X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/blobdiff_plain/23c883ef832d45387bb2a11451411a76be0c034f..bdb1a3385df8b16ecdbded9142ed12c40b2a5954:/gnu/packages/crypto.scm diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm index 91fbe6a8e4..57d417de80 100644 --- a/gnu/packages/crypto.scm +++ b/gnu/packages/crypto.scm @@ -3,17 +3,23 @@ ;;; Copyright © 2015, 2017, 2018, 2019 Ricardo Wurmus ;;; Copyright © 2016, 2017, 2018, 2019 Leo Famulari ;;; Copyright © 2016 Lukas Gradl -;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice -;;; Copyright © 2016, 2017 ng0 -;;; Copyright © 2016, 2017, 2019 Eric Bavier +;;; Copyright © 2016–2021 Tobias Geerinckx-Rice +;;; Copyright © 2016, 2017 Nikita +;;; Copyright © 2016, 2017, 2019, 2020 Eric Bavier ;;; Copyright © 2017 Pierre Langlois -;;; Copyright © 2018 Efraim Flashner +;;; Copyright © 2018, 2020 Efraim Flashner ;;; Copyright © 2018 Arun Isaac ;;; Copyright © 2018 Nicolas Goaziou -;;; Copyright © 2018 Nicolò Balzarotti +;;; Copyright © 2018, 2020 Nicolò Balzarotti ;;; Copyright © 2018 Tim Gesthuizen ;;; Copyright © 2019 Pierre Neidhardt ;;; Copyright © 2019 Tanguy Le Carrour +;;; Copyright © 2020 Marius Bakke +;;; Copyright © 2020 Jakub Kądziołka +;;; Copyright © 2020 Brice Waegeneire +;;; Copyright © 2020 Hendur Saga +;;; Copyright © 2020 pukkamustard +;;; Copyright © 2021 Ellis Kenyő ;;; ;;; This file is part of GNU Guix. ;;; @@ -39,15 +45,21 @@ #:use-module (gnu packages boost) #:use-module (gnu packages check) #:use-module (gnu packages compression) + #:use-module (gnu packages crates-io) #:use-module (gnu packages cryptsetup) + #:use-module (gnu packages documentation) #:use-module (gnu packages gettext) #:use-module (gnu packages gnupg) + #:use-module (gnu packages golang) + #:use-module (gnu packages graphviz) #:use-module (gnu packages image) #:use-module (gnu packages kerberos) #:use-module (gnu packages libbsd) #:use-module (gnu packages libffi) #:use-module (gnu packages linux) #:use-module (gnu packages lsof) + #:use-module (gnu packages man) + #:use-module (gnu packages multiprecision) #:use-module (gnu packages nettle) #:use-module (gnu packages password-utils) #:use-module (gnu packages perl) @@ -62,18 +74,73 @@ #:use-module (gnu packages sqlite) #:use-module (gnu packages tcl) #:use-module (gnu packages tls) + #:use-module (gnu packages version-control) #:use-module (gnu packages xml) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) #:use-module (guix git-download) + #:use-module (guix build-system cargo) #:use-module (guix build-system cmake) + #:use-module (guix build-system copy) #:use-module (guix build-system gnu) + #:use-module (guix build-system go) #:use-module (guix build-system perl) - #:use-module (guix build utils) + #:use-module (guix utils) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26)) +(define-public libdecaf + (package + (name "libdecaf") + (version "1.0.1") + (source (origin + (method git-fetch) + (uri (git-reference + (url "git://git.code.sf.net/p/ed448goldilocks/code") + (commit + (string-append "v" version)))) + (file-name + (git-file-name name version)) + (sha256 + (base32 "1ajgmyvc6a4m1h2hg1g4wz7ibx10x1xys9m6ancnmmf1f2srlfly")))) + (build-system cmake-build-system) + (outputs '("out" "python" "doc")) + (arguments + `(#:configure-flags '("-DENABLE_STATIC=OFF") + #:phases + (modify-phases %standard-phases + (add-after 'unpack 'patch-python-binding + (lambda _ + (substitute* "python/setup.py" + (("gmake") + "make") + (("'\\.