;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013 Ludovic Courtès <ludo@gnu.org>
-;;; Copyright © 2013 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2015 Andreas Enge <andreas@enge.fr>
+;;; Copyright © 2014 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015 Paul van der Walt <paul@denknerd.org>
;;;
;;; This file is part of GNU Guix.
;;;
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
(define-module (gnu packages gnupg)
- #:use-module (guix licenses)
+ #:use-module ((guix licenses) #:prefix license:)
#:use-module (gnu packages curl)
#:use-module (gnu packages openldap)
#:use-module (gnu packages perl)
#:use-module (gnu packages pth)
#:use-module (gnu packages python)
#:use-module (gnu packages readline)
- #:use-module ((gnu packages compression)
- #:renamer (symbol-prefix-proc 'guix:))
+ #:use-module (gnu packages compression)
+ #:use-module (gnu packages gtk)
+ #:use-module (gnu packages glib)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages ncurses)
+ #:use-module (gnu packages tls)
#:use-module (guix packages)
#:use-module (guix download)
- #:use-module (guix build-system gnu))
+ #:use-module (guix build-system gnu)
+ #:use-module (guix build-system python))
(define-public libgpg-error
(package
(name "libgpg-error")
- (version "1.12")
+ (version "1.19")
(source
(origin
(method url-fetch)
version ".tar.bz2"))
(sha256
(base32
- "0pz58vr12qihq2f0bypjxsb6cf6ajq5258fmfm8s6lvwm3b9xz6a"))))
+ "12wpqhjlsw4iaanifbqm2kich6c7x7lm8a7zhy6x5ifm6c9hw4jk"))))
(build-system gnu-build-system)
(home-page "http://gnupg.org")
- (synopsis
- "Libgpg-error, a small library that defines common error values for all GnuPG components")
+ (synopsis "Library of error values for GnuPG components")
(description
"Libgpg-error is a small library that defines common error values
for all GnuPG components. Among these are GPG, GPGSM, GPGME,
GPG-Agent, libgcrypt, Libksba, DirMngr, Pinentry, SmartCard
Daemon and possibly more in the future.")
- (license lgpl2.0+)))
+ (license license:lgpl2.0+)))
(define-public libgcrypt
(package
(name "libgcrypt")
- (version "1.5.3")
+ (version "1.6.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
version ".tar.bz2"))
(sha256
(base32
- "1lar8y3lh61zl5flljpz540d78g99h4d5idfwrfw8lm3gm737xdw"))))
+ "0pq2nwfqgggrsh8rk84659d80vfnlkbphwqjwahccd5fjdxr3d21"))))
(build-system gnu-build-system)
(propagated-inputs
- `(("libgpg-error" ,libgpg-error)))
+ `(("libgpg-error-host" ,libgpg-error)))
+ (native-inputs
+ ;; Needed here for the 'gpg-error' program.
+ `(("libgpg-error-native" ,libgpg-error)))
+ (arguments
+ ;; The '--with-gpg-error-prefix' argument is needed because otherwise
+ ;; 'configure' uses 'gpg-error-config' to determine the '-L' flag, and
+ ;; the 'gpg-error-config' it runs is the native one---i.e., the wrong one.
+ `(#:configure-flags
+ (list (string-append "--with-gpg-error-prefix="
+ (assoc-ref %build-inputs "libgpg-error-host")))))
+ (outputs '("out" "debug"))
(home-page "http://gnupg.org/")
(synopsis "Cryptographic function library")
(description
- "GNU Libgcrypt is a general purpose cryptographic library based on
-the code from GnuPG. It provides functions for all
-cryptographic building blocks: symmetric ciphers, hash
-algorithms, MACs, public key algorithms, large integer
-functions, random numbers and a lot of supporting functions.")
- (license lgpl2.0+)))
+ "Libgcrypt is a general-purpose cryptographic library. It provides the
+standard cryptographic building blocks such as symmetric ciphers, hash
+algorithms, public key algorithms, large integer functions and random number
+generation.")
