1 ;;; GNU Guix --- Functional package management for GNU
2 ;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
3 ;;; Copyright © 2013, 2015, 2018 Andreas Enge <andreas@enge.fr>
4 ;;; Copyright © 2014, 2018 Eric Bavier <bavier@member.fsf.org>
5 ;;; Copyright © 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
6 ;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
7 ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il>
8 ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
9 ;;; Copyright © 2016 Christopher Allan Webber <cwebber@dustycloud.org>
10 ;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
11 ;;; Copyright © 2016 Christopher Baines <mail@cbaines.net>
12 ;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
13 ;;; Copyright © 2016 Troy Sankey <sankeytms@gmail.com>
14 ;;; Copyright © 2017 Leo Famulari <leo@famulari.name>
15 ;;; Copyright © 2017 Petter <petter@mykolab.ch>
16 ;;; Copyright © 2018 Tobias Geerinckx-Rice <me@tobias.gr>
17 ;;; Copyright © 2018 Marius Bakke <mbakke@fastmail.com>
19 ;;; This file is part of GNU Guix.
21 ;;; GNU Guix is free software; you can redistribute it and/or modify it
22 ;;; under the terms of the GNU General Public License as published by
23 ;;; the Free Software Foundation; either version 3 of the License, or (at
24 ;;; your option) any later version.
26 ;;; GNU Guix is distributed in the hope that it will be useful, but
27 ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
28 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
29 ;;; GNU General Public License for more details.
31 ;;; You should have received a copy of the GNU General Public License
32 ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
34 (define-module (gnu packages gnupg)
35 #:use-module ((guix licenses) #:prefix license:)
36 #:use-module (gnu packages)
37 #:use-module (gnu packages adns)
38 #:use-module (gnu packages autotools)
39 #:use-module (gnu packages base)
40 #:use-module (gnu packages curl)
41 #:use-module (gnu packages crypto)
42 #:use-module (gnu packages emacs)
43 #:use-module (gnu packages guile)
44 #:use-module (gnu packages openldap)
45 #:use-module (gnu packages perl)
46 #:use-module (gnu packages perl-check)
47 #:use-module (gnu packages pth)
48 #:use-module (gnu packages python)
49 #:use-module (gnu packages qt)
50 #:use-module (gnu packages readline)
51 #:use-module (gnu packages compression)
52 #:use-module (gnu packages databases)
53 #:use-module (gnu packages gtk)
54 #:use-module (gnu packages glib)
55 #:use-module (gnu packages gnome)
56 #:use-module (gnu packages pkg-config)
57 #:use-module (gnu packages ncurses)
58 #:use-module (gnu packages security-token)
59 #:use-module (gnu packages swig)
60 #:use-module (gnu packages texinfo)
61 #:use-module (gnu packages tls)
62 #:use-module (gnu packages tor)
63 #:use-module (gnu packages web)
64 #:use-module (gnu packages xml)
65 #:use-module (guix packages)
66 #:use-module (guix download)
67 #:use-module (guix git-download)
68 #:use-module (guix build-system gnu)
69 #:use-module (guix build-system perl)
70 #:use-module (guix build-system python)
71 #:use-module (srfi srfi-1))
73 (define-public libgpg-error
80 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
84 "0jfsfnh9bxlxiwxws60yah4ybjw2hshmvqp31pri4m4h8ivrbnry"))
85 (patches (search-patches "libgpg-error-aarch64-logging-fix.patch"))))
86 (build-system gnu-build-system)
87 (home-page "https://gnupg.org")
88 (synopsis "Library of error values for GnuPG components")
90 "Libgpg-error is a small library that defines common error values
91 for all GnuPG components. Among these are GPG, GPGSM, GPGME,
92 GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
93 Daemon and possibly more in the future.")
94 (license license:lgpl2.0+)
95 (properties '((ftp-server . "ftp.gnupg.org")
96 (ftp-directory . "/gcrypt/libgpg-error")))))
98 ;; Some packages (e.g. GPGME) require a newer libgpg-error to deal with
99 ;; error codes from recent GnuPG. Remove this in the next rebuild cycle.
100 (define-public libgpg-error-1.31
102 (inherit libgpg-error)
106 (uri (string-append "mirror://gnupg/libgpg-error/libgpg-error-"
110 "1vx4nw6rxh2biy3h8n96fyr86q29h8gjl6837437i51jr4isil20"))))))
112 (define-public libgcrypt
114 (replacement libgcrypt/fixed)
119 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
123 "01sca9m8hm6b5v8hmqsfdjhyz013869p1f0fxw9ln52qfnp4q1n8"))))
124 (build-system gnu-build-system)
126 `(("libgpg-error-host" ,libgpg-error)))
128 ;; Needed here for the 'gpg-error' program.
