2014-12-06 18:02:43 -05:00
|
|
|
|
;;; GNU Guix --- Functional package management for GNU
|
|
|
|
|
;;; Copyright © 2014 Ludovic Courtès <ludo@gnu.org>
|
2016-02-18 03:49:11 -05:00
|
|
|
|
;;; Copyright © 2016 Efraim Flashner <efraim@flashner.co.il>
|
2016-10-22 12:04:24 -04:00
|
|
|
|
;;; Copyright © 2016 Mike Gerwitz <mtg@gnu.org>
|
2016-10-24 11:00:31 -04:00
|
|
|
|
;;; Copyright © 2016 Marius Bakke <mbakke@fastmail.com>
|
2017-04-26 14:37:10 -04:00
|
|
|
|
;;; Copyright © 2017 Thomas Danckaert <post@thomasdanckaert.be>
|
2018-06-04 12:19:43 -04:00
|
|
|
|
;;; Copyright © 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr>
|
2017-12-19 03:30:27 -05:00
|
|
|
|
;;; Copyright © 2017 Ricardo Wurmus <rekado@elephly.net>
|
2018-04-28 03:49:35 -04:00
|
|
|
|
;;; Copyright © 2018 Chris Marusich <cmmarusich@gmail.com>
|
2018-08-09 09:49:03 -04:00
|
|
|
|
;;; Copyright © 2018 Arun Isaac <arunisaac@systemreboot.net>
|
2014-12-06 18:02:43 -05:00
|
|
|
|
;;;
|
|
|
|
|
;;; This file is part of GNU Guix.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is free software; you can redistribute it and/or modify it
|
|
|
|
|
;;; under the terms of the GNU General Public License as published by
|
|
|
|
|
;;; the Free Software Foundation; either version 3 of the License, or (at
|
|
|
|
|
;;; your option) any later version.
|
|
|
|
|
;;;
|
|
|
|
|
;;; GNU Guix is distributed in the hope that it will be useful, but
|
|
|
|
|
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
;;; GNU General Public License for more details.
|
|
|
|
|
;;;
|
|
|
|
|
;;; You should have received a copy of the GNU General Public License
|
|
|
|
|
;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
2016-10-26 02:33:24 -04:00
|
|
|
|
(define-module (gnu packages security-token)
|
2014-12-06 18:02:43 -05:00
|
|
|
|
#:use-module (gnu packages)
|
2016-10-26 06:00:58 -04:00
|
|
|
|
#:use-module ((guix licenses) #:prefix license:)
|
2014-12-06 18:02:43 -05:00
|
|
|
|
#:use-module (guix packages)
|
|
|
|
|
#:use-module (guix download)
|
2018-06-22 15:08:52 -04:00
|
|
|
|
#:use-module (guix git-download)
|
2014-12-06 18:02:43 -05:00
|
|
|
|
#:use-module (guix build-system gnu)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (guix build-system glib-or-gtk)
|
|
|
|
|
#:use-module (gnu packages autotools)
|
2016-10-22 12:04:24 -04:00
|
|
|
|
#:use-module (gnu packages curl)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
#:use-module (gnu packages check)
|
2018-04-28 03:49:35 -04:00
|
|
|
|
#:use-module (gnu packages docbook)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
#:use-module (gnu packages documentation)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (gnu packages gettext)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
#:use-module (gnu packages graphviz)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (gnu packages gtk)
|
2016-10-24 11:00:31 -04:00
|
|
|
|
#:use-module (gnu packages libusb)
|
2016-10-22 12:04:24 -04:00
|
|
|
|
#:use-module (gnu packages linux)
|
2014-12-06 18:02:43 -05:00
|
|
|
|
#:use-module (gnu packages man)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (gnu packages networking)
|
|
|
|
|
#:use-module (gnu packages cyrus-sasl)
|
2018-08-15 08:52:58 -04:00
|
|
|
|
#:use-module (gnu packages popt)
|
2018-04-28 03:49:35 -04:00
|
|
|
|
#:use-module (gnu packages readline)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (gnu packages tls)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
