summary refs log tree commit diff
path: root/gnu/packages/security-token.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2019-05-01 23:11:41 +0200
committerMarius Bakke <mbakke@fastmail.com>2019-05-01 23:11:41 +0200
commit3b458d5462e6bbd852c2dc5c6670d5655abf53f5 (patch)
tree4f3ccec0de1c355134369333c17e948e3258d546 /gnu/packages/security-token.scm
parent2ca3fdc2db1aef96fbf702a2f26f5e18ce832038 (diff)
parent14da3daafc8dd92fdabd3367694c930440fd72cb (diff)
downloadguix-3b458d5462e6bbd852c2dc5c6670d5655abf53f5.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/security-token.scm')
-rw-r--r--gnu/packages/security-token.scm224
1 files changed, 217 insertions, 7 deletions
diff --git a/gnu/packages/security-token.scm b/gnu/packages/security-token.scm
index ba5bb5b4c6..8aa3f0caef 100644
--- a/gnu/packages/security-token.scm
+++ b/gnu/packages/security-token.scm
@@ -6,7 +6,7 @@
 ;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
 ;;; Copyright © 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
-;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
+;;; Copyright © 2018, 2019 Chris Marusich <cmmarusich@gmail.com>
 ;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
 ;;;
 ;;; This file is part of GNU Guix.
@@ -29,14 +29,17 @@
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (guix packages)
   #:use-module (guix download)
+  #:use-module (guix gexp)
   #:use-module (guix git-download)
   #:use-module (guix build-system gnu)
   #:use-module (guix build-system glib-or-gtk)
+  #:use-module (guix build-system python)
   #:use-module (gnu packages autotools)
   #:use-module (gnu packages curl)
   #:use-module (gnu packages check)
   #:use-module (gnu packages docbook)
   #:use-module (gnu packages documentation)
+  #:use-module (gnu packages dns)
   #:use-module (gnu packages gettext)
   #:use-module (gnu packages graphviz)
   #:use-module (gnu packages gtk)
@@ -51,6 +54,10 @@
   #:use-module (gnu packages tex)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
+  #:use-module (gnu packages python-xyz)
+  #:use-module (gnu packages swig)
   #:use-module (gnu packages web)
   #:use-module (gnu packages xml))
 
@@ -95,15 +102,16 @@ readers and is needed to communicate with such devices through the
 (define-public eid-mw
   (package
     (name "eid-mw")
-    (version "4.4.13")
+    (version "4.4.16")
     (source
      (origin
        (method git-fetch)
        (uri (git-reference
              (url "https://github.com/Fedict/eid-mw")
              (commit (string-append "v" version))))
+       (file-name (git-file-name name version))
        (sha256
-        (base32 "14bgn2k0xbd6241qdghg787pgxy7k9rvcspaf74zwwyibaqknzyx"))))
+        (base32 "1q82fw63xzrnrgh1wyh457hal6vfdl6swqfq7l6kviywiwlzx7kd"))))
     (build-system glib-or-gtk-build-system)
     (native-inputs
      `(("autoconf" ,autoconf)
@@ -161,7 +169,7 @@ the low-level development kit for the Yubico YubiKey authentication device.")
 (define-public pcsc-lite
   (package
     (name "pcsc-lite")
-    (version "1.8.24")
+    (version "1.8.25")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -169,7 +177,7 @@ the low-level development kit for the Yubico YubiKey authentication device.")
                     name "-" version ".tar.bz2"))
               (sha256
                (base32
-                "0s3mv6csbi9303vvis0hilm71xsmi6cqkbh2kiipdisydbx6865q"))))
+                "14l7irs1nsh8b036ag4cfy8wryyysch78scz5dw6xxqwqgnpjvfp"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
@@ -312,7 +320,7 @@ and other operations.  It includes a library and a command-line tool.")
 (define-public yubikey-personalization
   (package
     (name "yubikey-personalization")
-    (version "1.19.0")
+    (version "1.19.3")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -320,7 +328,7 @@ and other operations.  It includes a library and a command-line tool.")
                     "/Releases/ykpers-" version ".tar.gz"))
               (sha256
                (base32
-                "104lc0nnqdr365fa7c4vrq67rxp1dp8idndsh9jlhnj9dnhszj1b"))))
+                "0jhvnavjrpwzmmjcw486df5s48j53njqgyz36yz3dskbaz3kwlfr"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags (list (string-append "--with-udevrulesdir="
@@ -341,3 +349,205 @@ and other operations.  It includes a library and a command-line tool.")
 line tools for personalizing YubiKeys.  You can use these to set an AES key,
 retrieve a YubiKey's serial number, and so forth.")