+ (license license:lgpl2.0+)))
+
+(define-public libgcrypt-1.5
+ (package (inherit libgcrypt)
+ (version "1.5.4")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/libgcrypt/libgcrypt-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "0czvqxkzd5y872ipy6s010ifwdwv29sqbnqc4pf56sd486gqvy6m"))))))
(define-public libassuan
(package
(name "libassuan")
- (version "2.1.1")
+ (version "2.2.1")
(source
(origin
(method url-fetch)
version ".tar.bz2"))
(sha256
(base32
- "1783nb0b6nr9yjhb5wfh8ykc5w89f4anppz1kz9913mqg5vxdqi3"))))
+ "1pp2kl5gc2vja41g3wk03h1hgh7gxy6pj354fb5n4lrlg6xqb4ll"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error" ,libgpg-error) ("pth" ,pth)))
(home-page "http://gnupg.org")
(synopsis
- "Libassuan, the IPC library used by GnuPG and related software")
+ "IPC library used by GnuPG and related software")
(description
"Libassuan is a small library implementing the so-called Assuan
protocol. This protocol is used for IPC between most newer
GnuPG components. Both, server and client side functions are
provided.")
- (license lgpl2.0+)))
+ (license license:lgpl2.0+)))
(define-public libksba
(package
(name "libksba")
- (version "1.3.0")
+ (version "1.3.3")
(source
(origin
(method url-fetch)
version ".tar.bz2"))
(sha256
(base32
- "0w8rfb6yhcwkwzvjafrashcygy4hd9xwwmvlnkfd1m2h0paywqas"))))
+ "11kp3h9l3b8ikydkcdkwgx45r662zi30m26ra5llyhfh6kz5yzqc"))))
(build-system gnu-build-system)
(propagated-inputs
`(("libgpg-error" ,libgpg-error)))
+ (native-inputs
+ `(("libgpg-error" ,libgpg-error)))
+ (arguments
+ `(#:configure-flags
+ (list ,@(if (%current-target-system)
+ '("CC_FOR_BUILD=gcc")
+ '())
+ (string-append "--with-gpg-error-prefix="
+ (assoc-ref %build-inputs "libgpg-error")))))
(home-page "http://www.gnupg.org")
- (synopsis
- "Libksba is a CMS and X.509 access library under development")
+ (synopsis "CMS and X.509 access library")
(description
"KSBA (pronounced Kasbah) is a library to make X.509 certificates
as well as the CMS easily accessible by other applications. Both
specifications are building blocks of S/MIME and TLS.")
- (license gpl3+)))
+ (license license:gpl3+)))
-(define-public gnupg
+(define-public npth
(package
- (name "gnupg")
- (version "2.0.21")
+ (name "npth")
+ (version "1.2")
(source
(origin
(method url-fetch)
- (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
- ".tar.bz2"))
+ (uri (string-append
+ "mirror://gnupg/npth/npth-"
+ version ".tar.bz2"))
(sha256
(base32
- "1xgf1q1phdawk6y66haaqcvfnlsqk12jmjin1m2d5x6fqw18kpq0"))))
+ "12n0nvhw4fzwp0k7gjv3rc6pdml0qiinbbfiz4ilg6pl5kdxvnvd"))))
(build-system gnu-build-system)
+ (home-page "http://www.gnupg.org")
+ (synopsis "Non-preemptive thread library")
+ (description
+ "Npth is a library to provide the GNU Pth API and thus a non-preemptive
+threads implementation.
+
+In contrast to GNU Pth is is based on the system's standard threads
+implementation. This allows the use of libraries which are not
+compatible to GNU Pth.")