#:use-module (gnu packages tex)
|
2016-10-22 12:04:24 -04:00
|
|
|
|
#:use-module (gnu packages perl)
|
2017-04-26 14:37:10 -04:00
|
|
|
|
#:use-module (gnu packages pkg-config)
|
|
|
|
|
#:use-module (gnu packages xml))
|
2014-12-06 18:02:43 -05:00
|
|
|
|
|
2016-10-24 11:00:31 -04:00
|
|
|
|
(define-public ccid
|
|
|
|
|
(package
|
|
|
|
|
(name "ccid")
|
2018-09-19 22:40:41 -04:00
|
|
|
|
(version "1.4.30")
|
2016-10-24 11:00:31 -04:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
2018-06-04 12:19:43 -04:00
|
|
|
|
"https://ccid.apdu.fr/files/"
|
|
|
|
|
name "-" version ".tar.bz2"))
|
2016-10-24 11:00:31 -04:00
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
2018-09-19 22:40:41 -04:00
|
|
|
|
"0z7zafdg75fr1adlv2x0zz34s07gljcjg2lsz76s1048w1xhh5xc"))))
|
2016-10-24 11:00:31 -04:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
(arguments
|
|
|
|
|
`(#:configure-flags (list (string-append "--enable-usbdropdir=" %output
|
|
|
|
|
"/pcsc/drivers"))
|
|
|
|
|
#:phases
|
|
|
|
|
(modify-phases %standard-phases
|
|
|
|
|
(add-after 'unpack 'patch-Makefile
|
|
|
|
|
(lambda _
|
|
|
|
|
(substitute* "src/Makefile.in"
|
|
|
|
|
(("/bin/echo") (which "echo")))
|
|
|
|
|
#t)))))
|
|
|
|
|
(native-inputs
|
2018-09-19 22:40:41 -04:00
|
|
|
|
`(("pcsc-lite" ,pcsc-lite) ; only required for headers
|
2018-08-09 09:49:03 -04:00
|
|
|
|
("perl" ,perl)
|
2016-10-24 11:00:31 -04:00
|
|
|
|
("pkg-config" ,pkg-config)))
|
|
|
|
|
(inputs
|
2018-08-09 09:49:03 -04:00
|
|
|
|
`(("libusb" ,libusb)))
|
2018-06-04 12:19:43 -04:00
|
|
|
|
(home-page "https://ccid.apdu.fr/")
|
2016-10-24 11:00:31 -04:00
|
|
|
|
(synopsis "PC/SC driver for USB smart card devices")
|
|
|
|
|
(description
|
|
|
|
|
"This package provides a PC/SC IFD handler implementation for devices
|
|
|
|
|
compliant with the CCID and ICCD protocols. It supports a wide range of
|
|
|
|
|
readers and is needed to communicate with such devices through the
|
|
|
|
|
@command{pcscd} resource manager.")
|
|
|
|
|
(license license:lgpl2.1+)))
|
|
|
|
|
|
2017-04-26 14:37:10 -04:00
|
|
|
|
(define-public eid-mw
|
|
|
|
|
(package
|
|
|
|
|
(name "eid-mw")
|
2018-06-22 15:16:31 -04:00
|
|
|
|
(version "4.4.3")
|
2018-06-22 15:08:52 -04:00
|
|
|
|
(source
|
|
|
|
|
(origin
|
|
|
|
|
(method git-fetch)
|
|
|
|
|
(uri (git-reference
|
|
|
|
|
(url "https://github.com/Fedict/eid-mw")
|
|
|
|
|
(commit (string-append "v" version))))
|
|
|
|
|
(sha256
|
2018-06-22 15:16:31 -04:00
|
|
|
|
(base32 "1h90iz4l85drchpkmhlsvg7f9abhw6890fdr9x5n5ir3kxikwcdm"))))
|
2017-04-26 14:37:10 -04:00
|
|
|
|
(build-system glib-or-gtk-build-system)
|
2017-11-16 18:26:42 -05:00
|
|
|
|
(native-inputs
|
2017-04-26 14:37:10 -04:00
|
|
|
|
`(("autoconf" ,autoconf)
|
|
|
|
|
("automake" ,automake)
|
|
|
|
|
("gettext" ,gnu-gettext)
|
|
|
|
|
("libtool" ,libtool)
|
|
|
|
|
("pkg-config" ,pkg-config)
|
|
|
|
|
("perl" ,perl)))
|
|
|
|
|
(inputs
|
|
|
|
|
`(("curl" ,curl)
|
|
|
|
|
("openssl" ,openssl)
|
|
|
|
|
("gtk+" ,gtk+)
|
|
|
|
|
("pcsc-lite" ,pcsc-lite)
|
|
|
|
|
("p11-kit" ,p11-kit)
|
|
|
|
|
("libproxy" ,libproxy)
|
|
|
|
|
("libxml2" ,libxml2)
|
|
|
|
|
("cyrus-sasl" ,cyrus-sasl)))
|
|
|
|
|
(arguments
|
|
|
|
|
`(#:phases
|
|
|
|
|
(modify-phases %standard-phases
|
2018-06-22 15:06:15 -04:00
|
|
|
|
(add-after 'unpack 'bootstrap
|
|
|
|
|
(lambda _
|
|
|
|
|
;; configure.ac relies on ‘git --describe’ to get the version.
