;;; Copyright © 2015, 2017, 2018, 2019 Ricardo Wurmus <rekado@elephly.net>
;;; Copyright © 2016, 2017, 2018, 2019 Leo Famulari <leo@famulari.name>
;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox>
-;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
-;;; Copyright © 2016, 2017 ng0 <ng0@n0.is>
+;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
;;; Copyright © 2016, 2017, 2019 Eric Bavier <bavier@member.fsf.org>
;;; Copyright © 2017 Pierre Langlois <pierre.langlois@gmx.com>
-;;; Copyright © 2018 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2018, 2020 Efraim Flashner <efraim@flashner.co.il>
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
-;;; Copyright © 2018 Nicolò Balzarotti <nicolo@nixo.xyz>
+;;; Copyright © 2018, 2020 Nicolò Balzarotti <nicolo@nixo.xyz>
;;; Copyright © 2018 Tim Gesthuizen <tim.gesthuizen@yahoo.de>
;;; Copyright © 2019 Pierre Neidhardt <mail@ambrevar.xyz>
+;;; Copyright © 2019 Tanguy Le Carrour <tanguy@bioneland.org>
+;;; Copyright © 2020 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
+;;; Copyright © 2020 Brice Waegeneire <brice@waegenei.re>
+;;; Copyright © 2020 Hendur Saga <hendursaga@yahoo.com>
;;;
;;; This file is part of GNU Guix.
;;;
#:use-module (gnu packages boost)
#:use-module (gnu packages check)
#:use-module (gnu packages compression)
+ #:use-module (gnu packages crates-io)
#:use-module (gnu packages cryptsetup)
#:use-module (gnu packages gettext)
#:use-module (gnu packages gnupg)
+ #:use-module (gnu packages golang)
#:use-module (gnu packages image)
#:use-module (gnu packages kerberos)
#:use-module (gnu packages libbsd)
#:use-module (gnu packages libffi)
#:use-module (gnu packages linux)
+ #:use-module (gnu packages lsof)
+ #:use-module (gnu packages man)
+ #:use-module (gnu packages multiprecision)
#:use-module (gnu packages nettle)
#:use-module (gnu packages password-utils)
#:use-module (gnu packages perl)
#:use-module (guix packages)
#:use-module (guix download)
#:use-module (guix git-download)
+ #:use-module (guix build-system cargo)
#:use-module (guix build-system cmake)
#:use-module (guix build-system gnu)
+ #:use-module (guix build-system go)
#:use-module (guix build-system perl)
- #:use-module (guix build utils)
+ #:use-module (guix utils)
#:use-module (srfi srfi-1)
#:use-module (srfi srfi-26))
(define-public signify
(package
(name "signify")
- (version "26")
+ (version "29")
(home-page "https://github.com/aperezdc/signify")
(source (origin
(method url-fetch)
"/download/v" version "/signify-" version ".tar.xz"))
(sha256
(base32
- "16sl1yq5bbsads5q4a0fbrf31b0x8r1hi4wagl90nbrhrca98baw"))))
+ "1bzcax5kb4lr0rmpmrdpq5q0iq6b2dxzpl56li8aanbkck1c7hd9"))))
(build-system gnu-build-system)
;; TODO Build with libwaive (described in README.md), to implement something
;; like OpenBSD's pledge().
(arguments
- `(#:tests? #f ; no test suite
- #:make-flags
+ `(#:make-flags
(list "CC=gcc"
(string-append "PREFIX=" (assoc-ref %outputs "out")))
#:phases
"See base64.c in the distribution for
the license from IBM.")))))
+(define-public rust-minisign
+ (package
+ (name "rust-minisign")
+ (version "0.5.20")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (crate-uri "minisign" version))
+ (file-name
+ (string-append name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "0xmcvh2snravghaar8igc6b9r3s1snnmf9qam9l3zyhm4987767y"))))
+ (build-system cargo-build-system)
+ (arguments
+ `(#:cargo-inputs
+ (("rust-getrandom" ,rust-getrandom-0.1)
+ ("rust-rpassword" ,rust-rpassword-4)
+ ("rust-scrypt" ,rust-scrypt-0.3))))
+ (home-page "https://github.com/jedisct1/rust-minisign")
+ (synopsis "Crate to sign files and verify signatures")
+ (description
+ "This package provides a crate to sign files and verify signatures.")
