;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2014 David Thompson <davet@gnu.org>
-;;; Copyright © 2015, 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2015, 2017, 2018 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016, 2017, 2018 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
+;;; Copyright © 2018 Nicolò Balzarotti <nicolo@nixo.xyz>
+;;; Copyright © 2018 Tim Gesthuizen <tim.gesthuizen@yahoo.de>
+;;; Copyright © 2019 Pierre Neidhardt <mail@ambrevar.xyz>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages attr)
#:use-module (gnu packages autotools)
#:use-module (gnu packages boost)
+ #:use-module (gnu packages check)
#:use-module (gnu packages compression)
#:use-module (gnu packages cryptsetup)
- #:use-module (gnu packages databases)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
#:use-module (gnu packages image)
+ #:use-module (gnu packages kerberos)
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
#:use-module (gnu packages linux)
#:use-module (gnu packages perl-check)
#:use-module (gnu packages pkg-config)
#:use-module (gnu packages python)
+ #:use-module (gnu packages python-xyz)
#:use-module (gnu packages readline)
#:use-module (gnu packages search)
#:use-module (gnu packages serialization)
#:use-module (gnu packages shells)
+ #:use-module (gnu packages sqlite)
#:use-module (gnu packages tcl)
#:use-module (gnu packages tls)
#:use-module (gnu packages xml)
(define-public libsodium
(package
(name "libsodium")
- (version "1.0.16")
+ (version "1.0.17")
(source (origin
(method url-fetch)
(uri (list (string-append
"releases/old/libsodium-" version ".tar.gz")))
(sha256
(base32
- "0cq5pn7qcib7q70mm1lgjwj75xdxix27v0xl1xl0kvxww7hwgbgf"))))
+ "1cf2d9v1gylz1qcy2zappbf526qfmph6gd6fnn3w2b347vixmhqc"))))
(build-system gnu-build-system)
(synopsis "Portable NaCl-based crypto library")
(description
(define-public libmd
(package
(name "libmd")
- (version "1.0.0")
+ (version "1.0.1")
(source (origin
(method url-fetch)
(uri
version ".tar.xz")))
(sha256
(base32
- "1iv45npzv0gncjgcpx5m081861zdqxw667ysghqb8721yrlyl6pj"))))
+ "0waclg2d5qin3r26gy5jvy4584ik60njc8pqbzwk0lzq3j9ynkp1"))))
(build-system gnu-build-system)
(synopsis "Message Digest functions from BSD systems")
(description
(define-public signify
(package
(name "signify")
- (version "23")
+ (version "24")
(source (origin
(method url-fetch)
(uri (string-append "https://github.com/aperezdc/signify/"
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "0c70mzawgahsvmsv4xdrass4pgyynd67ipd9lij0fgi8wkq0ns8w"))))
+ "0594vyvkq176xxzaz9xbq8qs0xdnr8s9gkd1prblwpdvnzmw0xvc"))))
(build-system gnu-build-system)
;; TODO Build with libwaive (described in README.md), to implement something
;; like OpenBSD's pledge().
"See base64.c in the distribution for
the license from IBM.")))))
-
-(define-public opendht
- (package
- (name "opendht")
- (version "0.6.1")
- (source
- (origin
- (method url-fetch)
- (uri
- (string-append
- "https://github.com/savoirfairelinux/" name
- "/archive/" version ".tar.gz"))
- (file-name (string-append name "-" version ".tar.gz"))
- (modules '((guix build utils)))
- (snippet
- '(begin
- (delete-file-recursively "src/argon2")
- (substitute* "src/Makefile.am"
- (("./argon2/libargon2.la") "")
- (("SUBDIRS = argon2") ""))
- (substitute* "src/crypto.cpp"
- (("argon2/argon2.h") "argon2.h"))
- (substitute* "configure.ac"
- (("src/argon2/Makefile") ""))
- #t))
- (sha256
- (base32
- "09yvkmbqbym3b5md4n96qc1s9sf2n8ji404hagih45rmsj49599x"))))
- (build-system gnu-build-system)
- (inputs
- `(("gnutls" ,gnutls)
- ("nettle" ,nettle)
- ("readline" ,readline)
- ("argon2" ,argon2)))
- (propagated-inputs
- `(("msgpack" ,msgpack))) ;included in several installed headers
- (native-inputs
- `(("autoconf" ,autoconf)
- ("pkg-config" ,pkg-config)
- ("automake" ,automake)
- ("libtool" ,libtool)))
- (arguments
- `(#:configure-flags '("--disable-tools" "--disable-python")
- #:phases (modify-phases %standard-phases
- (add-after 'unpack 'autoconf
- (lambda _
- (zero? (system* "autoreconf" "-vfi")))))))
- (home-page "https://github.com/savoirfairelinux/opendht/")
- (synopsis "Distributed Hash Table (DHT) library")
- (description "OpenDHT is a Distributed Hash Table (DHT) library. It may
-be used to manage peer-to-peer network connections as needed for real time
-communication.")