\\.', 'build', 'lib', 'libdecaf\\.so'") + "'..', '..', 'build', 'src', 'libdecaf.so'")))) + (add-after 'install 'install-python-binding + (lambda* (#:key outputs #:allow-other-keys) + (with-directory-excursion "../source/python" + (invoke "python" "setup.py" "install" + (string-append "--prefix=" (assoc-ref outputs "python")) + "--root=/")))) + (add-after 'install-python-binding 'install-documentation + (lambda* (#:key outputs #:allow-other-keys) + (invoke "make" "doc") + (let* ((doc (assoc-ref outputs "doc")) + (dest (string-append doc "/share/doc"))) + (copy-recursively "doc" dest))))))) + (native-inputs + `(("dot" ,graphviz) + ("doxygen" ,doxygen) + ("python" ,python-wrapper))) + (synopsis "Decaf Elliptic Curve Library") + (description "The libdecaf library is an implementation of elliptic curve +cryptography using the Montgomery and Edwards curves Curve25519, Ed25519, +Ed448-Goldilocks and Curve448, using the Decaf encoding.") + (home-page "http://ed448goldilocks.sourceforge.net/") + (license (list license:expat ;library + license:bsd-2)))) ;python bindings + (define-public libsodium (package (name "libsodium") @@ -100,7 +167,7 @@ communication, encryption, decryption, signatures, etc.") (define-public libmd (package (name "libmd") - (version "1.0.1") + (version "1.0.3") (source (origin (method url-fetch) (uri @@ -111,7 +178,7 @@ communication, encryption, decryption, signatures, etc.") version ".tar.xz"))) (sha256 (base32 - "0waclg2d5qin3r26gy5jvy4584ik60njc8pqbzwk0lzq3j9ynkp1")))) + "0jmga8y94h857ilra3qjaiax3wd5pd6mx1h120zhl9fcjmzhj0js")))) (build-system gnu-build-system) (synopsis "Message Digest functions from BSD systems") (description @@ -133,7 +200,7 @@ communication, encryption, decryption, signatures, etc.") (define-public signify (package (name "signify") - (version "27") + (version "30") (home-page "https://github.com/aperezdc/signify") (source (origin (method url-fetch) @@ -141,13 +208,12 @@ communication, encryption, decryption, signatures, etc.") "/download/v" version "/signify-" version ".tar.xz")) (sha256 (base32 - "0ngjsqz95yb0knlw9zs02fnclif40s63r1mydgiv17ii3mds82df")))) + "11l67j04gyxnlw6zrzsygqs5cgsc1sww1rh0apl05yay131hd17n")))) (build-system gnu-build-system) ;; TODO Build with libwaive (described in README.md), to implement something ;; like OpenBSD's pledge(). (arguments - `(#:tests? #f ; no test suite - #:make-flags + `(#:make-flags (list "CC=gcc" (string-append "PREFIX=" (assoc-ref %outputs "out"))) #:phases @@ -169,6 +235,58 @@ OpenBSD tool of the same name.") "See base64.c in the distribution for the license from IBM."))))) +(define-public rust-minisign + (package + (name "rust-minisign") + (version "0.5.20") + (source + (origin + (method url-fetch) + (uri (crate-uri "minisign" version)) + (file-name + (string-append name "-" version ".tar.gz")) + (sha256 + (base32 + "0xmcvh2snravghaar8igc6b9r3s1snnmf9qam9l3zyhm4987767y")))) + (build-system cargo-build-system) + (arguments + `(#:cargo-inputs + (("rust-getrandom" ,rust-getrandom-0.1) + ("rust-rpassword" ,rust-rpassword-4) + ("rust-scrypt" ,rust-scrypt-0.3)))) + (home-page "https://github.com/jedisct1/rust-minisign") + (synopsis "Crate to sign files and verify signatures") + (description + "This package provides a crate to sign files and verify signatures.") + (license license:expat))) + +(define-public go-minisign + (package + (name "go-minisign") + (version "0.1.0") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/jedisct1/go-minisign") + (commit version))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0wc0rk5m60yz52f0cncmbgq67yvb1rcx91gvzjg6jpc4mpw2db27")) + (modules '((guix build utils))) + (snippet + '(begin (delete-file-recursively "vendor") #t)))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/jedisct1/go-minisign")) + (propagated-inputs + `(("go-golang-org-x-crypto" ,go-golang-org-x-crypto))) + (home-page "https://github.com/jedisct1/go-minisign") + (synopsis "Minisign verification library for Golang") + (description "A