129 `(("libgpg-error-native" ,libgpg-error)))
131 ;; The '--with-gpg-error-prefix' argument is needed because otherwise
132 ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
133 ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
135 (list (string-append "--with-gpg-error-prefix="
136 (assoc-ref %build-inputs "libgpg-error-host")))))
137 (outputs '("out" "debug"))
138 (home-page "https://gnupg.org/")
139 (synopsis "Cryptographic function library")
141 "Libgcrypt is a general-purpose cryptographic library. It provides the
142 standard cryptographic building blocks such as symmetric ciphers, hash
143 algorithms, public key algorithms, large integer functions and random number
145 (license license:lgpl2.0+)
146 (properties '((ftp-server . "ftp.gnupg.org")
147 (ftp-directory . "/gcrypt/libgcrypt")))))
149 (define libgcrypt/fixed
156 (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
160 "0z5gs1khzyknyfjr19k8gk4q148s6q987ya85cpn0iv70fz91v36"))))))
162 (define-public libassuan
169 (uri (string-append "mirror://gnupg/libassuan/libassuan-"
173 "0jb4nb4nrjr949gd3lw8lh4v5d6qigxaq6xwy24w5apjnhvnrya7"))))
174 (build-system gnu-build-system)
176 `(("libgpg-error" ,libgpg-error)
178 (home-page "https://gnupg.org")
180 "IPC library used by GnuPG and related software")
182 "Libassuan is a small library implementing the so-called Assuan
183 protocol. This protocol is used for IPC between most newer
184 GnuPG components. Both, server and client side functions are
186 (license license:lgpl2.0+)
187 (properties '((ftp-server . "ftp.gnupg.org")
188 (ftp-directory . "/gcrypt/libassuan")))))
190 (define-public libksba
198 "mirror://gnupg/libksba/libksba-"
202 "0h53q4sns1jz1pkmhcz5wp9qrfn9f5g9i3vjv6dafwzzlvblyi21"))))
203 (build-system gnu-build-system)
205 `(("libgpg-error" ,libgpg-error)))
207 `(("libgpg-error" ,libgpg-error)))
210 (list ,@(if (%current-target-system)
211 '("CC_FOR_BUILD=gcc")
213 (string-append "--with-gpg-error-prefix="
214 (assoc-ref %build-inputs "libgpg-error")))))
215 (home-page "https://www.gnupg.org")
216 (synopsis "CMS and X.509 access library")
218 "KSBA (pronounced Kasbah) is a library to make X.509 certificates
219 as well as the CMS easily accessible by other applications. Both
220 specifications are building blocks of S/MIME and TLS.")
221 (license license:gpl3+)
222 (properties '((ftp-server . "ftp.gnupg.org")
223 (ftp-directory . "/gcrypt/libksba")))))
232 (uri (string-append "mirror://gnupg/npth/npth-" version ".tar.bz2"))
235 "1hmkkp6vzyrh8v01c2ynzf9vwikyagp7p1lxhbnr4ysk3w66jji9"))))
236 (build-system gnu-build-system)
237 (home-page "https://www.gnupg.org")
238 (synopsis "Non-preemptive thread library")
240 "Npth is a library to provide the GNU Pth API and thus a non-preemptive
241 threads implementation.
243 In contrast to GNU Pth is is based on the system's standard threads
244 implementation. This allows the use of libraries which are not
245 compatible to GNU Pth.")
246 (license (list license:lgpl3+ license:gpl2+)))) ; dual license
254 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
258 "1ncwqjhcxh46fgkp84g2lhf91amcha7abk6wdm1kagzm7q93wv29"))))
259 (build-system gnu-build-system)
261 `(("pkg-config" ,pkg-config)))
264 ("libassuan" ,libassuan)
265 ("libgcrypt" ,libgcrypt)
266 ("libgpg-error" ,libgpg-error)
269 ("openldap" ,openldap)
270 ("pcsc-lite" ,pcsc-lite)
271 ("readline" ,readline)
275 `(#:configure-flags '(;; Otherwise, the test suite looks for the `gpg`
276 ;; executable in its installation directory in
277 ;; /gnu/store before it has been installed.