+ (license license:expat)))
+
+(define-public go-minisign
+ (package
+ (name "go-minisign")
+ (version "0.1.0")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/jedisct1/go-minisign")
+ (commit version)))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0wc0rk5m60yz52f0cncmbgq67yvb1rcx91gvzjg6jpc4mpw2db27"))
+ (modules '((guix build utils)))
+ (snippet
+ '(begin (delete-file-recursively "vendor") #t))))
+ (build-system go-build-system)
+ (arguments
+ '(#:import-path "github.com/jedisct1/go-minisign"))
+ (propagated-inputs
+ `(("go-golang-org-x-crypto" ,go-golang-org-x-crypto)))
+ (home-page "https://github.com/jedisct1/go-minisign")
+ (synopsis "Minisign verification library for Golang")
+ (description "A Golang library to verify Minisign signatures.")
+ (license license:expat)))
+
(define-public encfs
(package
(name "encfs")
(copy-recursively (assoc-ref inputs "googletest-source")
"vendor/github.com/google/googletest")
#t))
+ (add-before 'configure 'patch-CMakeLists.txt
+ (lambda _
+ ;; Prevent CMake from adding libc on the system include path.
+ ;; Otherwise it will interfere with the libc used by GCC and
+ ;; ultimately cause #include_next errors.
+ (substitute* "CMakeLists.txt"
+ (("include_directories \\(SYSTEM \\$\\{Intl_INCLUDE_DIRS\\}\\)")
+ ""))
+ #t))
(add-before 'check 'make-unittests
(lambda _
(invoke "make" "unittests"))))))
(define-public keyutils
(package
(name "keyutils")
- (version "1.6")
+ (version "1.6.1")
(source
(origin
(method url-fetch)
(string-append "https://people.redhat.com/dhowells/keyutils/keyutils-"
version ".tar.bz2"))
(sha256
- (base32
- "05bi5ja6f3h3kdi7p9dihlqlfrsmi1wh1r2bdgxc0180xh6g5bnk"))
+ (base32 "1kk4pmyflgplkgxn2bzpc069ph9c9jdd9ikcsyd5pnaimqi5gcf8"))
(modules '((guix build utils)))
;; Create relative symbolic links instead of absolute ones to /lib/*.
(snippet '(begin
no man page, refer to the home page for usage details.")
(license (list license:isc license:expat)))))
+(define-public ssss
+ (package
+ (name "ssss")
+ (version "0.5")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "http://point-at-infinity.org/ssss/ssss-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "15grn2fp1x8p92kxkwbmsx8rz16g93y9grl3hfqbh1jn21ama5jx"))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:tests? #f ; No test suite
+ #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ "CC=gcc")
+ #:phases
+ (modify-phases %standard-phases
+ (delete 'configure) ; no configuration to be done
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((outdir (assoc-ref outputs "out"))
+ (bindir (string-append outdir "/bin"))
+ (docdir (string-append outdir
+ "/share/doc/ssss-"
+ ,version)))
+ (install-file "ssss-combine" bindir)
+ (install-file "ssss-split" bindir)
+ (install-file "ssss.1" docdir)
+ (install-file "ssss.1.html" docdir)
+ #t))))))
+ (inputs
+ `(("gmp" ,gmp)))
+ (native-inputs
+ `(("xmltoman" ,xmltoman)))
+ (home-page "http://point-at-infinity.org/ssss/")
+ (synopsis "Shamir's secret sharing scheme implementation")
+ (description "@command{ssss-split} and @command{ssss-combine} are utilities that split
+and combine secrets securely using Shamir's secret sharing scheme. This implementation
+allows for a threshold scheme where the minimum number of shares can be less than the
+total number of shares generated.")
