3
0
Fork 0
forked from mirrors/nixpkgs

gnupg-pkcs11-scd: init at 0.9.2

This adds gnupg-pkcs11-scd, a smart card daemon for GnuPG that supports
PKCS#11 smartcards (such as the Yubikey PIV module).

You can use it by adding something like this to your
~/.gnupg/gpg-agent.conf:

    scdaemon-program /home/<user>/.nix-profile/bin/gnupg-pkcs11-scd

You will also need to install `opensc` and have a
~/.gnupg/gnupg-pkcs11-scd.conf with something like the following:

    providers opensc

    provider-opensc-library /home/philandstuff/.nix-profile/lib/pkcs11/opensc-pkcs11.so

Then `gpg` smartcard operations will access your PKCS#11-capable
smartcard.
This commit is contained in:
Philip Potter 2019-10-16 22:03:58 +01:00
parent 67effde499
commit f7ab5d985f
2 changed files with 35 additions and 0 deletions

View file

@ -0,0 +1,33 @@
{ stdenv, fetchurl, libgpgerror, libassuan, libgcrypt, pkcs11helper,
pkgconfig, openssl }:
stdenv.mkDerivation rec {
pname = "gnupg-pkcs11-scd";
version = "0.9.2";
src = fetchurl {
url = "https://github.com/alonbl/${pname}/releases/download/${pname}-${version}/${pname}-${version}.tar.bz2";
sha256 = "sha256:1mfh9zjbahjd788rq1mzx009pd7p1sq62sbz586rd7szif7pkpgx";
};
buildInputs = [ pkcs11helper pkgconfig openssl ];
configureFlags = [
"--with-libgpg-error-prefix=${libgpgerror.dev}"
"--with-libassuan-prefix=${libassuan.dev}"
"--with-libgcrypt-prefix=${libgcrypt.dev}"
];
meta = with stdenv.lib; {
description = "A smart-card daemon to enable the use of PKCS#11 tokens with GnuPG";
longDescription = ''
gnupg-pkcs11 is a project to implement a BSD-licensed smart-card
daemon to enable the use of PKCS#11 tokens with GnuPG.
'';
homepage = http://gnupg-pkcs11.sourceforge.net/;
license = licenses.bsd3;
maintainers = with maintainers; [ philandstuff ];
platforms = platforms.unix;
};
}

View file

@ -3506,6 +3506,8 @@ in
};
gnupg = gnupg22;
gnupg-pkcs11-scd = callPackage ../tools/security/gnupg-pkcs11-scd { };
gnuplot = libsForQt5.callPackage ../tools/graphics/gnuplot { };
gnuplot_qt = gnuplot.override { withQt = true; };