|
|
|
|
|
;; Patch it to just return the real version number directly.
|
|
|
|
|
(substitute* "scripts/build-aux/genver.sh"
|
|
|
|
|
(("/bin/sh") (which "sh"))
|
|
|
|
|
(("\\$GITDESC") ,version))
|
|
|
|
|
(invoke "sh" "./bootstrap.sh"))))))
|
2017-04-26 14:37:10 -04:00
|
|
|
|
(synopsis "Belgian eID Middleware")
|
|
|
|
|
(description "The Belgian eID Middleware is required to authenticate with
|
|
|
|
|
online services using the Belgian electronic identity card.")
|
|
|
|
|
(home-page "https://github.com/Fedict/eid-mw")
|
|
|
|
|
(license license:lgpl3)))
|
|
|
|
|
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(define-public libyubikey
|
|
|
|
|
(package
|
|
|
|
|
(name "libyubikey")
|
2016-02-18 03:49:11 -05:00
|
|
|
|
(version "1.13")
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
|
|
|
|
"https://developers.yubico.com/yubico-c/Releases/"
|
|
|
|
|
name "-" version ".tar.gz"))
|
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
2016-02-18 03:49:11 -05:00
|
|
|
|
"009l3k2zyn06dbrlja2d4p2vfnzjhlcqxi88v02mlrnb17mx1v84"))))
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
(synopsis "Development kit for the YubiKey authentication device")
|
|
|
|
|
(description
|
|
|
|
|
"This package contains a C library and command-line tools that make up
|
|
|
|
|
the low-level development kit for the Yubico YubiKey authentication device.")
|
|
|
|
|
(home-page "https://developers.yubico.com/yubico-c/")
|
2016-10-26 06:00:58 -04:00
|
|
|
|
(license license:bsd-2)))
|
2014-12-06 18:02:43 -05:00
|
|
|
|
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(define-public pcsc-lite
|
|
|
|
|
(package
|
|
|
|
|
(name "pcsc-lite")
|
2017-12-18 19:20:44 -05:00
|
|
|
|
(version "1.8.23")
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
2018-06-04 12:19:43 -04:00
|
|
|
|
"https://pcsclite.apdu.fr/files/"
|
|
|
|
|
name "-" version ".tar.bz2"))
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
2017-12-18 19:20:44 -05:00
|
|
|
|
"1jc9ws5ra6v3plwraqixin0w0wfxj64drahrbkyrrwzghqjjc9ss"))))
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
(arguments
|
2017-12-18 19:20:44 -05:00
|
|
|
|
`(#:configure-flags '("--enable-usbdropdir=/var/lib/pcsc/drivers"
|
|
|
|
|
"--disable-libsystemd")))
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(native-inputs
|
|
|
|
|
`(("perl" ,perl) ; for pod2man
|
|
|
|
|
("pkg-config" ,pkg-config)))
|
|
|
|
|
(inputs
|
|
|
|
|
`(("libudev" ,eudev)))
|
2018-06-04 12:19:43 -04:00
|
|
|
|
(home-page "https://pcsclite.apdu.fr/")
|
2016-10-22 12:04:24 -04:00
|
|
|
|
(synopsis "Middleware to access a smart card using PC/SC")
|
|
|
|
|
(description
|
|
|
|
|
"pcsc-lite provides an interface to communicate with smartcards and
|
|
|
|
|
readers using the SCard API. pcsc-lite is used to connect to the PC/SC daemon
|
|
|
|
|
from a client application and provide access to the desired reader.")