278 "--enable-gnupg-builddir-envvar"
279 "--enable-all-tests")
281 (modify-phases %standard-phases
282 (add-before 'configure 'patch-paths
283 (lambda* (#:key inputs #:allow-other-keys)
284 (substitute* "scd/scdaemon.c"
285 (("\"(libpcsclite\\.so[^\"]*)\"" _ name)
286 (string-append "\"" (assoc-ref inputs "pcsc-lite")
289 (add-after 'build 'patch-scheme-tests
291 (substitute* (find-files "tests" ".\\.scm$")
292 (("/usr/bin/env gpgscm")
293 (string-append (getcwd) "/tests/gpgscm/gpgscm")))
295 (add-before 'build 'patch-test-paths
297 (substitute* '("tests/inittests"
298 "tests/pkits/inittests"
300 "tests/pkits/common.sh"
301 "tests/pkits/Makefile")
302 (("/bin/pwd") (which "pwd")))
303 (substitute* "common/t-exectool.c"
304 (("/bin/cat") (which "cat"))
305 (("/bin/true") (which "true"))
306 (("/bin/false") (which "false")))
308 (home-page "https://gnupg.org/")
309 (synopsis "GNU Privacy Guard")
311 "The GNU Privacy Guard is a complete implementation of the OpenPGP
312 standard. It is used to encrypt and sign data and communication. It
313 features powerful key management and the ability to access public key
314 servers. It includes several libraries: libassuan (IPC between GnuPG
315 components), libgpg-error (centralized GnuPG error values), and
316 libskba (working with X.509 certificates and CMS data).")
317 (license license:gpl3+)
318 (properties '((ftp-server . "ftp.gnupg.org")
319 (ftp-directory . "/gcrypt/gnupg")))))
321 (define-public gnupg-2.0
322 (package (inherit gnupg)
326 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
330 "0wax4cy14hh0h7kg9hj0hjn9424b71z8lrrc5kbsasrn9xd7hag3"))))
336 ("libassuan" ,libassuan)
337 ("libgcrypt" ,libgcrypt)
338 ("libgpg-error" ,libgpg-error)
341 ("openldap" ,openldap)
343 ("readline" ,readline)))
346 (modify-phases %standard-phases
347 (add-before 'configure 'patch-config-files
349 (substitute* "tests/openpgp/Makefile.in"
350 (("/bin/sh") (which "sh")))
352 (add-after 'install 'rename-v2-commands
353 (lambda* (#:key outputs #:allow-other-keys)
354 ;; Upstream suggests removing the trailing '2' from command names:
355 ;; <http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22883#58>.
356 (let ((out (assoc-ref outputs "out")))
357 (with-directory-excursion (string-append out "/bin")
358 (rename-file "gpgv2" "gpgv")
359 (rename-file "gpg2" "gpg")
361 ;; Keep the old name around to ease transition.
362 (symlink "gpgv" "gpgv2")
363 (symlink "gpg" "gpg2")
365 (properties `((superseded . ,gnupg)))))
367 (define-public gnupg-1
368 (package (inherit gnupg)
372 (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
376 "1fkq4sqldvf6a25mm2qz95swv1qjg464736091w51djiwqbjyin9"))))
382 ("readline" ,readline)
383 ("libgpg-error" ,libgpg-error)))
386 (modify-phases %standard-phases
387 (add-after 'unpack 'patch-check-sh
389 (substitute* "checks/Makefile.in"
390 (("/bin/sh") (which "sh")))
400 (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
404 "0vxx5xaag3rhp4g2arp5qm77gvz4kj0m3hnpvhkdvqyjfhbi26rd"))))
405 (build-system gnu-build-system)
409 ;; Needs to be propagated because gpgme.h includes gpg-error.h.
410 `(("libgpg-error" ,libgpg-error-1.31)))
412 `(("libassuan" ,libassuan)))
413 (home-page "https://www.gnupg.org/related_software/gpgme/")
414 (synopsis "Library providing simplified access to GnuPG functionality")
416 "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
417 easier for applications. It provides a High-Level Crypto API for encryption,
418 decryption, signing, signature verification and key management. Currently
419 it uses GnuPG as its backend but the API isn't restricted to this engine.
421 Because the direct use of GnuPG from an application can be a complicated
422 programming task, it is suggested that all software should try to use GPGME
423 instead. This way bug fixes or improvements can be done at a central place
424 and every application benefits from this.")
425 (license license:lgpl2.1+)))
427 (define-public qgpgme
433 (modify-phases %standard-phases
434 (add-before 'build 'chdir-and-symlink
435 (lambda* (#:key inputs #:allow-other-keys)
436 (let ((gpgme (assoc-ref inputs "gpgme")))
437 (symlink (string-append gpgme "/lib/libgpgmepp.la")
438 "lang/cpp/src/libgpgmepp.la")
439 (symlink (string-append gpgme "/lib/libgpgme.la")
444 `(("pkg-config" ,pkg-config)
445 ,@(package-native-inputs gpgme)))
449 ,@(package-inputs gpgme)))
450 (synopsis "Qt API bindings for gpgme")
451 (description "QGpgme provides a very high level Qt API around GpgMEpp.
