diff options
Diffstat (limited to 'gnu/packages/crypto.scm')
| -rw-r--r-- | gnu/packages/crypto.scm | 209 |
1 files changed, 162 insertions, 47 deletions
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm index 920c346b70..88e9038dc3 100644 --- a/gnu/packages/crypto.scm +++ b/gnu/packages/crypto.scm @@ -4,6 +4,8 @@ ;;; Copyright © 2016 Leo Famulari <leo@famulari.name> ;;; Copyright © 2016 Lukas Gradl <lgradl@openmailbox> ;;; Copyright © 2016 Tobias Geerinckx-Rice <me@tobias.gr> +;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is> +;;; Copyright © 2016 Eric Bavier <bavier@member.fsf.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -22,9 +24,15 @@ (define-module (gnu packages crypto) #:use-module (gnu packages) + #:use-module (gnu packages admin) + #:use-module (gnu packages aidc) + #:use-module (gnu packages attr) #:use-module (gnu packages autotools) #:use-module (gnu packages boost) + #:use-module (gnu packages cryptsetup) #:use-module (gnu packages gettext) + #:use-module (gnu packages gnupg) + #:use-module (gnu packages image) #:use-module (gnu packages pkg-config) #:use-module (gnu packages libbsd) #:use-module (gnu packages linux) @@ -32,11 +40,17 @@ #:use-module (gnu packages password-utils) #:use-module (gnu packages perl) #:use-module (gnu packages readline) + #:use-module (gnu packages search) #:use-module (gnu packages serialization) + #:use-module (gnu packages shells) + #:use-module (gnu packages tcl) #:use-module (gnu packages tls) + #:use-module (gnu packages xml) #:use-module ((guix licenses) #:prefix license:) #:use-module (guix packages) #:use-module (guix download) + #:use-module (guix git-download) + #:use-module (guix build-system cmake) #:use-module (guix build-system gnu)) (define-public libsodium @@ -133,9 +147,10 @@ OpenBSD tool of the same name.") (inputs `(("gnutls" ,gnutls) ("nettle" ,nettle) - ("msgpack" ,msgpack) ("readline" ,readline) ("argon2" ,argon2))) + (propagated-inputs + `(("msgpack" ,msgpack))) ;included in several installed headers (native-inputs `(("autoconf" ,autoconf) ("pkg-config" ,pkg-config) @@ -154,36 +169,10 @@ be used to manage peer-to-peer network connections as needed for real time communication.") (license license:gpl3))) -(define rlog - (package - (name "rlog") - (version "1.4") - (source - (origin - (method url-fetch) - (uri - (string-append "http://rlog.googlecode.com/files/rlog-" - version ".tar.gz")) - (sha256 - (base32 - "0y9zg0pd7vmnskwac1qdyzl282z7kb01nmn57lsg2mjdxgnywf59")))) - (build-system gnu-build-system) - (arguments - `(#:phases (modify-phases %standard-phases - (add-before 'configure 'patch-/bin/sh - (lambda _ - (substitute* "docs/Makefile.in" - (("/bin/sh") "sh"))))))) - (home-page "http://www.arg0.net/rlog") - (synopsis "Flexible message logging library for EncFS") - (description - "RLog provides message logging for EncFS. It is no longer maintained.") - (license license:lgpl2.1+))) - (define-public encfs (package (name "encfs") - (version "1.8.1") + (version "1.9.1") (source (origin (method url-fetch) @@ -192,27 +181,26 @@ communication.") version "/encfs-" version ".tar.gz")) (sha256 (base32 - "1lfmcsk187qr6ahy8c8959p7jrk9d5rd9kcsx572850ca3zmf0la")))) - (build-system gnu-build-system) - (arguments - `(#:configure-flags '("--with-boost-serialization=boost_wserialization" - "--with-boost-filesystem=boost_filesystem") - #:phases (modify-phases %standard-phases - (add-before 'configure 'autoconf - (lambda _ - (zero? (system* "autoreconf" "-vfi"))))))) + "1906254dg5hwljh0h4gyrw09ms3b57dlhjfzhfzffv50yzpkl837")) + (modules '((guix build utils))) + ;; Remove bundled dependencies in favour of proper inputs. + (snippet '(for-each delete-file-recursively + (find-files "internal" "^tinyxml2-[0-9]" + #:directories? #t))))) + (build-system cmake-build-system) (native-inputs - `(("autoconf" ,autoconf) - ("automake" ,automake) - ("gettext" ,gettext-minimal) - ("libtool" ,libtool) - ("perl" ,perl) - ("pkg-config" ,pkg-config))) + `(("gettext" ,gettext-minimal) + + ;; Test dependencies. + ("expect" ,expect) + ("perl" ,perl))) (inputs - `(("boost" ,boost) + `(("attr" ,attr) ("fuse" ,fuse) ("openssl" ,openssl) - ("rlog" ,rlog))) + ("tinyxml2" ,tinyxml2))) + (arguments + `(#:configure-flags (list "-DUSE_INTERNAL_TINYXML=OFF"))) (home-page "https://vgough.github.io/encfs") (synopsis "Encrypted virtual file system") (description @@ -221,8 +209,9 @@ created under an EncFS mount point is stored as a separate encrypted file on the underlying file system. Like most encrypted file systems, EncFS is meant to provide security against off-line attacks, such as a drive falling into the wrong hands.") - (license (list license:lgpl3+ ;encfs library - license:gpl3+)))) ;command-line tools + (license (list license:expat ; internal/easylogging++.h + license:lgpl3+ ; encfs library + license:gpl3+)))) ; command-line tools (define-public keyutils (package @@ -263,3 +252,129 @@ gain and retain the authorization and encryption keys required to perform secure operations. ") (license (list license:lgpl2.1+ ; the files keyutils.