Golang library to verify Minisign signatures.") + (license license:expat))) + (define-public encfs (package (name "encfs") @@ -239,7 +357,7 @@ the wrong hands.") (define-public keyutils (package (name "keyutils") - (version "1.6") + (version "1.6.1") (source (origin (method url-fetch) @@ -247,8 +365,7 @@ the wrong hands.") (string-append "https://people.redhat.com/dhowells/keyutils/keyutils-" version ".tar.bz2")) (sha256 - (base32 - "05bi5ja6f3h3kdi7p9dihlqlfrsmi1wh1r2bdgxc0180xh6g5bnk")) + (base32 "1kk4pmyflgplkgxn2bzpc069ph9c9jdd9ikcsyd5pnaimqi5gcf8")) (modules '((guix build utils))) ;; Create relative symbolic links instead of absolute ones to /lib/*. (snippet '(begin @@ -299,10 +416,10 @@ secure operations. ") (base32 "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98")))) (inputs - `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h + `(("openssl" ,openssl-1.0))) ; for openssl/{bn,pem,rsa,sha}.h (build-system gnu-build-system) (arguments - `(#:make-flags (list "CC=gcc" + `(#:make-flags (list (string-append "CC=" ,(cc-for-target)) (string-append "PREFIX=" (assoc-ref %outputs "out")) (string-append "INSTALL=" "install")) ;; XXX: make test would run a !VERY! long hashing of names with the use @@ -337,18 +454,60 @@ generation of wordlists the included tool @code{worgen} can be used. There is no man page, refer to the home page for usage details.") (license (list license:isc license:expat))))) +(define-public ssss + (package + (name "ssss") + (version "0.5") + (source (origin + (method url-fetch) + (uri (string-append "http://point-at-infinity.org/ssss/ssss-" + version ".tar.gz")) + (sha256 + (base32 + "15grn2fp1x8p92kxkwbmsx8rz16g93y9grl3hfqbh1jn21ama5jx")))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; No test suite + #:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out")) + "CC=gcc") + #:phases + (modify-phases %standard-phases + (delete 'configure) ; no configuration to be done + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((outdir (assoc-ref outputs "out")) + (bindir (string-append outdir "/bin")) + (docdir (string-append outdir + "/share/doc/ssss-" + ,version))) + (install-file "ssss-combine" bindir) + (install-file "ssss-split" bindir) + (install-file "ssss.1" docdir) + (install-file "ssss.1.html" docdir) + #t)))))) + (inputs + `(("gmp" ,gmp))) + (native-inputs + `(("xmltoman" ,xmltoman))) + (home-page "http://point-at-infinity.org/ssss/") + (synopsis "Shamir's secret sharing scheme implementation") + (description "@command{ssss-split} and @command{ssss-combine} are utilities that split +and combine secrets securely using Shamir's secret sharing scheme. This implementation +allows for a threshold scheme where the minimum number of shares can be less than the +total number of shares generated.") + (license license:gpl2+))) + (define-public tomb (package (name "tomb") - (version "2.7") + (version "2.9") (source (origin (method url-fetch) - (uri (string-append "https://files.dyne.org/tomb/" + (uri (string-append "https://files.dyne.org/tomb/releases/" "Tomb-" version ".tar.gz")) (sha256 (base32 - "0x3al02796vx1cvy6y6h685c367qx70dwv471g0hmks2gr10f0cn")) - (patches (search-patches "tomb-fix-errors-on-open.patch")))) + "136nfnpaz29hngwwnzrmc858gpnvnb977gf4ldbpapw1h1k3r8mk")))) (build-system gnu-build-system) (native-inputs `(("sudo" ,sudo))) ;presence needed for 'check' phase (inputs @@ -389,7 +548,7 @@ no man page, refer to the home page for usage details.") (error "program not found:" program))) '("seq" "mkfs.ext4" "pinentry" "gpg" "cryptsetup" "gettext" "lsof" - "qrencode" "steghide" "findmnt"))))) + "qrencode" "steghide" "findmnt" "getent"))))) #t))) (delete 'check) (add-after 'wrap 'check @@ -415,7 +574,7 @@ user's graphical