+ (license (list license:lgpl3+ license:gpl2+)))) ; dual license
+
+(define-public gnupg
+ (package
+ (name "gnupg")
+ (version "2.1.9")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
+ ".tar.bz2"))
+ (sha256
+ (base32
+ "1dpp555glln6fldk72ad7lkrn8h3cr2bg714z5kfn2qrawx67dqw"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
(inputs
- `(("bzip2" ,guix:bzip2)
+ `(("bzip2" ,bzip2)
("curl" ,curl)
+ ("gnutls" ,gnutls)
("libassuan" ,libassuan)
("libgcrypt" ,libgcrypt)
("libgpg-error" ,libgpg-error)
("libksba" ,libksba)
- ("pth" ,pth)
+ ("npth" ,npth)
("openldap" ,openldap)
- ("zlib" ,guix:zlib)
+ ("zlib" ,zlib)
("readline" ,readline)))
(arguments
`(#:phases
- (alist-replace
- 'configure
- (lambda* (#:key #:allow-other-keys #:rest args)
- (let ((configure (assoc-ref %standard-phases 'configure)))
- (substitute* "tests/openpgp/Makefile.in"
- (("/bin/sh") (which "bash")))
- (apply configure args)))
+ (alist-cons-before
+ 'configure 'patch-config-files
+ (lambda _
+ (substitute* "tests/openpgp/defs.inc"
+ (("/bin/pwd") (which "pwd"))))
%standard-phases)))
(home-page "http://gnupg.org/")
(synopsis "GNU Privacy Guard")
(description
- "GnuPG is the GNU project's complete and free implementation of
-the OpenPGP standard as defined by RFC4880. GnuPG allows to
-encrypt and sign your data and communication, features a
-versatile key managment system as well as access modules for all
-kind of public key directories. GnuPG, also known as GPG, is a
-command line tool with features for easy integration with other
-applications. A wealth of frontend applications and libraries
-are available. Version 2 of GnuPG also provides support for
-S/MIME.")
- (license gpl3+)))
+ "The GNU Privacy Guard is a complete implementation of the OpenPGP
+standard. It is used to encrypt and sign data and communication. It
+features powerful key management and the ability to access public key
+servers. It includes several libraries: libassuan (IPC between GnuPG
+components), libgpg-error (centralized GnuPG error values), and
+libskba (working with X.509 certificates and CMS data).")
+ (license license:gpl3+)))
+
+(define-public gnupg-2.0
+ (package (inherit gnupg)
+ (version "2.0.28")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
+ ".tar.bz2"))
+ (sha256
+ (base32
+ "0k2k399fnhfhhr4dvm8d6vs4ihq6gg06191lzfwikzaqmgj2w2ff"))))
+ (native-inputs '())
+ (inputs
+ `(("bzip2" ,bzip2)
+ ("curl" ,curl)
+ ("libassuan" ,libassuan)
+ ("libgcrypt" ,libgcrypt)
+ ("libgpg-error" ,libgpg-error)
+ ("libksba" ,libksba)
+ ("pth" ,pth)
+ ("openldap" ,openldap)
+ ("zlib" ,zlib)
+ ("readline" ,readline)))
+ (arguments
+ `(#:phases
+ (alist-cons-before
+ 'configure 'patch-config-files
+ (lambda _
+ (substitute* "tests/openpgp/Makefile.in"
+ (("/bin/sh") (which "bash"))))
+ %standard-phases)))))
+
+(define-public gnupg-1
+ (package (inherit gnupg)
+ (version "1.4.19")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gnupg/gnupg-" version
+ ".tar.bz2"))
+ (sha256
+ (base32
+ "11pxx26sfilh0vswylh9mhiifw5yffw7nn733zknw3sb0jfk22bz"))))
+ (native-inputs '())
+ (inputs
+ `(("zlib" ,zlib)
+ ("bzip2" ,bzip2)
+ ("curl" ,curl)
+ ("readline" ,readline)
+ ("libgpg-error" ,libgpg-error)))
+ (arguments
+ `(#:phases (alist-cons-after
+ 'unpack 'patch-check-sh
+ (lambda _
+ (substitute* "checks/Makefile.in"
+ (("/bin/sh") (which "bash"))))
+ %standard-phases)))))
+
+(define-public gpgme
+ (package
+ (name "gpgme")
+ (version "1.5.5")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gpgme/gpgme-" version
+ ".tar.bz2"))
+ (sha256
+ (base32
+ "01y28fkq52wwf4p470wscaxd2vgzl615irmafx3mj3380x8ksg8b"))))
+ (build-system gnu-build-system)
+ (propagated-inputs
+ ;; Needs to be propagated because gpgme.h includes gpg-error.h.