* license:gpl2+)))) ; the rest + +;; There is no release candidate but commits point out a version number, +;; furthermore no tarball exists. +(define-public eschalot + (let ((commit "0bf31d88a11898c19b1ed25ddd2aff7b35dbac44") + (revision "1")) + (package + (name "eschalot") + (version (string-append "1.2.0-" revision "." (string-take commit 7))) + (source + (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/schnabear/eschalot") + (commit commit))) + (file-name (string-append name "-" version)) + (sha256 + (base32 + "0lj38ldh8vzi11wp4ghw4k0fkwp0s04zv8k8d473p1snmbh7mx98")))) + (inputs + `(("openssl" ,openssl))) ; It needs: openssl/{bn,pem,rsa,sha}.h + (build-system gnu-build-system) + (arguments + `(#:make-flags (list "CC=gcc" + (string-append "PREFIX=" (assoc-ref %outputs "out")) + (string-append "INSTALL=" "install")) + ;; XXX: make test would run a !VERY! long hashing of names with the use + ;; of a wordlist, the amount of computing time this would waste on build + ;; servers is in no relation to the size or importance of this small + ;; application, therefore we run our own tests on eschalot and worgen. + #:phases + (modify-phases %standard-phases + (delete 'configure) + (replace 'check + (lambda _ + (and + (zero? (system* "./worgen" "8-12" "top1000.txt" "3-10" "top400nouns.txt" + "3-6" "top150adjectives.txt" "3-6")) + (zero? (system* "./eschalot" "-r" "^guix|^guixsd")) + (zero? (system* "./eschalot" "-r" "^gnu|^free")) + (zero? (system* "./eschalot" "-r" "^cyber|^hack")) + (zero? (system* "./eschalot" "-r" "^troll"))))) + ;; Make install can not create the bin dir, create it. + (add-before 'install 'create-bin-dir + (lambda* (#:key outputs #:allow-other-keys) + (let* ((out (assoc-ref outputs "out")) + (bin (string-append out "/bin"))) + (mkdir-p bin) + #t)))))) + (home-page "https://github.com/schnabear/eschalot") + (synopsis "Tor hidden service name generator") + (description + "Eschalot is a tor hidden service name generator, it allows one to +produce customized vanity .onion addresses using a brute-force method. Searches +for valid names can be run with regular expressions and wordlists. For the +generation of wordlists the included tool @code{worgen} can be used. There is +no man page, refer to the home page for usage details.") + (license (list license:isc license:expat))))) + +(define-public tomb + (package + (name "tomb") + (version "2.2") + (source (origin + (method url-fetch) + (uri (string-append "https://files.dyne.org/tomb/" + "tomb-" version ".tar.gz")) + (sha256 + (base32 + "11msj38fdmymiqcmwq1883kjqi5zr01ybdjj58rfjjrw4zw2w5y0")))) + (build-system gnu-build-system) + (inputs + `(("zsh" ,zsh) + ("sudo" ,sudo) + ("gnupg" ,gnupg) + ("cryptsetup" ,cryptsetup) + ("e2fsprogs" ,e2fsprogs) ;for mkfs.ext4 + ("gettext" ,gnu-gettext) ;used at runtime + ("mlocate" ,mlocate) + ("pinentry" ,pinentry) + ("qrencode" ,qrencode) + ("steghide" ,steghide) + ("swish-e" ,swish-e))) + (arguments + `(#:make-flags (list (string-append "PREFIX=" (assoc-ref %outputs "out"))) + ;; TODO: Build and install gtk and qt trays + #:phases + (modify-phases %standard-phases + (delete 'configure) ;no configuration to be done + (add-after 'install 'i18n + (lambda* (#:key make-flags #:allow-other-keys) + (zero? (apply system* + "make" "-C" "extras/translations" + "install" make-flags)))) + (add-after 'install 'wrap + (lambda* (#:key inputs outputs #:allow-other-keys) + (let ((out (assoc-ref outputs "out"))) + (wrap-program (string-append out "/bin/tomb") + `("PATH" ":" prefix + (,(string-append (assoc-ref inputs "mlocate") "/bin") + ,@(map (lambda (program) + (or (and=> (which program) dirname) + (error "program not found:" program))) + '("seq" "mkfs.ext4" "pinentry" "sudo" + "gpg" "cryptsetup" "gettext" + "qrencode" "steghide" "swish-e"))))) + #t))) + (delete 'check) + (add-after 'wrap 'check + (lambda* (#:key outputs #:allow-other-keys) + ;; Running the full tests requires sudo/root access for + ;; cryptsetup, which is not available in the build environment. + ;; But we can run `tomb dig` without root, so make sure that + ;; works. TODO: It Would Be Nice to check the expected "index", + ;; "search", "bury", and "exhume" features are available by + ;; querying `tomb -h`. + (let ((tomb (string-append (assoc-ref outputs "out") + "/bin/tomb"))) + (zero? (system* tomb "dig" "-s" "10" "secrets.tomb")))))))) + (home-page "http://www.dyne.org/software/tomb") + (synopsis "File encryption for secret data") + (description + "Tomb is an application to manage the creation and access of encrypted +storage files: it can be operated from commandline and it can integrate with a +user's graphical desktop.") + (license license:gpl3+))) |