desktop.") (define-public scrypt (package (name "scrypt") - (version "1.2.1") + (version "1.3.1") (source (origin (method url-fetch) @@ -423,20 +582,24 @@ user's graphical desktop.") version ".tgz")) (sha256 (base32 - "0xy5yhrwwv13skv9im9vm76rybh9f29j2dh4hlh2x01gvbkza8a6")))) + "1hnl0r6pmyxiy4dmafmqk1db7wpc0x9rqpzqcwr9d2cmghcj6byz")))) (build-system gnu-build-system) (arguments - `(#:phases (modify-phases %standard-phases - (add-after 'unpack 'patch-command-invocations + `(#:license-file-regexp "COPYRIGHT" + #:phases (modify-phases %standard-phases + (add-after 'unpack 'patch-$PATH-assumptions (lambda _ + (substitute* "configure" + (("\\{POSIX_PATH\\}") + "{PATH}")) (substitute* "Makefile.in" (("command -p") "")) #t)) (add-after 'install 'install-docs (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref %outputs "out")) - (misc (string-append out "/share/doc/scrypt"))) - (install-file "FORMAT" misc) + (doc (string-append out "/share/doc/" ,name "-" ,version))) + (install-file "FORMAT" doc) #t)))))) (inputs `(("openssl" ,openssl))) @@ -456,19 +619,26 @@ attacks than alternative functions such as @code{PBKDF2} or @code{bcrypt}.") (origin (method git-fetch) (uri (git-reference - (url "https://github.com/technion/libscrypt.git") + (url "https://github.com/technion/libscrypt") (commit (string-append "v" version)))) (file-name (git-file-name name version)) (sha256 (base32 "1d76ys6cp7fi4ng1w3mz2l0p9dbr7ljbk33dcywyimzjz8bahdng")))) (build-system gnu-build-system) + (outputs (list "out" "static")) (arguments `(#:make-flags (list (string-append "PREFIX=" %output) "CC=gcc") #:phases (modify-phases %standard-phases - (delete 'configure)))) + (delete 'configure) ; no configure script + (add-after 'install 'install:static + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib"))) + (install-file "libscrypt.a" lib) + #t)))))) (home-page "https://lolware.net/libscrypt.html") (synopsis "Password hashing library") (description "@code{libscrypt} implements @code{scrypt} key derivation @@ -603,15 +773,18 @@ data on your platform, so the seed itself will be as random as possible. (define-public crypto++ (package (name "crypto++") - (version "8.0.0") + (version "8.5.0") (source (origin - (method url-fetch/zipbomb) - (uri (string-append "https://cryptopp.com/cryptopp" - (string-join (string-split version #\.) "") - ".zip")) + (method git-fetch) + (uri + (git-reference + (url "https://github.com/weidai11/cryptopp") + (commit + (string-append "CRYPTOPP_" + (string-replace-substring version "." "_"))))) (sha256 (base32 - "0b5qrsm4jhy4nzxgrm13nixhvbswr242plx1jw6r4sw492rqkzdv")))) + "0in7rlazq91vfi519g9wr7bh87hii47cimxv7fmj0f88vhjaidq3")))) (build-system gnu-build-system) (arguments `(#:make-flags @@ -629,10 +802,26 @@ data on your platform, so the seed itself will be as random as possible. ((" -march=native") "")) #t)) (delete 'configure) - (add-after 'build 'build-shared - (lambda _ - ;; By default, only the static library is built. - (invoke "make" "shared"))) + (replace 'build + ;; By default, only the static library is built. + (lambda* (#:key (make-flags '()) #:allow-other-keys) + (apply invoke "make" "shared" + "-j" (number->string (parallel-job-count)) + make-flags))) + (add-after 'install 'install-shared-library-links + ;; By default, only .so and .so.x.y.z are installed. + ;; Create all the ‘intermediates’ expected by dependent packages. + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (lib (string-append out "/lib")) + (prefix "libcryptopp.so.") + (target (string-append prefix ,version))) + (with-directory-excursion lib + (symlink target + (string-append prefix ,(version-major+minor version))) + (symlink target + (string-append prefix ,(version-major version))) + #t)))) (add-after 'install 