+ (license license:gpl2+)))
+
(define-public tomb
(package
(name "tomb")
- (version "2.6")
+ (version "2.7")
(source (origin
(method url-fetch)
(uri (string-append "https://files.dyne.org/tomb/"
"Tomb-" version ".tar.gz"))
(sha256
(base32
- "1sr3jcn96mciyn8xd0amd1jzamxxzpybakf8an7laf26gjim1dh2"))))
+ "0x3al02796vx1cvy6y6h685c367qx70dwv471g0hmks2gr10f0cn"))
+ (patches (search-patches "tomb-fix-errors-on-open.patch"))))
(build-system gnu-build-system)
(native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase
(inputs
("cryptsetup" ,cryptsetup)
("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4
("gettext" ,gettext-minimal) ;used at runtime
+ ("lsof" ,lsof)
("mlocate" ,mlocate)
("pinentry" ,pinentry)
("qrencode" ,qrencode)
("util-linux" ,util-linux)))
(arguments
`(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")))
+ ;; The "sudo" input is needed only to satisfy dependency checks in the
+ ;; 'check' phase. The "sudo" used at runtime should come from the
+ ;; system's setuid-programs, so ensure no reference is kept.
+ #:disallowed-references (,sudo)
;; TODO: Build and install gtk and qt trays
#:phases
(modify-phases %standard-phases
,@(map (lambda (program)
(or (and=> (which program) dirname)
(error "program not found:" program)))
- '("seq" "mkfs.ext4" "pinentry" "sudo"
- "gpg" "cryptsetup" "gettext"
- "qrencode" "steghide" "findmnt")))))
+ '("seq" "mkfs.ext4" "pinentry"
+ "gpg" "cryptsetup" "gettext" "lsof"
+ "qrencode" "steghide" "findmnt" "getent")))))
#t)))
(delete 'check)
(add-after 'wrap 'check
(define-public scrypt
(package
(name "scrypt")
- (version "1.2.1")
+ (version "1.3.1")
(source
(origin
(method url-fetch)
version ".tgz"))
(sha256
(base32
- "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6"))))
+ "1hnl0r6pmyxiy4dmafmqk1db7wpc0x9rqpzqcwr9d2cmghcj6byz"))))
(build-system gnu-build-system)
(arguments
- `(#:phases (modify-phases %standard-phases
- (add-after 'unpack 'patch-command-invocations
+ `(#:license-file-regexp "COPYRIGHT"
+ #:phases (modify-phases %standard-phases
+ (add-after 'unpack 'patch-$PATH-assumptions
(lambda _
+ (substitute* "configure"
+ (("\\{POSIX_PATH\\}")
+ "{PATH}"))
(substitute* "Makefile.in"
(("command -p") ""))
#t))
(add-after 'install 'install-docs
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref %outputs "out"))
- (misc (string-append out "/share/doc/scrypt")))
- (install-file "FORMAT" misc)
+ (doc (string-append out "/share/doc/" ,name "-" ,version)))
+ (install-file "FORMAT" doc)
#t))))))
(inputs
`(("openssl" ,openssl)))
(origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/technion/libscrypt.git")
+ (url "https://github.com/technion/libscrypt")
(commit (string-append "v" version))))
(file-name (git-file-name name version))
(sha256
(define-public perl-crypt-random-source
(package
(name "perl-crypt-random-source")
- (version "0.12")
+ (version "0.14")
(source
(origin
(method url-fetch)
(uri (string-append "mirror://cpan/authors/id/E/ET/ETHER/"
"Crypt-Random-Source-" version ".tar.gz"))
(sha256
- (base32
- "00mw5m52sbz9nqp3f6axyrgcrihqxn7k8gv0vi1kvm1j1nc9g29h"))))
+ (base32 "1rpdds3sy5l1fhngnkrsgwsmwd54wpicx3i9ds69blcskwkcwkpc"))))
(build-system perl-build-system)
(native-inputs
`(("perl-module-build-tiny" ,perl-module-build-tiny)
- ("perl-test-exception" ,perl-test-exception)))
+ ("perl-test-fatal" ,perl-test-fatal)))
(propagated-inputs
`(("perl-capture-tiny" ,perl-capture-tiny)
("perl-module-find" ,perl-module-find)
(define-public crypto++
(package
(name "crypto++")
- (version "8.0.0")
+ (version "8.2.0")
(source (origin
(method url-fetch/zipbomb)
(uri (string-append "https://cryptopp.com/cryptopp"
".zip"))
(sha256
(base32
- "0b5qrsm4jhy4nzxgrm13nixhvbswr242plx1jw6r4sw492rqkzdv"))))
+ "0n40hlz5jkvlcp9vxrj0fsrcfp7dm0zmmv6h52dx3f8i5qjf5w03"))))
(build-system gnu-build-system)
(arguments
`(#:make-flags
((" -march=native") ""))
#t))
(delete 'configure)
- (add-after 'build 'build-shared
- (lambda _
- ;; By default, only the static library is built.