     (license license:bsd-2)))
+
+(define-public python-pyscard
+  (package
+    (name "python-pyscard")
+    (version "1.9.8")
+    (source (origin
+              (method url-fetch)
+              ;; The maintainer publishes releases on various sites, but
+              ;; SourceForge is apparently the only one with a signed release.
+              (uri (string-append
+                    "mirror://sourceforge/pyscard/pyscard/pyscard%20"
+                    version "/pyscard-" version ".tar.gz"))
+              (sha256
+               (base32
+                "15fh00z1an6r5j7hrz3jlq0rb3jygwf3x4jcwsa008bv8vpcg7gm"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; Tell pyscard where to find the PCSC include directory.
+         (add-after 'unpack 'patch-platform-include-dirs
+           (lambda* (#:key inputs #:allow-other-keys)
+             (let ((pcsc-include-dir (string-append
+                                      (assoc-ref inputs "pcsc-lite")
+                                      "/include/PCSC")))
+               (substitute* "setup.py"
+                 (("platform_include_dirs = \\[.*?\\]")
+                  (string-append
+                   "platform_include_dirs = ['" pcsc-include-dir "']")))
+               #t)))
+         ;; pyscard wants to dlopen libpcsclite, so tell it where it is.
+         (add-after 'unpack 'patch-dlopen
+           (lambda* (#:key inputs #:allow-other-keys)
+             (substitute* "smartcard/scard/winscarddll.c"
+               (("lib = \"libpcsclite\\.so\\.1\";")
+                (simple-format #f
+                               "lib = \"~a\";"
+                               (string-append (assoc-ref inputs "pcsc-lite")
+                                              "/lib/libpcsclite.so.1"))))
+             #t)))))
+    (inputs
+     `(("pcsc-lite" ,pcsc-lite)))
+    (native-inputs
+     `(("swig" ,swig)))
+    (home-page "https://github.com/LudovicRousseau/pyscard")
+    (synopsis "Smart card library for Python")
+    (description
+     "The pyscard smart card library is a framework for building smart card
+aware applications in Python.  The smart card module is built on top of the
+PCSC API Python wrapper module.")
+    (license license:lgpl2.1+)))
+
+(define-public python2-pyscard
+  (package-with-python2 python-pyscard))
+
+(define-public libu2f-host
+  (package
+    (name "libu2f-host")
+    (version "1.1.9")
+    (source (origin
+              (method url-fetch)
+              (uri
+               (string-append
+                "https://developers.yubico.com"
+                "/libu2f-host/Releases/libu2f-host-" version ".tar.xz"))
+              (sha256
+               (base32
+                "1hnh3f4scx07v9jfkr1nnxasmydk1cmivn0nijcp2p75bc1fznip"))))
+    (build-system gnu-build-system)
+    (arguments
+     `(#:configure-flags
+       (list "--enable-gtk-doc"
+             (string-append "--with-udevrulesdir="
+                            (assoc-ref %outputs "out")
+                            "/lib/udev/rules.d"))
+       #:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'patch-docbook-xml
+           (lambda* (#:key inputs #:allow-other-keys)
+             ;; Avoid a network connection attempt during the build.
+             (substitute* "gtk-doc/u2f-host-docs.xml"
+               (("http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd")
+                (string-append (assoc-ref inputs "docbook-xml")
+                               "/xml/dtd/docbook/docbookx.dtd")))
+             #t)))))
+    (inputs
+     `(("json-c" ,json-c)
+       ("hidapi" ,hidapi)))
+    (native-inputs
+     `(("help2man" ,help2man)
+       ("gengetopt" ,gengetopt)
+       ("pkg-config" ,pkg-config)
+       ("gtk-doc" ,gtk-doc)
+       ("docbook-xml" ,docbook-xml-4.3)
+       ("eudev" ,eudev)))
+    (home-page "https://developers.yubico.com/libu2f-host/")
+    ;; TRANSLATORS: The U2F protocol has a "server side" and a "host side".