453 QGpgME was originally developed as part of libkleo and incorporated into
454 gpgpme starting with version 1.7.")
455 (license license:gpl2+))) ;; Note: this differs from gpgme
457 (define-public guile-gcrypt
459 (name "guile-gcrypt")
461 (home-page "https://notabug.org/cwebber/guile-gcrypt")
465 (url (string-append home-page ".git"))
466 (commit (string-append "v" version))))
469 "1lhgh3105yi0ggrjsjibv4wp1ipz8s17pa820hk2wln3rc04wpvf"))
470 (file-name (string-append name "-" version "-checkout"))))
471 (build-system gnu-build-system)
473 `(("pkg-config" ,pkg-config)
474 ("autoconf" ,autoconf)
475 ("automake" ,automake)
476 ("texinfo" ,texinfo)))
478 `(("guile" ,guile-2.2)
479 ("libgcrypt" ,libgcrypt)))
480 (synopsis "Cryptography library for Guile using Libgcrypt")
482 "Guile-Gcrypt provides a Guile 2.x interface to a subset of the
483 GNU Libgcrypt crytographic library. It provides modules for cryptographic
484 hash functions, message authentication codes (MAC), public-key cryptography,
485 strong randomness, and more. It is implemented using the foreign function
486 interface (FFI) of Guile.")
487 (license license:gpl3+)))
489 (define-public guile2.0-gcrypt
490 (package (inherit guile-gcrypt)
491 (name "guile2.0-gcrypt")
493 `(("guile" ,guile-2.0)
494 ,@(alist-delete "guile" (package-inputs guile-gcrypt))))))
496 (define-public python-gpg
502 (uri (pypi-uri "gpg" version))
505 "1x74i6q713c0bckls7rdm8kgsmllf9qvy9x62jghszlhgjkyh9nd"))))
506 (build-system python-build-system)
508 '(#:tests? #f)) ; No test suite.
513 (home-page (package-home-page gpgme))
514 (synopsis "Python bindings for GPGME GnuPG cryptography library")
515 (description "This package provides Python bindings to the GPGME GnuPG
516 cryptographic library. It is developed in the GPGME source code, and then
517 distributed separately.")
518 (license license:lgpl2.1+)))
520 (define-public python2-gpg
521 (package-with-python2 python-gpg))
523 (define-public python-pygpgme
525 (name "python-pygpgme")
530 (uri (pypi-uri "pygpgme" version))
533 "1q82p3gs6lwq8j8dxk4pvrwk3jpww1zqcjrzznl9clh10z28gn2z"))
534 ;; Unfortunately, we have to disable some tests due to some gpg-agent
536 ;; https://bugs.launchpad.net/pygpgme/+bug/999949
537 (patches (search-patches "pygpgme-disable-problematic-tests.patch"
538 "python-pygpgme-fix-pinentry-tests.patch"))))
541 (modify-phases %standard-phases
542 (add-before 'build 'make-build
544 (zero? (system* "make" "build"))))
547 (zero? (system* "make" "check")))))))
548 (build-system python-build-system)
550 `(("gnupg" ,gnupg-1)))
553 (home-page "https://launchpad.net/pygpgme")
554 (synopsis "Python module for working with OpenPGP messages")
556 "PyGPGME is a Python module that lets you sign, verify, encrypt and
557 decrypt messages using the OpenPGP format by making use of GPGME.")
558 (license license:lgpl2.1+)))
560 (define-public python2-pygpgme
561 (package-with-python2 python-pygpgme))
563 (define-public python-gnupg
565 (name "python-gnupg")
570 (uri (pypi-uri "python-gnupg" version))
573 "03dc8whhvk7ccspbk8vzfhkxli8cd9zfbss5p597g4jldgy8s59d"))))
574 (build-system python-build-system)
577 (modify-phases %standard-phases
580 (substitute* "test_gnupg.py"
581 ;; Unsure why this test fails.
582 (("'test_search_keys'") "True")
583 (("def test_search_keys") "def disabled__search_keys"))
584 (setenv "USERNAME" "guixbuilder")
585 ;; The doctests are extremely slow and sometimes time out,
586 ;; so we disable them.