- (license license:gpl3)))
-
(define-public encfs
(package
(name "encfs")
- (version "1.9.1")
+ (version "1.9.5")
(source
(origin
(method url-fetch)
version "/encfs-" version ".tar.gz"))
(sha256
(base32
- "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837"))
+ "0qzxavvv20577bxvly8s7d3y7bqasqclc2mllp0ddfncjm9z02a7"))
(modules '((guix build utils)))
;; Remove bundled dependencies in favour of proper inputs.
(snippet '(begin
(for-each delete-file-recursively
- (find-files "internal" "^tinyxml2-[0-9]"
- #:directories? #t))
+ '("vendor/github.com/leethomason/tinyxml2"
+ "vendor/github.com/google/googletest"))
#t))))
(build-system cmake-build-system)
(native-inputs
;; Test dependencies.
("expect" ,expect)
+ ("googletest-source" ,(package-source googletest))
("perl" ,perl)))
(inputs
`(("attr" ,attr)
("openssl" ,openssl)
("tinyxml2" ,tinyxml2)))
(arguments
- `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")))
+ `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF")
+ #:phases
+ (modify-phases %standard-phases
+ (add-after 'unpack 'unpack-googletest
+ (lambda* (#:key inputs #:allow-other-keys)
+ (mkdir-p "vendor/github.com/google/googletest")
+ (invoke "tar" "xvf" (assoc-ref inputs "googletest-source")
+ "-C" "vendor/github.com/google/googletest"
+ "--strip-components=1")))
+ (add-before 'check 'make-unittests
+ (lambda _
+ (invoke "make" "unittests"))))))
(home-page "https://vgough.github.io/encfs")
(synopsis "Encrypted virtual file system")
(description
(define-public keyutils
(package
(name "keyutils")
- (version "1.5.10")
+ (version "1.5.11")
(source
(origin
(method url-fetch)
version ".tar.bz2"))
(sha256
(base32
- "1dmgjcf7mnwc6h72xkvpaqpzxw8vmlnsmzz0s27pg0giwzm3sp0i"))
+ "1ddig6j5xjyk6g9l2wlqc7k1cgvryxdqbsv3c9rk1p3f42448n0i"))
(modules '((guix build utils)))
- ;; Create relative symbolic links instead of absolute ones to /lib/*
+ ;; Create relative symbolic links instead of absolute ones to /lib/*.
(snippet '(begin
(substitute* "Makefile" (("\\$\\(LNS\\) \\$\\(LIBDIR\\)/")
"$(LNS) "))
"MANDIR=/share/man"
"SHAREDIR=/share/keyutils")
#:test-target "test"))
+ (inputs
+ `(("mit-krb5" ,mit-krb5)))
(home-page "https://people.redhat.com/dhowells/keyutils/")
(synopsis "Linux key management utilities")
(description
(define-public tomb
(package
(name "tomb")
- (version "2.4")
+ (version "2.5")
(source (origin
(method url-fetch)
(uri (string-append "https://files.dyne.org/tomb/"
"Tomb-" version ".tar.gz"))
(sha256
(base32
- "1hv1w79as7swqj0n137vz8n8mwvcgwlvd91sdyssz41jarg7f1vr"))))
+ "12c6qldngaw520gvb02inzkhnxbl4k0dwmddrgnaf7xashy6j0wc"))))
(build-system gnu-build-system)
(native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
(inputs
("mlocate" ,mlocate)
("pinentry" ,pinentry)
("qrencode" ,qrencode)
- ("steghide" ,steghide)))
+ ("steghide" ,steghide)
+ ("util-linux" ,util-linux)))
(arguments
`(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
;; TODO: Build and install gtk and qt trays
(error "program not found:" program)))
'("seq" "mkfs.ext4" "pinentry" "sudo"
"gpg" "cryptsetup" "gettext"
- "qrencode" "steghide")))))
+ "qrencode" "steghide" "findmnt")))))
#t)))
(delete 'check)
(add-after 'wrap 'check
attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
(license license:bsd-2)))
+(define-public libscrypt
+ (package
+ (name "libscrypt")
+ (version "1.21")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/technion/libscrypt.git")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1d76ys6cp7fi4ng1w3mz2l0p9dbr7ljbk33dcywyimzjz8bahdng"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:make-flags (list (string-append "PREFIX=" %output)
+ "CC=gcc")
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure))))
+ (home-page "https://lolware.net/libscrypt.html")
+ (synopsis "Password hashing library")
+ (description "@code{libscrypt} implements @code{scrypt} key derivation
+function. It is designed to be far more secure against hardware brute-force
+attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.")
