From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41734) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fnPYI-0000cv-FS for guix-patches@gnu.org; Wed, 08 Aug 2018 10:35:08 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fnPYE-0003bO-E8 for guix-patches@gnu.org; Wed, 08 Aug 2018 10:35:06 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:40170) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1fnPYE-0003bH-Au for guix-patches@gnu.org; Wed, 08 Aug 2018 10:35:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1fnPYD-0002d3-V3 for guix-patches@gnu.org; Wed, 08 Aug 2018 10:35:02 -0400 Subject: [bug#32399] [PATCH] gnu: Add asignify. Resent-Message-ID: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41536) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fnPXn-0000JI-Dv for guix-patches@gnu.org; Wed, 08 Aug 2018 10:34:36 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fnPXk-0003KQ-6y for guix-patches@gnu.org; Wed, 08 Aug 2018 10:34:35 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:53189) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fnPXj-0003K9-Vy for guix-patches@gnu.org; Wed, 08 Aug 2018 10:34:32 -0400 Received: from jasmine.lan (unknown [128.64.129.14]) by mail.messagingengine.com (Postfix) with ESMTPA id E36B2E455E for ; Wed, 8 Aug 2018 10:34:30 -0400 (EDT) From: Leo Famulari Date: Wed, 8 Aug 2018 10:34:19 -0400 Message-Id: List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: 32399@debbugs.gnu.org I wonder if we should mark this program as "experimental" or "not audited?" It includes the features I'd like to have in a tool for signing and authenticated encryption, but it hasn't received much cryptanalytic attention, from what I can tell. * gnu/packages/crypto.scm (asignify): New variable. --- gnu/packages/crypto.scm | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm index 730895efd..00fa1e8d2 100644 --- a/gnu/packages/crypto.scm +++ b/gnu/packages/crypto.scm @@ -813,3 +813,40 @@ which is also used in the Advanced Encryption Standard (AES, see @url{http://www.nist.gov/aes}). This cipher is believed to provide very strong security.") (license license:gpl2))) + +(define-public asignify + (let ((commit "f58e7977a599f040797975d649ed318e25cbd2d5") + (revision "0")) + (package + (name "asignify") + (version (git-version "1.1" revision commit)) + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/vstakhov/asignify.git") + (commit commit))) + (sha256 + (base32 + "1zl68qq6js6fdahxzyhvhrpyrwlv8c2zhdplycnfxyr1ckkhq8dw")))) + (build-system gnu-build-system) + (arguments + `(#:configure-flags + (list "--enable-openssl" + (string-append "--with-openssl=" + (assoc-ref %build-inputs "openssl"))))) + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool))) + (inputs + `(("openssl" ,openssl-next))) + (home-page "https://github.com/vstakhov/asignify") + (synopsis "Cryptographic authentication and encryption tool and library") + (description "Asignify offers public cryptographic signatures and +encryption with a library or a command-line tool. The tool is heavily inspired +by signify as used in OpenBSD. The main goal of this project is to define a +high level API for signing files, validating signatures and encrypting using +public-key cryptography. Asignify is designed to be portable and self-contained +with zero external dependencies. Asignify can verify OpenBSD signatures, but it +cannot sign messages in OpenBSD format yet.") + (license license:bsd-2)))) -- 2.18.0