+    (synopsis "U2F host-side C library and tool")
+    (description
+     "Libu2f-host provides a C library and command-line tool that implements
+the host-side of the Universal 2nd Factor (U2F) protocol.  There are APIs to
+talk to a U2F device and perform the U2F Register and U2F Authenticate
+operations.")
+    ;; Most files are LGPLv2.1+, but some files are GPLv3+.
+    (license (list license:lgpl2.1+ license:gpl3+))))
+
+(define-public python-fido2
+  (package
+    (name "python-fido2")
+    (version "0.5.0")
+    (source (origin
+              (method url-fetch)
+              (uri
+               (string-append
+                "https://github.com/Yubico/python-fido2/releases/download/"
+                version "/fido2-" version ".tar.gz"))
+              (sha256
+               (base32
+                "1pl8d2pr6jzqj4y9qiaddhjgnl92kikjxy0bgzm2jshkzzic8mp3"))
+              (snippet
+               ;; Remove bundled dependency.
+               #~(delete-file "fido2/public_suffix_list.dat"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-after 'unpack 'install-public-suffix-list
+           (lambda* (#:key inputs #:allow-other-keys)
+             (copy-file
+              (string-append (assoc-ref inputs "public-suffix-list")
+                             "/share/public-suffix-list-"
+                             ,(package-version public-suffix-list)
+                             "/public_suffix_list.dat")
+              "fido2/public_suffix_list.dat")
+             #t)))))
+    (propagated-inputs
+     `(("python-cryptography" ,python-cryptography)
+       ("python-six" ,python-six)))
+    (native-inputs
+     `(("python-mock" ,python-mock)
+       ("python-pyfakefs" ,python-pyfakefs)
+       ("public-suffix-list" ,public-suffix-list)))
+    (home-page "https://github.com/Yubico/python-fido2")
+    (synopsis "Python library for communicating with FIDO devices over USB")
+    (description
+     "This Python library provides functionality for communicating with a Fast
+IDentity Online (FIDO) device over Universal Serial Bus (USB) as well as
+verifying attestation and assertion signatures.  It aims to support the FIDO
+Universal 2nd Factor (U2F) and FIDO 2.0 protocols for communicating with a USB
+authenticator via the Client-to-Authenticator Protocol (CTAP 1 and 2).  In
+addition to this low-level device access, classes defined in the
+@code{fido2.client} and @code{fido2.server} modules implement higher level
+operations which are useful when interfacing with an Authenticator, or when
+implementing a Relying Party.")
+    ;; python-fido2 contains some derivative files originally from pyu2f
+    ;; (https://github.com/google/pyu2f).  These files are licensed under the
+    ;; Apache License, version 2.0.  The maintainers have customized these
+    ;; files for internal use, so they are not really a bundled dependency.
+    (license (list license:bsd-2 license:asl2.0))))
+
+(define-public python2-fido2
+  (package-with-python2 python-fido2))
+
+(define-public python-yubikey-manager
+  (package
+    (name "python-yubikey-manager")
+    (version "2.1.0")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append
+                    "https://developers.yubico.com/yubikey-manager/Releases"
+                    "/yubikey-manager-" version ".tar.gz"))
+              (sha256
+               (base32
+                "11rsmcaj60k3y5m5gdhr2nbbz0w5dm3m04klyxz0fh5hnpcmr7fm"))))
+    (build-system python-build-system)
+    (propagated-inputs
+     `(("python-six" ,python-six)
+       ("python-pyscard" ,python-pyscard)
+       ("python-pyusb" ,python-pyusb)
+       ("python-click" ,python-click)
+       ("python-cryptography" ,python-cryptography)
+       ("python-pyopenssl" ,python-pyopenssl)
+       ("python-fido2" ,python-fido2)))
+    (inputs
+     `(("yubikey-personalization" ,yubikey-personalization)
+       ("pcsc-lite" ,pcsc-lite)
+       ("libusb" ,libusb)))
+    (native-inputs
+     `(("swig" ,swig)
+       ("python-mock" ,python-mock)))
+    (home-page "https://developers.yubico.com/yubikey-manager/")
+    (synopsis "Command line tool and library for configuring a YubiKey")
+    (description
+     "Python library and command line tool for configuring a YubiKey.  Note
+that after installing this package, you might still need to add appropriate
+udev rules to your system configuration to be able to configure the YubiKey as
+an unprivileged user.")
+    (license license:bsd-2)))
+
+(define-public python2-yubikey-manager
+  (package-with-python2 python-yubikey-manager))