+ (license license:bsd-3)))
+
(define-public perl-math-random-isaac-xs
(package
(name "perl-math-random-isaac-xs")
(native-inputs
`(("perl-module-build" ,perl-module-build)
("perl-test-nowarnings" ,perl-test-nowarnings)))
- (home-page "http://search.cpan.org/dist/Math-Random-ISAAC-XS")
+ (home-page "https://metacpan.org/release/Math-Random-ISAAC-XS")
(synopsis "C implementation of the ISAAC PRNG algorithm")
(description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
fast pseudo-random number generator. It is suitable for applications where a
`(("perl-test-nowarnings" ,perl-test-nowarnings)))
(propagated-inputs
`(("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)))
- (home-page "http://search.cpan.org/dist/Math-Random-ISAAC")
+ (home-page "https://metacpan.org/release/Math-Random-ISAAC")
(synopsis "Perl interface to the ISAAC PRNG algorithm")
(description "ISAAC (Indirection, Shift, Accumulate, Add, and Count) is a
fast pseudo-random number generator. It is suitable for applications where a
("perl-namespace-clean" ,perl-namespace-clean)
("perl-sub-exporter" ,perl-sub-exporter)
("perl-type-tiny" ,perl-type-tiny)))
- (home-page "http://search.cpan.org/dist/Crypt-Random-Source")
+ (home-page "https://metacpan.org/release/Crypt-Random-Source")
(synopsis "Get weak or strong random data from pluggable sources")
(description "This module provides implementations for a number of
byte-oriented sources of random data.")
("perl-math-random-isaac" ,perl-math-random-isaac)
("perl-math-random-isaac-xs" ,perl-math-random-isaac-xs)
("perl-moo" ,perl-moo)))
- (home-page "http://search.cpan.org/dist/Math-Random-Secure")
+ (home-page "https://metacpan.org/release/Math-Random-Secure")
(synopsis "Cryptographically secure replacement for rand()")
(description "This module is intended to provide a
cryptographically-secure replacement for Perl's built-in @code{rand} function.
(define-public crypto++
(package
(name "crypto++")
- (version "6.0.0")
+ (version "8.0.0")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append "https://cryptopp.com/cryptopp"
".zip"))
(sha256
(base32
- "1nidm6xbdza5cbgf5md2zznmaq692rfyjasycwipl6rzdfwjvb34"))))
+ "0b5qrsm4jhy4nzxgrm13nixhvbswr242plx1jw6r4sw492rqkzdv"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags
- (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
+ (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ ;; Override "/sbin/ldconfig" with simply "echo" since
+ ;; we don't need ldconfig(8).
+ "LDCONF=echo")
#:phases
(modify-phases %standard-phases
(add-after 'unpack 'disable-native-optimisation
(substitute* "GNUmakefile"
((" -march=native") ""))
#t))
- (delete 'configure))))
+ (delete 'configure)
+ (add-after 'build 'build-shared
+ (lambda _
+ ;; By default, only the static library is built.