+ `(("libgpg-error" ,libgpg-error)))
+ (inputs
+ `(("gnupg" ,gnupg-2.0)
+ ("libassuan" ,libassuan)))
+ (arguments '(#:make-flags '("GPG=gpg2")))
+ (home-page "http://www.gnupg.org/related_software/gpgme/")
+ (synopsis "Library providing simplified access to GnuPG functionality")
+ (description
+ "GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG
+easier for applications. It provides a High-Level Crypto API for encryption,
+decryption, signing, signature verification and key management. Currently
+it uses GnuPG as its backend but the API isn't restricted to this engine.
+
+Because the direct use of GnuPG from an application can be a complicated
+programming task, it is suggested that all software should try to use GPGME
+instead. This way bug fixes or improvements can be done at a central place
+and every application benefits from this.")
+ (license license:lgpl2.1+)))
+
+(define-public python-gnupg
+ (package
+ (name "python-gnupg")
+ (version "0.3.7")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append "https://pypi.python.org/packages/source/p/"
+ "python-gnupg/python-gnupg-" version ".tar.gz"))
+ (sha256
+ (base32
+ "1hg9gshk4b7raskj8mjadsjcv10axlx2z4xl4ag2f2bpi4f8chvq"))))
+ (build-system python-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'check
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "test_gnupg.py"
+ ;; Test keyrings are missing, so this test fails.
+ (("'test_scan_keys'") "True")
+ (("def test_scan_keys") "def disabled__scan_keys")
+ ;; Unsure why this test fails.
+ (("'test_search_keys'") "True")
+ (("def test_search_keys") "def disabled__search_keys"))
+ (setenv "GPGBINARY" "gpg")
+ (setenv "USERNAME" "guixbuilder")
+ ;; The doctests are extremely slow and sometimes time out,
+ ;; so we disable them.
+ (zero? (system* "python"
+ "test_gnupg.py" "--no-doctests")))))))
+ (native-inputs
+ `(("gnupg" ,gnupg-1)))
+ (home-page "http://packages.python.org/python-gnupg/index.html")
+ (synopsis "Wrapper for the GNU Privacy Guard")
+ (description
+ "This module allows easy access to GnuPG’s key management, encryption
+and signature functionality from Python programs.")
+ (license license:bsd-3)))
+
+(define-public python2-gnupg
+ (package-with-python2 python-gnupg))
(define-public pius
(package
(name "pius")
- (version "2.0.9")
+ (version "2.1.1")
(source (origin
(method url-fetch)
(uri (string-append "mirror://sourceforge/pgpius/pius/"
version "/pius-"
version ".tar.bz2"))
(sha256 (base32
- "1g1jly3wl4ks6h8ydkygyl2c4i7v3z91rg42005m6vm70y1d8b3d"))))
- (build-system gnu-build-system)
- (inputs `(("perl" ,perl)
- ("python" ,python-wrapper)
- ("gpg" ,gnupg)))
+ "0ry3kc3x1qjmvb581ja2z2v32r1rl1g8rhfj7iqvs8nzq4ca512i"))))
+ (build-system python-build-system)
+ (inputs `(("perl" ,perl) ;for 'pius-party-worksheet'
+ ("gpg" ,gnupg-2.0))) ;2.1 fails to talk to gpg-agent 2.0
(arguments
`(#:tests? #f
+ #:python ,python-2 ;uses the Python 2 'print' syntax
#:phases
- (alist-replace
- 'configure
- (lambda* (#:key #:allow-other-keys) #t)
- (alist-replace
- 'build
- (lambda* (#:key #:allow-other-keys) #t)
- (alist-replace
- 'install
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (let* ((out (assoc-ref outputs "out"))
- (gpg (string-append (assoc-ref inputs "gpg")
- "/bin/gpg2")))
- (mkdir out)
- (mkdir (string-append out "/bin"))
- (for-each (lambda (file)
- (substitute* file
- (("/usr/bin/gpg") gpg))
- (copy-file file (string-append out "/bin/" file)))
- '("pius" "pius-keyring-mgr" "pius-party-worksheet"))))
- %standard-phases)))))
+ (modify-phases %standard-phases
+ (add-before
+ 'build 'set-gpg-file-name
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (let* ((gpg (string-append (assoc-ref inputs "gpg")
+ "/bin/gpg2")))
+ (substitute* "libpius/constants.py"
+ (("/usr/bin/gpg") gpg))))))))
(synopsis "Programs to simplify GnuPG key signing")
(description
"Pius (PGP Individual UID Signer) helps attendees of PGP keysigning
-parties. It is the main utility and makes it possible to quickly and easily
-sign each UID on a set of PGP keys. It is designed to take the pain out of
+parties. It is the main utility and makes it possible to quickly and easily
+sign each UID on a set of PGP keys. It is designed to take the pain out of
the sign-all-the-keys part of PGP Keysigning Party while adding security
to the process.
pius-keyring-mgr and pius-party-worksheet help organisers of
PGP keysigning parties.")