- (invoke "make" "shared")))
+ (replace 'build
+ ;; By default, only the static library is built.
+ (lambda* (#:key (make-flags '()) #:allow-other-keys)
+ (apply invoke "make" "shared"
+ "-j" (number->string (parallel-job-count))
+ make-flags)))
+ (add-after 'install 'install-shared-library-links
+ ;; By default, only .so and .so.x.y.z are installed.
+ ;; Create all the ‘intermediates’ expected by dependent packages.
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (lib (string-append out "/lib"))
+ (prefix "libcryptopp.so.")
+ (target (string-append prefix ,version)))
+ (with-directory-excursion lib
+ (symlink target
+ (string-append prefix ,(version-major+minor version)))
+ (symlink target
+ (string-append prefix ,(version-major version)))
+ #t))))
(add-after 'install 'install-pkg-config
(lambda* (#:key outputs #:allow-other-keys)
(let* ((out (assoc-ref outputs "out"))
"libdir=" out "/lib\n"
"includedir=" out "/include\n\n"
"Name: libcrypto++-" ,version "\n"
- "Description: Class library of cryptographic schemes"
+ "Description: Class library of cryptographic schemes\n"
"Version: " ,version "\n"
"Libs: -L${libdir} -lcryptopp\n"
- "Cflags: -I${includedir}\n"))))))))))
+ "Cflags: -I${includedir}\n"))
+ #t))))))))
(native-inputs
`(("unzip" ,unzip)))
(home-page "https://cryptopp.com/")
(define-public rhash
(package
(name "rhash")
- (version "1.3.8")
+ (version "1.3.9")
(source
(origin
(method url-fetch)
- (uri (string-append "https://github.com/rhash/RHash/archive/v"
- version ".tar.gz"))
- (file-name (string-append name "-" version ".tar.gz"))
+ (uri (string-append "mirror://sourceforge/rhash/rhash/" version
+ "/rhash-" version "-src.tar.gz"))
+ (file-name (string-append "rhash-" version ".tar.gz"))
(sha256
(base32
- "0k60ywyhwqwqxa2q2l85vwgf884hcgy31nxir3dqgz7ymib6llxy"))))
+ "1xn9fqa6rlnhsbgami45g82dlw9i1skg2sri3ydiinwak5ph1ca2"))))
(build-system gnu-build-system)
(arguments
- `(#:make-flags
+ `(#:configure-flags
+ (list (string-append "--prefix=" (assoc-ref %outputs "out"))
+ ,@(let ((target (%current-target-system)))
+ (if target
+ `((string-append "--target=" ,target)
+ (string-append "--cc="
+ (assoc-ref %build-inputs "cross-gcc")
+ "/bin/" ,target "-gcc"))
+ '())))
+ #:make-flags
;; The binaries in /bin need some help finding librhash.so.0.
(list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib"))
#:test-target "test" ; ‘make check’ just checks the sources
(replace 'configure
;; ./configure is not GNU autotools' and doesn't gracefully handle
;; unrecognized options, so we must call it manually.
- (lambda* (#:key outputs #:allow-other-keys)
- (invoke "./configure"
- (string-append "--prefix=" (assoc-ref outputs "out")))))
+ (lambda* (#:key configure-flags #:allow-other-keys)
+ (apply invoke "./configure" configure-flags)))
+ (add-before 'check 'patch-/bin/sh
+ (lambda _
+ (substitute* "Makefile"
+ (("/bin/sh") (which "sh")))
+ #t))
(add-after 'install 'install-library-extras
(lambda* (#:key make-flags #:allow-other-keys)
(apply invoke
(define-public botan
(package
(name "botan")
- (version "2.7.0")
+ (version "2.12.1")
(source (origin
(method url-fetch)
(uri (string-append "https://botan.randombit.net/releases/"
- "Botan-" version ".tgz"))
+ "Botan-" version ".tar.xz"))
(sha256
(base32
- "142aqabwc266jxn8wrp0f1ffrmcvdxwvyh8frb38hx9iaqazjbg4"))))
+ "1ada3ga7b0z4m0vjmxlvfi4nsic2l8kjcy85jwss3z2i58a5y0vy"))))
(build-system gnu-build-system)
(arguments
'(#:phases
(lambda* (#:key inputs outputs #:allow-other-keys)
(let* ((out (assoc-ref %outputs "out"))
(lib (string-append out "/lib")))
+ ;; Upstream tests and benchmarks with -O3.