+ (invoke "make" "shared")))
+ (add-after 'install 'install-pkg-config
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (pkg-dir (string-append out "/lib/pkgconfig")))
+ (mkdir-p pkg-dir)
+ (with-output-to-file (string-append pkg-dir "/libcrypto++.pc")
+ (lambda _
+ (display
+ (string-append
+ "prefix=" out "\n"
+ "libdir=" out "/lib\n"
+ "includedir=" out "/include\n\n"
+ "Name: libcrypto++-" ,version "\n"
+ "Description: Class library of cryptographic schemes"
+ "Version: " ,version "\n"
+ "Libs: -L${libdir} -lcryptopp\n"
+ "Cflags: -I${includedir}\n"))))))))))
(native-inputs
`(("unzip" ,unzip)))
(home-page "https://cryptopp.com/")
(license (list license:boost1.0 license:public-domain))))
(define-public libb2
- (let ((revision "1") ; upstream doesn't ‘do’ releases
- (commit "60ea749837362c226e8501718f505ab138e5c19d"))
- (package
- (name "libb2")
- (version (git-version "0.0.0" revision commit))
- (source (origin
- (method git-fetch)
- (uri (git-reference
- (url "https://github.com/BLAKE2/libb2")
- (commit commit)))
- (file-name (git-file-name name version))
- (sha256
- (base32
- "07a2m8basxrsj9dsp5lj24y8jraj85lfy56756a7za1nfkgy04z7"))))
- (build-system gnu-build-system)
- (native-inputs
- `(("autoconf" ,autoconf)
- ("automake" ,automake)
- ("libtool" ,libtool)))
- (arguments
- `(#:configure-flags
- (list
- ,@(if (any (cute string-prefix? <> (or (%current-system)
- (%current-target-system)))
- '("x86_64" "i686"))
- ;; fat only checks for Intel optimisations
- '("--enable-fat")
- '())
- "--disable-native"))) ;don't optimise at build time
- (home-page "https://blake2.net/")
- (synopsis "Library implementing the BLAKE2 family of hash functions")
- (description
- "libb2 is a portable implementation of the BLAKE2 family of cryptographic
+ (package
+ (name "libb2")
+ (version "0.98")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://github.com/BLAKE2/libb2/releases/download/v"
+ version "/libb2-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0vq39cvwy05754l565xl11rqr2jvjb6ykjzca886vi9vm71y0sg8"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list
+ ,@(if (any (cute string-prefix? <> (or (%current-system)
+ (%current-target-system)))
+ '("x86_64" "i686"))
+ ;; fat only checks for Intel optimisations
+ '("--enable-fat")
+ '())
+ "--disable-native"))) ;don't optimise at build time
+ (home-page "https://blake2.net/")
+ (synopsis "Library implementing the BLAKE2 family of hash functions")
+ (description
+ "libb2 is a portable implementation of the BLAKE2 family of cryptographic
hash functions. It includes optimised implementations for IA-32 and AMD64
processors, and an interface layer that automatically selects the best
implementation for the processor it is run on.
that are faster than MD5, SHA-1, SHA-2, and SHA-3, yet are at least as secure
as the latest standard, SHA-3. It is an improved version of the SHA-3 finalist
BLAKE.")
- (license license:public-domain))))
+ (license license:public-domain)))
(define-public rhash
(package
(define-public botan
(package
(name "botan")
- (version "2.5.0")
+ (version "2.7.0")
(source (origin
(method url-fetch)
(uri (string-append "https://botan.randombit.net/releases/"
"Botan-" version ".tgz"))
(sha256
(base32
- "06zvwknhwfrkdvq2sybqbqhnd2d4nq2cszlnsddql13z7vh1z8xq"))))
+ "142aqabwc266jxn8wrp0f1ffrmcvdxwvyh8frb38hx9iaqazjbg4"))))
(build-system gnu-build-system)
(arguments
'(#:phases
using ctypes is included, and several other language bindings are available.")
(home-page "https://botan.randombit.net")
(license license:bsd-2)))
+
+(define-public ccrypt
+ (package
+ (name "ccrypt")
+ (version "1.11")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://sourceforge/ccrypt/"
+ version "/ccrypt-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0kx4a5mhmp73ljknl2lcccmw9z3f5y8lqw0ghaymzvln1984g75i"))))
+ (build-system gnu-build-system)
+ (home-page "http://ccrypt.sourceforge.net")
+ (synopsis "Command-line utility for encrypting and decrypting files and streams")
+ (description "@command{ccrypt} is a utility for encrypting and decrypting
+files and streams. It was designed as a replacement for the standard unix
+@command{crypt} utility, which is notorious for using a very weak encryption
+algorithm. @command{ccrypt} is based on the Rijndael block cipher, a version of
+which is also used in the Advanced Encryption Standard (AES, see
+@url{http://www.nist.gov/aes}). This cipher is believed to provide very strong
+security.")