|
|
|
|
|
(license (list license:bsd-3 ; pcsc-lite
|
|
|
|
|
license:isc ; src/strlcat.c src/strlcpy.c
|
|
|
|
|
license:gpl3+)))) ; src/spy/*
|
|
|
|
|
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(define-public ykclient
|
|
|
|
|
(package
|
|
|
|
|
(name "ykclient")
|
2016-02-18 03:50:46 -05:00
|
|
|
|
(version "2.15")
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
|
|
|
|
"https://developers.yubico.com/yubico-c-client/Releases/"
|
|
|
|
|
name "-" version ".tar.gz"))
|
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
2016-02-18 03:50:46 -05:00
|
|
|
|
"05jhx9waj3pl120ddnwap1v3bjrnbfhvf3lxs2xmhpcmwzpwsqgl"))))
|
2014-12-06 18:02:43 -05:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
|
|
|
|
|
;; There's just one test, and it requires network access to access
|
|
|
|
|
;; yubico.com, so skip it.
|
|
|
|
|
(arguments '(#:tests? #f))
|
|
|
|
|
|
|
|
|
|
(native-inputs `(("pkg-config" ,pkg-config)
|
|
|
|
|
("help2man" ,help2man)))
|
|
|
|
|
(inputs `(("curl" ,curl)))
|
|
|
|
|
(synopsis "C library to validate one-time-password YubiKeys")
|
|
|
|
|
(description
|
|
|
|
|
"YubiKey C Client Library (libykclient) is a C library used to validate a
|
|
|
|
|
one-time-password (OTP) YubiKey against Yubico’s servers. See the Yubico
|
|
|
|
|
website for more information about Yubico and the YubiKey.")
|
|
|
|
|
(home-page "https://developers.yubico.com/yubico-c-client/")
|
2016-10-26 06:00:58 -04:00
|
|
|
|
(license license:bsd-2)))
|
2018-04-28 03:49:35 -04:00
|
|
|
|
|
|
|
|
|
(define-public opensc
|
|
|
|
|
(package
|
|
|
|
|
(name "opensc")
|
gnu: OpenSC: Update to 0.19.0 [security fixes].
Fixes CVE-2018-{16391,16392,16393,16418,16419,16420,16421,16422,16423,16424,
16425,16426,16427}.
* gnu/packages/security-token.scm (opensc): Update to 0.19.0.
2018-09-15 23:35:17 -04:00
|
|
|
|
(version "0.19.0")
|
2018-04-28 03:49:35 -04:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
|
|
|
|
"https://github.com/OpenSC/OpenSC/releases/download/"
|
|
|
|
|
version "/opensc-" version ".tar.gz"))
|
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
gnu: OpenSC: Update to 0.19.0 [security fixes].
Fixes CVE-2018-{16391,16392,16393,16418,16419,16420,16421,16422,16423,16424,
16425,16426,16427}.
* gnu/packages/security-token.scm (opensc): Update to 0.19.0.
2018-09-15 23:35:17 -04:00
|
|
|
|
"09jqzl18z5qfrf4vf2nvbpdm3mphpgfkl3ww1clkaxh2z56hwnic"))))
|
2018-04-28 03:49:35 -04:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
(arguments
|
|
|
|
|
`(#:phases
|
|
|
|
|
(modify-phases %standard-phases
|
|
|
|
|
;; By setting an absolute path here, we arrange for OpenSC to
|
|
|
|
|
;; successfully dlopen libpcsclite.so.1 by default. The user can
|
|
|
|
|
;; still override this if they want to, by specifying a custom OpenSC
|
|
|
|
|
;; configuration file at runtime.
|
|
|
|
|
(add-after 'unpack 'set-default-libpcsclite.so.1-path
|
|
|
|
|
(lambda* (#:key inputs #:allow-other-keys)
|
|
|
|
|
(let ((libpcsclite (string-append (assoc-ref inputs "pcsc-lite")
|
|
|
|
|
"/lib/libpcsclite.so.1")))
|
|
|
|
|
(substitute* "configure"
|
|
|
|
|
(("DEFAULT_PCSC_PROVIDER=\"libpcsclite\\.so\\.1\"")
|
|
|
|
|
(string-append
|
|
|
|
|
"DEFAULT_PCSC_PROVIDER=\"" libpcsclite "\"")))
|
2018-08-15 08:45:45 -04:00
|
|
|
|
#t)))
|
|
|
|
|
(add-before 'check 'disable-broken-test
|
|
|
|
|
(lambda _
|
|
|
|
|
;; XXX: This test is fixed in git, remove this phase for >= 0.19.