588 "test_gnupg.py" "--no-doctests"))))))
590 `(("gnupg" ,gnupg-1)))
591 (home-page "https://packages.python.org/python-gnupg/index.html")
592 (synopsis "Wrapper for the GNU Privacy Guard")
594 "This module allows easy access to GnuPG’s key management, encryption
595 and signature functionality from Python programs.")
596 (license license:bsd-3)))
598 (define-public python2-gnupg
599 (package-with-python2 python-gnupg))
601 (define-public perl-gnupg-interface
603 (name "perl-gnupg-interface")
607 (uri (string-append "mirror://cpan/authors/id/A/AL/ALEXMV/"
608 "GnuPG-Interface-" version ".tar.gz"))
611 "0dgx8yhdsmhkazcrz14n4flrk1afv7azgl003hl4arxvi1d9yyi4"))))
612 (build-system perl-build-system)
615 (modify-phases %standard-phases
616 ;; FIXME: This test fails for unknown reasons
617 (add-after 'unpack 'delete-broken-test
619 (delete-file "t/encrypt_symmetrically.t")
622 `(("gnupg" ,gnupg-1)))
624 `(("perl-moo" ,perl-moo)
625 ("perl-moox-handlesvia" ,perl-moox-handlesvia)
626 ("perl-moox-late" ,perl-moox-late)))
629 ("perl-module-install" ,perl-module-install)))
630 (home-page "https://metacpan.org/release/GnuPG-Interface")
631 (synopsis "Perl interface to GnuPG")
632 (description "@code{GnuPG::Interface} and its associated modules are
633 designed to provide an object-oriented method for interacting with GnuPG,
634 being able to perform functions such as but not limited to encrypting,
635 signing, decryption, verification, and key-listing parsing.")
636 (license license:perl-license)))
645 "https://github.com/jaymzh/pius/releases/download/v"
646 version "/pius-" version ".tar.bz2"))
649 "1893hzpx3zv724drqv48csrn0cm98xw4ymb1zmhs2jvjj1778zfj"))
650 (patches (search-patches "pius.patch"))))
651 (build-system python-build-system)
652 (inputs `(("perl" ,perl) ;for 'pius-party-worksheet'
654 ("python-six" ,python2-six)))
657 #:python ,python-2 ;uses the Python 2 'print' syntax
659 (modify-phases %standard-phases
661 'build 'set-gpg-file-name
662 (lambda* (#:key inputs outputs #:allow-other-keys)
663 (let* ((gpg (string-append (assoc-ref inputs "gpg")
665 (substitute* "libpius/constants.py"
666 (("/usr/bin/gpg2") gpg))
668 (synopsis "Programs to simplify GnuPG key signing")
670 "Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
671 parties. It is the main utility and makes it possible to quickly and easily
672 sign each UID on a set of PGP keys. It is designed to take the pain out of
673 the sign-all-the-keys part of PGP Keysigning Party while adding security
676 pius-keyring-mgr and pius-party-worksheet help organisers of
677 PGP keysigning parties.")
678 (license license:gpl2)
679 (home-page "https://www.phildev.net/pius/index.shtml")))
681 (define-public signing-party
682 ;; Upstream moved from alioth.debian.org to salsa.debian.org but the
683 ;; automatic svn import did not preserve tags apparently, so there's no real
685 (let ((commit "d6f2296325605ee96ddf9f5b156e5e3f667a6df3")
688 (name "signing-party")
689 (version (git-version "2.6" revision commit))
690 (home-page "https://salsa.debian.org/stappers/pgp-tools")
698 "00f7zasbwcbjzd92br2j10pyjxv0aw1qb4540qfz2dxzxgmdscrz"))))
699 (build-system gnu-build-system)
701 `(("autoconf" ,autoconf-wrapper)
702 ("automake" ,automake)))
703 (inputs `(("perl" ,perl)
704 ("perl-text-template" ,perl-text-template)
705 ("perl-mime-tools" ,perl-mime-tools)
706 ("perl-gnupg-interface" ,perl-gnupg-interface)
707 ("perl-net-idn-encode" ,perl-net-idn-encode)
712 (modify-phases %standard-phases
714 (lambda* (#:key outputs #:allow-other-keys)
715 (let ((out (assoc-ref outputs "out")))
716 (substitute* "keyanalyze/Makefile"
717 (("LDLIBS") (string-append "CC=" (which "gcc") "\nLDLIBS")))
718 (substitute* "keyanalyze/Makefile"
719 (("\\./configure") (string-append "./configure --prefix=" out)))
720 (substitute* "gpgwrap/Makefile"
722 (string-append "} clean\ninstall:\n\tinstall -D bin/gpgwrap "
723 out "/bin/gpgwrap\n")))