'install-pkg-config (lambda* (#:key outputs #:allow-other-keys) (let* ((out (assoc-ref outputs "out")) @@ -646,10 +835,11 @@ data on your platform, so the seed itself will be as random as possible. "libdir=" out "/lib\n" "includedir=" out "/include\n\n" "Name: libcrypto++-" ,version "\n" - "Description: Class library of cryptographic schemes" + "Description: Class library of cryptographic schemes\n" "Version: " ,version "\n" "Libs: -L${libdir} -lcryptopp\n" - "Cflags: -I${includedir}\n")))))))))) + "Cflags: -I${includedir}\n")) + #t)))))))) (native-inputs `(("unzip" ,unzip))) (home-page "https://cryptopp.com/") @@ -702,17 +892,25 @@ BLAKE.") (version "1.3.9") (source (origin - (method git-fetch) - (uri (git-reference - (url "https://github.com/rhash/RHash") - (commit (string-append "v" version)))) - (file-name (git-file-name name version)) + (method url-fetch) + (uri (string-append "mirror://sourceforge/rhash/rhash/" version + "/rhash-" version "-src.tar.gz")) + (file-name (string-append "rhash-" version ".tar.gz")) (sha256 (base32 - "06i49x1l21h2q7pfnf4crbmjyg8b9ad0qs10ywyyn5sjpi0c21wq")))) + "1xn9fqa6rlnhsbgami45g82dlw9i1skg2sri3ydiinwak5ph1ca2")))) (build-system gnu-build-system) (arguments - `(#:make-flags + `(#:configure-flags + (list (string-append "--prefix=" (assoc-ref %outputs "out")) + ,@(let ((target (%current-target-system))) + (if target + `((string-append "--target=" ,target) + (string-append "--cc=" + (assoc-ref %build-inputs "cross-gcc") + "/bin/" ,target "-gcc")) + '()))) + #:make-flags ;; The binaries in /bin need some help finding librhash.so.0. (list (string-append "LDFLAGS=-Wl,-rpath=" %output "/lib")) #:test-target "test" ; ‘make check’ just checks the sources @@ -721,9 +919,8 @@ BLAKE.") (replace 'configure ;; ./configure is not GNU autotools' and doesn't gracefully handle ;; unrecognized options, so we must call it manually. - (lambda* (#:key outputs #:allow-other-keys) - (invoke "./configure" - (string-append "--prefix=" (assoc-ref outputs "out"))))) + (lambda* (#:key configure-flags #:allow-other-keys) + (apply invoke "./configure" configure-flags))) (add-before 'check 'patch-/bin/sh (lambda _ (substitute* "Makefile" @@ -746,14 +943,14 @@ SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R (define-public botan (package (name "botan") - (version "2.12.1") + (version "2.17.3") (source (origin (method url-fetch) (uri (string-append "https://botan.randombit.net/releases/" "Botan-" version ".tar.xz")) (sha256 (base32 - "1ada3ga7b0z4m0vjmxlvfi4nsic2l8kjcy85jwss3z2i58a5y0vy")))) + "121vn1aryk36cpks70kk4c4cfic5g0qs82bf92xap9258ijkn4kr")))) (build-system gnu-build-system) (arguments '(#:phases @@ -775,6 +972,8 @@ SHA256, SHA512, SHA3, AICH, ED2K, Tiger, DC++ TTH, BitTorrent BTIH, GOST R ;; Recommended by upstream "--with-zlib" "--with-bzip2" "--with-sqlite3")))) + (add-before 'check 'library-path-for-tests + (lambda _ (setenv "LD_LIBRARY_PATH" (getcwd)))) (replace 'check (lambda _ (invoke "./botan-test")))))) (native-inputs @@ -826,7 +1025,7 @@ security.") (source (origin (method git-fetch) (uri (git-reference - (url "https://github.com/vstakhov/asignify.git") + (url "https://github.com/vstakhov/asignify") (commit commit))) (file-name (git-file-name name version)) (sha256 @@ -890,10 +1089,10 @@ trivial to build for local use. Portability is emphasized over performance.") (license license:unlicense))) (define-public libsecp256k1 - (let ((commit "d644dda5c9dbdecee52d1aa259235510fdc2d4ee")) + (let ((commit "dbd41db16a0e91b2566820898a3ab2d7dad4fe00")) (package (name "libsecp256k1") - (version (git-version "20191213" "1" commit)) + (version (git-version "20200615" "1" commit)) (source (origin (method git-fetch) (uri (git-reference @@ -901,9 +1100,14 @@ trivial