+ (setenv "CXXFLAGS" "-O3")
(invoke "python" "./configure.py"
(string-append "--prefix=" out)
;; Otherwise, the `botan` executable cannot find
;; libbotan.
(string-append "--ldflags=-Wl,-rpath=" lib)
+
+ "--with-os-feature=getentropy"
"--with-rst2man"
+
;; Recommended by upstream
"--with-zlib" "--with-bzip2" "--with-sqlite3"))))
(replace 'check
(source (origin
(method git-fetch)
(uri (git-reference
- (url "https://github.com/vstakhov/asignify.git")
+ (url "https://github.com/vstakhov/asignify")
(commit commit)))
(file-name (git-file-name name version))
(sha256
(define-public enchive
(package
(name "enchive")
- (version "3.4")
+ (version "3.5")
(source (origin
- (method url-fetch)
- (uri (string-append "https://github.com/skeeto/" name "/archive/"
- version ".tar.gz"))
- (sha256
- (base32
- "17hrxpp4cpn10bk48sfvfjc8hghky34agsnypam1v9f36kbalqfk"))
- (file-name (string-append name "-" version ".tar.gz"))))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/skeeto/enchive")
+ (commit version)))
+ (sha256
+ (base32
+ "0fdrfc5l42lj2bvmv9dmkmhmm7qiszwk7cmdvnqad3fs7652g0qa"))
+ (file-name (git-file-name name version))))
(build-system gnu-build-system)
(arguments
'(#:tests? #f ; no check target '
(license license:unlicense)))
(define-public libsecp256k1
- (let ((commit "e34ceb333b1c0e6f4115ecbb80c632ac1042fa49"))
+ (let ((commit "d644dda5c9dbdecee52d1aa259235510fdc2d4ee"))
(package
(name "libsecp256k1")
- (version (git-version "20181126" "1" commit))
+ (version (git-version "20191213" "1" commit))
(source (origin
(method git-fetch)
(uri (git-reference
(commit commit)))
(sha256
(base32
- "0as78s179hcr3ysk3fw98k5wzabgnwri7vkkc17wg31lyz6ids6c"))
+ "0zmx32746khsm2cx0p3pdy3j2vkwmafvf7axiixijhgcg0xjv93i"))
(file-name (git-file-name name version))))
(build-system gnu-build-system)
(native-inputs
(home-page "https://github.com/bitcoin-core/secp256k1")
(license license:unlicense))))
+(define-public libsecp256k1-bitcoin-cash
+ (package
+ (name "libsecp256k1-bitcoin-cash")
+ (version "0.22.1")
+ (source
+ (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/Bitcoin-ABC/secp256k1")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32 "1rnif3iny6pz1r3g69bagzr342mm3x0v66b60csnmm1rg44bd5v1"))))
+ (build-system gnu-build-system)
+ (native-inputs
+ `(("autoconf" ,autoconf)
+ ("automake" ,automake)
+ ("libtool" ,libtool)))
+ (arguments
+ '(#:configure-flags '("--enable-module-recovery"
+ "--enable-experimental"
+ "--enable-module-ecdh"
+ "--disable-jni"
+ "--with-bignum=no"
+ "--enable-module-schnorr"
+ "--disable-static"
+ "--enable-shared")))
+ (synopsis "Optimized C library for EC operations on curve secp256k1")
+ (description
+ "Optimized C library for cryptographic operations on curve secp256k1.
+
+This library is used for consensus critical cryptographic operations on the
+Bitcoin Cash network.
+
+Features:
+
+@itemize
+@item secp256k1 ECDSA signing/verification and key generation.
+@item secp256k1 Schnorr signing/verification (Bitcoin Cash Schnorr variant).
+@item Additive and multiplicative tweaking of secret/public keys.
+@item Serialization/parsing of secret keys, public keys, signatures.
+@item Constant time, constant memory access signing and pubkey generation.