724 (substitute* '("gpgsigs/Makefile" "keyanalyze/Makefile"
725 "keylookup/Makefile" "sig2dot/Makefile"
726 "springgraph/Makefile")
728 (setenv "CONFIG_SHELL" (which "sh")))))
730 (lambda* (#:key outputs #:allow-other-keys #:rest args)
731 (let ((out (assoc-ref outputs "out"))
732 (install (assoc-ref %standard-phases 'install)))
736 (copy-file (string-append dir "/" file)
737 (string-append out "/bin/" file)))
738 '("caff" "caff" "caff" "gpgdir" "gpg-key2ps"
739 "gpglist" "gpg-mailkeys" "gpgparticipants")
740 '("caff" "pgp-clean" "pgp-fixkey" "gpgdir" "gpg-key2ps"
741 "gpglist" "gpg-mailkeys" "gpgparticipants"))
744 (copy-file (string-append dir "/" file)
745 (string-append out "/share/man/man1/" file)))
746 '("caff" "caff" "caff" "gpgdir"
747 "gpg-key2ps" "gpglist" "gpg-mailkeys"
748 "gpgparticipants" "gpgsigs" "gpgwrap/doc"
749 "keyanalyze" "keyanalyze/pgpring" "keyanalyze")
750 '("caff.1" "pgp-clean.1" "pgp-fixkey.1" "gpgdir.1"
751 "gpg-key2ps.1" "gpglist.1" "gpg-mailkeys.1"
752 "gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
753 "process_keys.1" "pgpring.1" "keyanalyze.1")))))
754 (add-after 'install 'wrap-programs
755 (lambda* (#:key outputs #:allow-other-keys)
756 (let* ((out (assoc-ref outputs "out")))
758 (string-append out "/bin/caff")
759 `("PERL5LIB" ":" prefix (,(getenv "PERL5LIB"))))))))))
760 (synopsis "Collection of scripts for simplifying gnupg key signing")
762 "Signing-party is a collection for all kinds of PGP/GnuPG related things,
763 including tools for signing keys, keyring analysis, and party preparation.
765 @item caff: CA - Fire and Forget signs and mails a key
766 @item pgp-clean: removes all non-self signatures from key
767 @item pgp-fixkey: removes broken packets from keys
768 @item gpg-mailkeys: simply mail out a signed key to its owner
769 @item gpg-key2ps: generate PostScript file with fingerprint paper strips
770 @item gpgdir: recursive directory encryption tool
771 @item gpglist: show who signed which of your UIDs
772 @item gpgsigs: annotates list of GnuPG keys with already done signatures
773 @item gpgparticipants: create list of party participants for the organiser
774 @item gpgwrap: a passphrase wrapper
775 @item keyanalyze: minimum signing distance (MSD) analysis on keyrings
776 @item keylookup: ncurses wrapper around gpg --search
777 @item sig2dot: converts a list of GnuPG signatures to a .dot file
778 @item springgraph: creates a graph from a .dot file
780 ;; gpl2+ for almost all programs, except for keyanalyze: gpl2
781 ;; and caff and gpgsigs: bsd-3, see
782 ;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
783 (license license:gpl2))))
785 (define-public pinentry-tty
787 (name "pinentry-tty")
791 (uri (string-append "mirror://gnupg/pinentry/pinentry-"
795 "0w35ypl960pczg5kp6km3dyr000m1hf0vpwwlh72jjkjza36c1v8"))))
796 (build-system gnu-build-system)
798 `(#:configure-flags '("--enable-pinentry-tty")))
800 `(("ncurses" ,ncurses)
801 ("libassuan" ,libassuan)
802 ("libsecret" ,libsecret "out")))
804 `(("pkg-config" ,pkg-config)))
805 (home-page "https://gnupg.org/aegypten2/")
806 (synopsis "GnuPG's interface to passphrase input")
808 "Pinentry provides a console that allows users to enter a passphrase when
809 @code{gpg} is run and needs it.")
810 (license license:gpl2+)
811 (properties '((ftp-server . "ftp.gnupg.org")
812 (ftp-directory . "/gcrypt/pinentry")
813 (upstream-name . "pinentry")))))
815 (define-public pinentry-emacs
817 (inherit pinentry-tty)
818 (name "pinentry-emacs")
820 `(#:configure-flags '("--enable-pinentry-emacs")))
822 "Pinentry provides a console and an Emacs interface that allows users to
823 enter a passphrase when required by @code{gpg} or other software.")))
825 (define-public pinentry-gtk2
827 (inherit pinentry-tty)
828 (name "pinentry-gtk2")
832 ,@(package-inputs pinentry-tty)))
834 "Pinentry provides a console and a GTK+ GUI that allows users to enter a
835 passphrase when @code{gpg} is run and needs it.")))