|
|
|
|
|
(substitute* "doc/tools/Makefile"
|
|
|
|
|
(("TESTS = test-manpage.sh") "TESTS = "))
|
|
|
|
|
#t)))))
|
2018-04-28 03:49:35 -04:00
|
|
|
|
(inputs
|
|
|
|
|
`(("readline" ,readline)
|
|
|
|
|
("openssl" ,openssl)
|
|
|
|
|
("pcsc-lite" ,pcsc-lite)
|
|
|
|
|
("ccid" ,ccid)))
|
|
|
|
|
(native-inputs
|
|
|
|
|
`(("libxslt" ,libxslt)
|
|
|
|
|
("docbook-xsl" ,docbook-xsl)
|
|
|
|
|
("pkg-config" ,pkg-config)))
|
|
|
|
|
(home-page "https://github.com/OpenSC/OpenSC/wiki")
|
|
|
|
|
(synopsis "Tools and libraries related to smart cards")
|
|
|
|
|
(description
|
|
|
|
|
"OpenSC is a set of software tools and libraries to work with smart
|
|
|
|
|
cards, with the focus on smart cards with cryptographic capabilities. OpenSC
|
|
|
|
|
facilitate the use of smart cards in security applications such as
|
|
|
|
|
authentication, encryption and digital signatures. OpenSC implements the PKCS
|
|
|
|
|
#15 standard and the PKCS #11 API.")
|
|
|
|
|
(license license:lgpl2.1+)))
|
2018-04-28 06:44:09 -04:00
|
|
|
|
|
|
|
|
|
(define-public yubico-piv-tool
|
|
|
|
|
(package
|
|
|
|
|
(name "yubico-piv-tool")
|
2018-08-22 21:05:35 -04:00
|
|
|
|
(version "1.6.1")
|
2018-04-28 06:44:09 -04:00
|
|
|
|
(source (origin
|
|
|
|
|
(method url-fetch)
|
|
|
|
|
(uri (string-append
|
|
|
|
|
"https://developers.yubico.com/yubico-piv-tool/Releases/"
|
|
|
|
|
name "-" version ".tar.gz"))
|
|
|
|
|
(sha256
|
|
|
|
|
(base32
|
2018-08-22 21:05:35 -04:00
|
|
|
|
"10xgdc51xvszkxmsvqnbjs8ixxz7rfnfahh3wn8glllynmszbhwi"))))
|
2018-04-28 06:44:09 -04:00
|
|
|
|
(build-system gnu-build-system)
|
|
|
|
|
(inputs
|
2018-08-15 08:52:58 -04:00
|
|
|
|
`(("gengetopt" ,gengetopt)
|
|
|
|
|
("perl" ,perl)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
("pcsc-lite" ,pcsc-lite)
|
|
|
|
|
("openssl" ,openssl)))
|
|
|
|
|
(native-inputs
|
|
|
|
|
`(("doxygen" ,doxygen)
|
|
|
|
|
("graphviz" ,graphviz)
|
2018-08-15 08:52:58 -04:00
|
|
|
|
("help2man" ,help2man)
|
2018-04-28 06:44:09 -04:00
|
|
|
|
("check" ,check)
|
|
|
|
|
("texlive-bin" ,texlive-bin)
|
|
|
|
|
("pkg-config" ,pkg-config)))
|
|
|
|
|
(home-page "https://developers.yubico.com/yubico-piv-tool/")
|
|
|
|
|
(synopsis "Interact with the PIV application on a YubiKey")
|
|
|
|
|
(description
|
|
|
|
|
"The Yubico PIV tool is used for interacting with the Privilege and
|
|
|
|
|
Identification Card (PIV) application on a YubiKey. With it you may generate
|
|
|
|
|
keys on the device, import keys and certificates, create certificate requests,
|
|
|
|
|
and other operations. It includes a library and a command-line tool.")
|
|
|
|
|
;; The file ykcs11/pkcs11.h also declares an additional, very short free
|
|
|
|
|
;; license for that one file. Please see it for details. The vast
|
|
|
|
|
;; majority of files are licensed under bsd-2.
|
|
|
|
|
(license license:bsd-2)))
|