,perl-moox-options)
964 ("perl-namespace-clean" ,perl-namespace-clean)
965 ("perl-net-dbus" ,perl-net-dbus)
966 ("perl-net-dbus-glib" ,perl-net-dbus-glib)
967 ("perl-path-tiny" ,perl-path-tiny)
968 ("perl-test-most" ,perl-test-most)
969 ("perl-test-trap" ,perl-test-trap)
970 ("perl-time-duration" ,perl-time-duration)
971 ("perl-time-duration-parse" ,perl-time-duration-parse)
972 ("perl-try-tiny" ,perl-try-tiny)
973 ("perl-type-tiny" ,perl-type-tiny)
974 ("perl-types-path-tiny" ,perl-types-path-tiny)
975 ("perl-unicode-linebreak" ,perl-unicode-linebreak)
976 ("perl-xml-parser" ,perl-xml-parser)
977 ("perl-xml-twig" ,perl-xml-twig)
978 ("torsocks" ,torsocks)))
979 (arguments
980 `(#:phases
981 (modify-phases %standard-phases
982 ;; Needed for using gpg-connect-agent during tests.
983 (add-before 'check 'set-HOME
984 (lambda _ (setenv "HOME" "/tmp") #t))
985 (add-before 'install 'fix-references
986 (lambda* (#:key inputs outputs #:allow-other-keys)
987 (substitute* "lib/App/Parcimonie/GnuPG/Interface.pm"
988 (("gpg2") "gpg")
989 ;; Skip check whether dependencies are in the PATH
990 (("defined which.*") "")
991 (("call\\('parcimonie-torified-gpg'\\)")
992 (string-append "call('" (assoc-ref outputs "out")
993 "/bin/parcimonie-torified-gpg')")))
994 (substitute* "bin/parcimonie-torified-gpg"
995 (("torsocks") (string-append (assoc-ref inputs "torsocks")
996 "/bin/torsocks")))
997 #t))
998 (add-after 'install 'wrap-program
999 (lambda* (#:key inputs outputs #:allow-other-keys)
1000 (let* ((out (assoc-ref outputs "out"))
1001 (perllib (string-append out "/lib/perl5/site_perl/"
1002 ,(package-version perl))))
1003 (wrap-program (string-append out "/bin/parcimonie")
1004 `("PERL5LIB" ":"
1005 prefix (,(string-append perllib ":" (getenv "PERL5LIB")))))
1006 #t))))))
1007 (home-page "https://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/")
1008 (synopsis "Incrementally refreshes a GnuPG keyring")
1009 (description "Parcimonie incrementaly refreshes a GnuPG keyring in a way
1010 that makes it hard to correlate the keyring content to an individual, and
1011 makes it hard to locate an individual based on an identifying subset of her
1012 keyring content. Parcimonie is a daemon that fetches one key at a time using
1013 the Tor network, waits a bit, changes the Tor circuit being used, and starts
1014 over.")
1015 (license license:gpl1+)))
1016
1017 (define-public jetring
1018 (package
1019 (name "jetring")
1020 (version "0.27")
1021 (source
1022 (origin
1023 (method url-fetch)
1024 (uri (string-append "mirror://debian/pool/main/j/" name "/"
1025 name "_" version ".tar.xz"))
1026 (sha256
1027 (base32
1028 "0jy0x5zj7v87xgyldlsx1knzp0mv10wzamblrw1b61i2m1ii4pxz"))))
1029 (build-system gnu-build-system)
1030 (arguments
1031 '(#:phases
1032 (modify-phases %standard-phases
1033 (delete 'configure) ; no configure script
1034 (add-before 'install 'hardlink-gnupg
1035 (lambda* (#:key inputs #:allow-other-keys)
1036 (let ((gpg (string-append (assoc-ref inputs "gnupg")
1037 "/bin/gpg")))
1038 (substitute* (find-files "." "jetring-[[:alpha:]]+$")
1039 (("gpg -") (string-append gpg " -"))
1040 (("\\\"gpg\\\"") (string-append "\"" gpg "\"")))
1041 #t)))
1042 (replace 'install
1043 (lambda* (#:key outputs #:allow-other-keys)
1044 (let* ((out (assoc-ref outputs "out"))
1045 (man (string-append out "/share/man")))
1046 (for-each (lambda (file)
1047 (install-file file (string-append out "/bin/")))
1048 (find-files "." "jetring-[[:alpha:]]+$"))
1049 (for-each (lambda (file)
1050 (install-file file (string-append man "/man1/")))
1051 (find-files "." ".*\\.1$"))
1052 (install-file "jetring.7" (string-append man "/man7/"))
1053 #t))))
1054 #:tests? #f)) ; no test phase
1055 (inputs
1056 `(("gnupg" ,gnupg)
1057 ("perl" ,perl)))
1058 (home-page "https://joeyh.name/code/jetring/")
1059 (synopsis "GnuPG keyring maintenance using changesets")
1060 (description
1061 "Jetring is a collection of tools that allow for gpg keyrings to be
1062 maintained using changesets. It was developed with the Debian keyring in mind,
1063 and aims to solve the problem that a gpg keyring is a binary blob that's hard
1064 for multiple people to collaboratively edit.
1065
1066 With jetring, changesets can be submitted, reviewed to see exactly what they
1067 will do, applied, and used to build a keyring. The origin of every change made
1068 to the keyring is available for auditing, and gpg signatures can be used for
1069 integrity guarantees.")
1070 (license license:gpl2+)))
jackhill's copy of GNU Guix: https://guix.gnu.org/