837 (define-public pinentry-gnome3
839 (inherit pinentry-tty)
840 (name "pinentry-gnome3")
845 ,@(package-inputs pinentry-tty)))
847 `(#:configure-flags '("--enable-pinentry-gnome3")))
849 "Pinentry provides a console and a GUI designed for use with GNOME@tie{}3
850 that allows users to enter a passphrase when required by @code{gpg} or other
853 (define-public pinentry-qt
855 (inherit pinentry-tty)
859 ,@(package-inputs pinentry-tty)))
861 `(#:configure-flags '("CXXFLAGS=-std=gnu++11")))
863 "Pinentry provides a console and a Qt GUI that allows users to enter a
864 passphrase when @code{gpg} is run and needs it.")))
866 (define-public pinentry
867 (package (inherit pinentry-gtk2)
870 (define-public paperkey
876 (uri (string-append "http://www.jabberwocky.com/"
877 "software/paperkey/paperkey-"
881 "1prd2jaf4zjad3xhv160hmi5n408ssljfg7iz90jxs9w111pjwy4"))))
882 (build-system gnu-build-system)
885 (modify-phases %standard-phases
886 (add-before 'check 'patch-check-scripts
888 (substitute* '("checks/roundtrip.sh"
889 "checks/roundtrip-raw.sh")
890 (("/bin/echo") "echo"))
892 (home-page "http://www.jabberwocky.com/software/paperkey/")
893 (synopsis "Backup OpenPGP keys to paper")
895 "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
896 for printing with paper and ink, which have amazingly long retention
897 qualities. To reconstruct a secret key, you re-enter those
898 bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
899 them to transform your existing public key into a secret key.")
900 (license license:gpl2+)))
908 (uri (string-append "mirror://gnupg/gpa/"
909 name "-" version ".tar.bz2"))
912 "09xphbi2456qynwqq5n0yh0zdmdi2ggrj3wk4hsyh5lrzlvcrff3"))))
913 (build-system gnu-build-system)
915 `(("pkg-config" ,pkg-config)))
919 ("libassuan" ,libassuan)
920 ("libgpg-error" ,libgpg-error)
922 (home-page "https://gnupg.org/software/gpa/")
923 (synopsis "Graphical user interface for GnuPG")
925 "GPA, the GNU Privacy Assistant, is a graphical user interface for
926 @uref{https://gnupg.org, GnuPG}. It can be used to encrypt, decrypt, and sign
927 files, to verify signatures, and to manage the private and public keys.")
928 (license license:gpl3+)))
930 (define-public parcimonie
936 (uri (string-append "https://gaffer.ptitcanardnoir.org/"
937 "intrigeri/files/parcimonie/App-Parcimonie-"
941 "1kf891117s1f3k6lxvbjdb21va9gxh29vlp9bd664ssgw266rcyb"))))
942 (build-system perl-build-system)
944 `(("gnupg" ,gnupg-1) ; This is the version used by perl-gnupg-interface
945 ("perl-config-general" ,perl-config-general)
946 ("perl-clone" ,perl-clone)
947 ("perl-data" ,perl-data)
948 ("perl-exporter-tiny" ,perl-exporter-tiny)
949 ("perl-file-homedir" ,perl-file-homedir)
950 ("perl-file-sharedir" ,perl-file-sharedir)
951 ("perl-file-which" ,perl-file-which)
952 ("perl-getopt-long-descriptive" ,perl-getopt-long-descriptive)
953 ("perl-gnupg-interface" ,perl-gnupg-interface)
954 ("perl-ipc-system-simple" ,perl-ipc-system-simple)
955 ("perl-list-moreutils" ,perl-list-moreutils)
956 ("perl-libintl-perl" ,perl-libintl-perl) ; Locale::TextDomain
957 ("perl-lwp-online" ,perl-lwp-online)
958 ("perl-module-build" ,perl-module-build)
959 ("perl-module-pluggable-object" ,perl-module-pluggable)
960 ("perl-moo" ,perl-moo)
961 ("perl-moox-handlesvia" ,perl-moox-handlesvia)
962 ("perl-moox-late" ,perl-moox-late)
963 ("perl-moox-options" ,perl-moox-options)
964 ("perl-namespace-clean" ,perl-namespace-clean)
965 ("perl-net-dbus" ,perl-net-dbus)
966 ("perl-net-dbus-glib" ,perl-net-dbus-glib)
967 ("perl-path-tiny" ,perl-path-tiny)
968 ("perl-test-most" ,perl-test-most)
969 ("perl-test-trap" ,perl-test-trap)
970 ("perl-time-duration" ,perl-time-duration)
971 ("perl-time-duration-parse" ,perl-time-duration-parse)
972 ("perl-try-tiny" ,perl-try-tiny)
973 ("perl-type-tiny" ,perl-type-tiny)
974 ("perl-types-path-tiny" ,perl-types-path-tiny)
975 ("perl-unicode-linebreak" ,perl-unicode-linebreak)
976 ("perl-xml-parser" ,perl-xml-parser)
977 ("perl-xml-twig" ,perl-xml-twig)
978 ("torsocks" ,torsocks)))
981 (modify-phases %standard-phases
982 ;; Needed for using gpg-connect-agent during tests.