to build for local use. Portability is emphasized over performance.") (commit commit))) (sha256 (base32 - "0zmx32746khsm2cx0p3pdy3j2vkwmafvf7axiixijhgcg0xjv93i")) + "1fcpnksq5cqwqzshn5f0lq94b73p3frwbp04hgmmbnrndpqg6mpy")) (file-name (git-file-name name version)))) (build-system gnu-build-system) + (arguments + '(#:configure-flags '("--enable-module-recovery" + "--enable-experimental" + "--enable-module-ecdh" + "--enable-shared"))) (native-inputs `(("autoconf" ,autoconf) ("automake" ,automake) @@ -930,6 +1134,58 @@ Features: (home-page "https://github.com/bitcoin-core/secp256k1") (license license:unlicense)))) +(define-public libsecp256k1-bitcoin-cash + (package + (name "libsecp256k1-bitcoin-cash") + (version "0.22.1") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/Bitcoin-ABC/secp256k1") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 "1rnif3iny6pz1r3g69bagzr342mm3x0v66b60csnmm1rg44bd5v1")))) + (build-system gnu-build-system) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (arguments + '(#:configure-flags '("--enable-module-recovery" + "--enable-experimental" + "--enable-module-ecdh" + "--disable-jni" + "--with-bignum=no" + "--enable-module-schnorr" + "--disable-static" + "--enable-shared"))) + (synopsis "Optimized C library for EC operations on curve secp256k1") + (description + "Optimized C library for cryptographic operations on curve secp256k1. + +This library is used for consensus critical cryptographic operations on the +Bitcoin Cash network. + +Features: + +@itemize +@item secp256k1 ECDSA signing/verification and key generation. +@item secp256k1 Schnorr signing/verification (Bitcoin Cash Schnorr variant). +@item Additive and multiplicative tweaking of secret/public keys. +@item Serialization/parsing of secret keys, public keys, signatures. +@item Constant time, constant memory access signing and pubkey generation. +@item Derandomized ECDSA (via RFC6979 or with a caller provided function). +@item Very efficient implementation. +@item Suitable for embedded systems. +@item Optional module for public key recovery. +@item Optional module for ECDH key exchange (experimental). +@item Optional module for multiset hash (experimental). +@end itemize\n") + (home-page "https://github.com/Bitcoin-ABC/secp256k1") + (license license:expat))) + (define-public stoken (package (name "stoken") @@ -1007,7 +1263,7 @@ quickly by using all your CPU cores and hardware acceleration.") (define-public minisign (package (name "minisign") - (version "0.8") + (version "0.9") (source (origin (method url-fetch) @@ -1015,8 +1271,7 @@ quickly by using all your CPU cores and hardware acceleration.") (string-append "https://github.com/jedisct1/minisign/releases/download/" version "/minisign-" version ".tar.gz")) (sha256 - (base32 - "10hhgwxf9rcdlr00shrkcyxndrc22dh5lj8k5z27xg3nc0jba3hk")))) + (base32 "1h9cfvvm6lqq33b2wdar1x3w4k7zyrscavllyb0l5dmcdabq60r2")))) (build-system cmake-build-system) (arguments ; No test suite @@ -1036,3 +1291,144 @@ minisign uses a slightly different format to store secret keys. Minisign signatures include trusted comments in addition to untrusted comments. Trusted comments are signed, thus verified, before being displayed.") (license license:isc))) + +(define-public libolm + (package + (name "libolm") + (version "3.2.2") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://git.matrix.org/git/olm") + (commit version))) + (sha256 + (base32 + "0qji25wiwmkxyfpraxj96c54hyayqmjkvwh0gsy5gb5pz5bp4mcy")) + (file-name (git-file-name name version)))) + (build-system cmake-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (replace 'check + (lambda _ + (with-directory-excursion "tests" + (invoke "ctest" "."))))))) + (synopsis "Implementation of the olm and megolm cryptographic