+ (license license:gpl2)))
+
+(define-public asignify
+ (let ((commit "f58e7977a599f040797975d649ed318e25cbd2d5")
+ (revision "0"))
+ (package
+ (name "asignify")
+ (version (git-version "1.1" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/vstakhov/asignify.git")
+ (commit commit)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "1zl68qq6js6fdahxzyhvhrpyrwlv8c2zhdplycnfxyr1ckkhq8dw"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:configure-flags
+ (list "--enable-openssl"
+ (string-append "--with-openssl="
+ (assoc-ref %build-inputs "openssl")))))
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (inputs
+ `(("openssl" ,openssl-next)))
+ (home-page "https://github.com/vstakhov/asignify")
+ (synopsis "Cryptographic authentication and encryption tool and library")
+ (description "Asignify offers public cryptographic signatures and
+encryption with a library or a command-line tool. The tool is heavily inspired
+by signify as used in OpenBSD. The main goal of this project is to define a
+high level API for signing files, validating signatures and encrypting using
+public-key cryptography. Asignify is designed to be portable and self-contained
+with zero external dependencies. Asignify can verify OpenBSD signatures, but it
+cannot sign messages in OpenBSD format yet.")
+ (license license:bsd-2))))
+
+(define-public enchive
+ (package
+ (name "enchive")
+ (version "3.4")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/skeeto/" name "/archive/"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "17hrxpp4cpn10bk48sfvfjc8hghky34agsnypam1v9f36kbalqfk"))
+ (file-name (string-append name "-" version ".tar.gz"))))
+ (build-system gnu-build-system)
+ (arguments
+ '(#:tests? #f ; no check target '
+ #:make-flags (list "CC=gcc" "PREFIX=$(out)")
+ #:phases (modify-phases %standard-phases
+ (delete 'configure)
+ (add-after 'install 'post-install
+ (lambda _
+ (let* ((out (assoc-ref %outputs "out"))
+ (lisp (string-append out "/share/emacs/site-lisp")))
+ (install-file "enchive-mode.el" lisp)
+ #t))))))
+ (synopsis "Encrypted personal archives")
+ (description
+ "Enchive is a tool to encrypt files to yourself for long-term
+archival. It's a focused, simple alternative to more complex solutions such as
+GnuPG or encrypted filesystems. Enchive has no external dependencies and is
+trivial to build for local use. Portability is emphasized over performance.")
+ (home-page "https://github.com/skeeto/enchive")
+ (license license:unlicense)))
+
+(define-public libsecp256k1
+ (let ((commit "e34ceb333b1c0e6f4115ecbb80c632ac1042fa49"))
+ (package
+ (name "libsecp256k1")
+ (version (git-version "20181126" "1" commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/bitcoin-core/secp256k1")
+ (commit commit)))
+ (sha256
+ (base32
+ "0as78s179hcr3ysk3fw98k5wzabgnwri7vkkc17wg31lyz6ids6c"))
+ (file-name (git-file-name name version))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ ;; WARNING: This package might need additional configure flags to run properly.
+ ;; See https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/libsecp256k1.
+ (synopsis "C library for EC operations on curve secp256k1")
+ (description
+ "Optimized C library for EC operations on curve secp256k1.
+
+This library is a work in progress and is being used to research best
+practices. Use at your own risk.
+
+Features:
+
+@itemize
+@item secp256k1 ECDSA signing/verification and key generation.
+@item Adding/multiplying private/public keys.
+@item Serialization/parsing of private keys, public keys, signatures.
+@item Constant time, constant memory access signing and pubkey generation.
+@item Derandomized DSA (via RFC6979 or with a caller provided function.)
+@item Very efficient implementation.
+@end itemize\n")
+ (home-page "https://github.com/bitcoin-core/secp256k1")
+ (license license:unlicense))))
HCoop / jackhill / guix / guix.git / blobdiff