983 (add-before 'check 'set-HOME
984 (lambda _ (setenv "HOME" "/tmp") #t))
985 (add-before 'install 'fix-references
986 (lambda* (#:key inputs outputs #:allow-other-keys)
987 (substitute* "lib/App/Parcimonie/GnuPG/Interface.pm"
989 ;; Skip check whether dependencies are in the PATH
990 (("defined which.*") "")
991 (("call\\('parcimonie-torified-gpg'\\)")
992 (string-append "call('" (assoc-ref outputs "out")
993 "/bin/parcimonie-torified-gpg')")))
994 (substitute* "bin/parcimonie-torified-gpg"
995 (("torsocks") (string-append (assoc-ref inputs "torsocks")
998 (add-after 'install 'wrap-program
999 (lambda* (#:key inputs outputs #:allow-other-keys)
1000 (let* ((out (assoc-ref outputs "out"))
1001 (perllib (string-append out "/lib/perl5/site_perl/"
1002 ,(package-version perl))))
1003 (wrap-program (string-append out "/bin/parcimonie")
1005 prefix (,(string-append perllib ":" (getenv "PERL5LIB")))))
1007 (home-page "https://gaffer.ptitcanardnoir.org/intrigeri/code/parcimonie/")
1008 (synopsis "Incrementally refreshes a GnuPG keyring")
1009 (description "Parcimonie incrementaly refreshes a GnuPG keyring in a way
1010 that makes it hard to correlate the keyring content to an individual, and
1011 makes it hard to locate an individual based on an identifying subset of her
1012 keyring content. Parcimonie is a daemon that fetches one key at a time using
1013 the Tor network, waits a bit, changes the Tor circuit being used, and starts
1015 (license license:gpl1+)))
1017 (define-public jetring
1024 (uri (string-append "mirror://debian/pool/main/j/" name "/"
1025 name "_" version ".tar.xz"))
1028 "0jy0x5zj7v87xgyldlsx1knzp0mv10wzamblrw1b61i2m1ii4pxz"))))
1029 (build-system gnu-build-system)
1032 (modify-phases %standard-phases
1033 (delete 'configure) ; no configure script
1034 (add-before 'install 'hardlink-gnupg
1035 (lambda* (#:key inputs #:allow-other-keys)
1036 (let ((gpg (string-append (assoc-ref inputs "gnupg")
1038 (substitute* (find-files "." "jetring-[[:alpha:]]+$")
1039 (("gpg -") (string-append gpg " -"))
1040 (("\\\"gpg\\\"") (string-append "\"" gpg "\"")))
1043 (lambda* (#:key outputs #:allow-other-keys)
1044 (let* ((out (assoc-ref outputs "out"))
1045 (man (string-append out "/share/man")))
1046 (for-each (lambda (file)
1047 (install-file file (string-append out "/bin/")))
1048 (find-files "." "jetring-[[:alpha:]]+$"))
1049 (for-each (lambda (file)
1050 (install-file file (string-append man "/man1/")))
1051 (find-files "." ".*\\.1$"))
1052 (install-file "jetring.7" (string-append man "/man7/"))
1054 #:tests? #f)) ; no test phase
1058 (home-page "https://joeyh.name/code/jetring/")
1059 (synopsis "GnuPG keyring maintenance using changesets")
1061 "Jetring is a collection of tools that allow for gpg keyrings to be
1062 maintained using changesets. It was developed with the Debian keyring in mind,
1063 and aims to solve the problem that a gpg keyring is a binary blob that's hard
1064 for multiple people to collaboratively edit.
1066 With jetring, changesets can be submitted, reviewed to see exactly what they
1067 will do, applied, and used to build a keyring. The origin of every change made
1068 to the keyring is available for auditing, and gpg signatures can be used for
1069 integrity guarantees.")
1070 (license license:gpl2+)))