ratchets") + (description "The libolm library implements the Double Ratchet +cryptographic ratchet. It is written in C and C++11, and exposed as a C +API.") + (home-page "https://matrix.org/docs/projects/other/olm/") + (license license:asl2.0))) + +(define-public hash-extender + (let ((commit "cb8aaee49f93e9c0d2f03eb3cafb429c9eed723d") + (revision "2")) + (package + (name "hash-extender") + (version (git-version "0.0" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/iagox86/hash_extender") + (commit commit))) + (sha256 + (base32 + "1fj118566hr1wv03az2w0iqknazsqqkak0mvlcvwpgr6midjqi9b")) + (file-name (git-file-name name version)))) + (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (delete 'configure) + (replace 'check + (lambda _ + (invoke "./hash_extender_test"))) + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((outdir (assoc-ref outputs "out")) + (bindir (string-append outdir "/bin")) + (docdir (string-append outdir + "/share/doc/hash-extender-" + ,version))) + (install-file "hash_extender" bindir) + (install-file "README.md" docdir) + #t)))))) + (inputs + `(("openssl" ,openssl))) + (synopsis "Tool for hash length extension attacks") + (description "@command{hash_extender} is a utility for performing hash +length extension attacks supporting MD4, MD5, RIPEMD-160, SHA-0, SHA-1, +SHA-256, SHA-512, and WHIRLPOOL hashes.") + (home-page "https://github.com/iagox86/hash_extender") + (license license:bsd-3)))) + +(define-public mkp224o + (package + (name "mkp224o") + (version "1.5.0") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/cathugger/mkp224o") + (commit (string-append "v" version)))) + (sha256 + (base32 + "0b2cn96wg4l8jkkqqp8l2295xlmm2jc8nrw6rdqb5g0zkpfmrxbb")) + (file-name (git-file-name name version)))) + (build-system gnu-build-system) + (arguments + `(#:tests? #f ; no test suite + #:phases + (modify-phases %standard-phases + (replace 'install + (lambda* (#:key outputs #:allow-other-keys) + (let* ((outdir (assoc-ref outputs "out")) + (bindir (string-append outdir "/bin"))) + (install-file "mkp224o" bindir) + #t)))))) + (native-inputs + `(("autoconf" ,autoconf))) + (inputs + `(("libsodium" ,libsodium))) + (synopsis "Tor hidden service v3 name generator") + (description "@code{mkp224o} generates valid ed25519 (hidden service +version 3) onion addresses. It allows one to produce customized vanity .onion +addresses using a brute-force method.") + (home-page "https://github.com/cathugger/mkp224o") + (license license:cc0))) + +(define-public transcrypt + (package + (name "transcrypt") + (version "2.1.0") + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/elasticdog/transcrypt") + (commit (string-append "v" version)))) + (sha256 + (base32 "0bpz1hazbhfb6pqi68x55kq6a31bgh6vwij836slmi4jqiwvnh5a")) + (file-name (git-file-name name version)))) + (inputs + `(("git" ,git) + ("openssl" ,openssl))) + (build-system copy-build-system) + (arguments + `(#:install-plan + '(("transcrypt" "bin/transcrypt") + ("man/transcrypt.1" "share/man/man1/transcrypt.1") + ("contrib/bash/transcrypt" + "share/bash-completion/completions/transcrypt") + ("contrib/zsh/_transcrypt" + "share/zsh/site-functions/_transcrypt")))) + (home-page "https://github.com/elasticdog/transcrypt") + (synopsis "Transparently encrypt files within a git repository") + (description + "Transcrypt is a script to configure transparent encryption of sensitive +files stored in a Git repository. Files that you choose will be automatically +encrypted when you commit them, and automatically decrypted when you check +them out. The process will degrade gracefully, so even people without your +encryption password can safely commit changes to the repository's +non-encrypted files.") + (license license:expat)))