+@item Derandomized ECDSA (via RFC6979 or with a caller provided function).
+@item Very efficient implementation.
+@item Suitable for embedded systems.
+@item Optional module for public key recovery.
+@item Optional module for ECDH key exchange (experimental).
+@item Optional module for multiset hash (experimental).
+@end itemize\n")
+ (home-page "https://github.com/Bitcoin-ABC/secp256k1")
+ (license license:expat)))
+
(define-public stoken
(package
(name "stoken")
(uri (git-reference
(url "https://github.com/vstakhov/hpenc")
(commit version)))
+ (file-name (git-file-name name version))
(sha256
(base32
"1fb5yi3d2k8kd4zm7liiqagpz610y168xrr1cvn7cbq314jm2my1"))))
quickly by using all your CPU cores and hardware acceleration.")
(home-page "https://github.com/vstakhov/hpenc")
(license license:bsd-3)))
+
+(define-public minisign
+ (package
+ (name "minisign")
+ (version "0.9")
+ (source
+ (origin
+ (method url-fetch)
+ (uri
+ (string-append "https://github.com/jedisct1/minisign/releases/download/"
+ version "/minisign-" version ".tar.gz"))
+ (sha256
+ (base32 "1h9cfvvm6lqq33b2wdar1x3w4k7zyrscavllyb0l5dmcdabq60r2"))))
+ (build-system cmake-build-system)
+ (arguments
+ ; No test suite
+ `(#:tests? #f))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)))
+ (inputs
+ `(("libsodium" ,libsodium)))
+ (home-page "https://jedisct1.github.io/minisign")
+ (synopsis "Tool to sign files and verify signatures")
+ (description
+ "Minisign is a dead simple tool to sign files and verify signatures. It is
+portable, lightweight, and uses the highly secure Ed25519 public-key signature
+system. Signature written by minisign can be verified using OpenBSD's
+signify tool: public key files and signature files are compatible. However,
+minisign uses a slightly different format to store secret keys. Minisign
+signatures include trusted comments in addition to untrusted comments.
+Trusted comments are signed, thus verified, before being displayed.")
+ (license license:isc)))
+
+(define-public libolm
+ (package
+ (name "libolm")
+ (version "3.1.5")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://git.matrix.org/git/olm")
+ (commit version)))
+ (sha256
+ (base32
+ "030g0jmmvhx2dh32k708sz6cdd5q1wz48i4gigh6dclqk10w28lm"))
+ (file-name (git-file-name name version))))
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (replace 'check
+ (lambda _
+ (invoke "ctest" "build/tests"))))))
+ (build-system cmake-build-system)
+ (synopsis "Implementation of the olm and megolm cryptographic ratchets")
+ (description "The libolm library implements the Double Ratchet
+cryptographic ratchet. It is written in C and C++11, and exposed as a C
+API.")
+ (home-page "https://matrix.org/docs/projects/other/olm/")
+ (license license:asl2.0)))
+
+(define-public hash-extender
+ (let ((commit "cb8aaee49f93e9c0d2f03eb3cafb429c9eed723d")
+ (revision "2"))
+ (package
+ (name "hash-extender")
+ (version (git-version "0.0" revision commit))
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/iagox86/hash_extender")
+ (commit commit)))
+ (sha256
+ (base32
+ "1fj118566hr1wv03az2w0iqknazsqqkak0mvlcvwpgr6midjqi9b"))
+ (file-name (git-file-name name version))))
+ (build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (delete 'configure)
+ (replace 'check
+ (lambda _
+ (invoke "./hash_extender_test")))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((outdir (assoc-ref outputs "out"))
+ (bindir (string-append outdir "/bin"))
+ (docdir (string-append outdir
+ "/share/doc/hash-extender-"
+ ,version)))
+ (install-file "hash_extender" bindir)
+ (install-file "README.md" docdir)
+ #t))))))
+ (inputs
+ `(("openssl" ,openssl)))
+ (synopsis "Tool for hash length extension attacks")
+ (description "@command{hash_extender} is a utility for performing hash
+length extension attacks supporting MD4, MD5, RIPEMD-160, SHA-0, SHA-1,
+SHA-256, SHA-512, and WHIRLPOOL hashes.")
+ (home-page "https://github.com/iagox86/hash_extender")
+ (license license:bsd-3))))