gnu: emacs-svg-icon: Fix grammar.

[jackhill/guix/guix.git] / gnu / packages / certs.scm

diff --git a/gnu/packages/certs.scm b/gnu/packages/certs.scm
index f472601..9dcd733 100644 (file)
--- a/gnu/packages/certs.scm
+++ b/gnu/packages/certs.scm
@@ -76,7 +76,7 @@
 (define-public nss-certs
   (package
     (name "nss-certs")
-    (version "3.46.1")
+    (version "3.59")
     (source (origin
               (method url-fetch)
               (uri (let ((version-with-underscores
@@ -87,7 +87,7 @@
                       "nss-" version ".tar.gz")))
               (sha256
                (base32
-                "0l9ns44rlkp1bpblplspfbqmyhb8rhvc89y56kqh725rgpny1xrv"))))
+                "096fs3z21r171q24ca3rq53p1389xmvqz1f2rpm7nlm8r9s82ag6"))))
     (build-system gnu-build-system)
     (outputs '("out"))
     (native-inputs
@@ -147,7 +147,7 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
 (define-public le-certs
   (package
     (name "le-certs")
-    (version "0")
+    (version "1")
     (source #f)
     (build-system trivial-build-system)
     (arguments
@@ -155,9 +155,12 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
        #:builder
        (begin
          (use-modules (guix build utils))
-         (let ((root (assoc-ref %build-inputs "isrgrootx1.pem"))
-               (intermediate (assoc-ref %build-inputs "letsencryptauthorityx3.pem"))
-               (backup (assoc-ref %build-inputs "letsencryptauthorityx4.pem"))
+         (let ((root-rsa (assoc-ref %build-inputs "isrgrootx1.pem"))
+               (root-ecdsa (assoc-ref %build-inputs "isrgrootx2.pem"))
+               (intermediate-rsa (assoc-ref %build-inputs "letsencryptauthorityr3.pem"))
+               (intermediate-ecdsa (assoc-ref %build-inputs "letsencryptauthoritye1.pem"))
+               (backup-rsa (assoc-ref %build-inputs "letsencryptauthorityr4.pem"))
+               (backup-ecdsa (assoc-ref %build-inputs "letsencryptauthoritye2.pem"))
                (out (string-append (assoc-ref %outputs "out") "/etc/ssl/certs"))
                (openssl (assoc-ref %build-inputs "openssl"))
                (perl (assoc-ref %build-inputs "perl")))
@@ -166,7 +169,9 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
              (lambda (cert)
                (copy-file cert (string-append out "/"
                                               (strip-store-file-name cert))))
-             (list root intermediate backup))
+             (list root-rsa root-ecdsa
+                   intermediate-rsa intermediate-ecdsa
+                   backup-rsa backup-ecdsa))
 
            ;; Create hash symlinks suitable for OpenSSL ('SSL_CERT_DIR' and
            ;; similar.)
@@ -185,27 +190,56 @@ taken from the NSS package and thus ultimately from the Mozilla project.")
            (uri "https://letsencrypt.org/certs/isrgrootx1.pem")
            (sha256
             (base32
-             "0zycy85ff9ga53z1q03df89ka9iihb9p8bjhw056rq2y4rn3b6ac"))))
-       ;; "Let’s Encrypt Authority X3", the active Let's Encrypt intermediate
-       ;; certificate.
-       ("letsencryptauthorityx3.pem"
+             "1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92"))))
+      ; Upcoming ECDSA Let's Encrypt root certificate, "ISRG Root X2"
+      ; Let's Encrypt describes it as "Active, limited availability"
+      ("isrgrootx2.pem"
         ,(origin
            (method url-fetch)
-           (uri "https://letsencrypt.org/certs/letsencryptauthorityx3.pem")
+           (uri "https://letsencrypt.org/certs/isrg-root-x2.pem")
            (sha256
             (base32
-             "1kvac1dhm1d02bhrfj6l1cz1dpldz6ishb78zzvy8245zgvh7pdn"))))
-       ;; "Let’s Encrypt Authority X4", the backup Let's Encrypt intermediate
-       ;; certificate.  This will be used for disaster recovery and will only be
-       ;; used should Let's Encrypt lose the ability to issue with "Let’s
-       ;; Encrypt Authority X3".
-       ("letsencryptauthorityx4.pem"
-        ,(origin
-           (method url-fetch)
-           (uri "https://letsencrypt.org/certs/letsencryptauthorityx4.pem")
-           (sha256
-            (base32
-             "0giiixknr0mls2ir6qqzb42mq7x9a7vz79gbn7fjszbf87pqhpzm"))))))
+             "04xh8912nwkghqydbqvvmslpqbcafgxgjh9qnn0z2vgy24g8hgd1"))))
+      ;; "Let’s Encrypt Authority R3", the active Let's Encrypt intermediate
+      ;; RSA certificate.
+      ("letsencryptauthorityr3.pem"
+       ,(origin
+          (method url-fetch)
+          (uri "https://letsencrypt.org/certs/lets-encrypt-r3.pem")
+          (sha256
+           (base32
+            "0clxry49rx6qd3pgbzknpgzywbg3j96zy0227wwjnwivqj7inzhp"))))
+      ;; "Let’s Encrypt Authority E1", the active Let's Encrypt intermediate
+      ;; ECDSA certificate.
+      ("letsencryptauthoritye1.pem"
+       ,(origin
+          (method url-fetch)
+          (uri "https://letsencrypt.org/certs/lets-encrypt-e1.pem")
+          (sha256
+           (base32
+            "1zwrc6dlk1qig0z23x6x7fib14rrw41ccbf2ds0rw75zccc59xx0"))))
+      ;; "Let’s Encrypt Authority R4", the backup Let's Encrypt intermediate
+      ;; RSA certificate.  This will be used for disaster recovery and will only be
+      ;; used should Let's Encrypt lose the ability to issue with "Let’s
+      ;; Encrypt Authority R3".
+      ("letsencryptauthorityr4.pem"
+       ,(origin
+          (method url-fetch)
+          (uri "https://letsencrypt.org/certs/lets-encrypt-r4.pem")
+          (sha256
+           (base32
+            "09bzxzbwb9x2xxan3p1fyj1pi2p5yks0879gwz5f28y9mzq8vmd8"))))
+      ;; "Let’s Encrypt Authority E2", the backup Let's Encrypt intermediate
+      ;; ECDSA certificate.  This will be used for disaster recovery and will
+      ;; only be used should Let's Encrypt lose the ability to issue with "Let’s
+      ;; Encrypt Authority E1".
+      ("letsencryptauthoritye2.pem"
+       ,(origin
+          (method url-fetch)
+          (uri "https://letsencrypt.org/certs/lets-encrypt-e2.pem")
+          (sha256
+           (base32
+            "1wfmsa29lyi9dkh6xdcamb2rhkp5yl2ppnsgrzcrjl5c7gbqh9ml"))))))
     (home-page "https://letsencrypt.org/certificates/")
     (synopsis "Let's Encrypt root and intermediate certificates")
     (description "This package provides a certificate store containing only the