- (license gpl2)
+ (license license:gpl2)
(home-page "http://www.phildev.net/pius/index.shtml")))
(define-public signing-party
(arguments
`(#:tests? #f
#:phases
- (alist-replace
- 'unpack
- (lambda* (#:key #:allow-other-keys #:rest args)
- (let ((unpack (assoc-ref %standard-phases 'unpack)))
- (apply unpack args)
- ;; remove spurious symlink
- (delete-file "keyanalyze/pgpring/depcomp")))
+ (alist-cons-after
+ 'unpack 'remove-spurious-links
+ (lambda _ (delete-file "keyanalyze/pgpring/depcomp"))
(alist-replace
'configure
(lambda* (#:key outputs #:allow-other-keys)
"gpgparticipants.1" "gpgsigs.1" "gpgwrap.1"
"process_keys.1" "pgpring.1" "keyanalyze.1"))))
%standard-phases)))))
- (synopsis "collection of scripts for simplifying gnupg key signing")
+ (synopsis "Collection of scripts for simplifying gnupg key signing")
(description
- "signing-party is a collection for all kinds of PGP/GnuPG related things,
+ "Signing-party is a collection for all kinds of PGP/GnuPG related things,
including tools for signing keys, keyring analysis, and party preparation.
* caff: CA - Fire and Forget signs and mails a key
-
+
* pgp-clean: removes all non-self signatures from key
* pgp-fixkey: removes broken packets from keys
;; gpl2+ for almost all programs, except for keyanalyze: gpl2
;; and caff and gpgsigs: bsd-3, see
;; http://packages.debian.org/changelogs/pool/main/s/signing-party/current/copyright
- (license gpl2)
+ (license license:gpl2)
(home-page "http://pgp-tools.alioth.debian.org/")))
+
+(define-public pinentry
+ (package
+ (name "pinentry")
+ (version "0.9.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/pinentry/pinentry-"
+ version ".tar.bz2"))
+ (sha256
+ (base32
+ "1338hj1h3sh34897120y30x12b64wyj3xjzzk5asm2hdzhxgsmva"))))
+ (build-system gnu-build-system)
+ (inputs
+ `(("ncurses" ,ncurses)
+ ("libassuan" ,libassuan)
+ ("gtk+" ,gtk+-2)
+ ("glib" ,glib)))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (home-page "http://gnupg.org/aegypten2/")
+ (synopsis "GnuPG's interface to passphrase input")
+ (description
+ "Pinentry provides a console and a GTK+ GUI that allows users to
+enter a passphrase when `gpg' or `gpg2' is run and needs it.")
+ (license license:gpl2+)))
+
+(define-public paperkey
+ (package
+ (name "paperkey")
+ (version "1.3")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://www.jabberwocky.com/"
+ "software/paperkey/paperkey-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1yybj8bj68v4lxwpn596b6ismh2fyixw5vlqqg26byrn4d9dfmsv"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (alist-cons-before
+ 'check 'patch-check-scripts
+ (lambda _
+ (substitute* '("checks/roundtrip.sh"
+ "checks/roundtrip-raw.sh")
+ (("/bin/echo") "echo")))
+ %standard-phases)))
+ (home-page "http://www.jabberwocky.com/software/paperkey/")
+ (synopsis "Backup OpenPGP keys to paper")
+ (description
+ "Paperkey extracts the secret bytes from an OpenPGP (GnuPG, PGP, etc) key
+for printing with paper and ink, which have amazingly long retention
+qualities. To reconstruct a secret key, you re-enter those
+bytes (whether by hand, OCR, QR code, or the like) and paperkey can use
+them to transform your existing public key into a secret key.")
+ (license license:gpl2+)))