From f7ab5d985f633df9c1d433b9954004950f0739f9 Mon Sep 17 00:00:00 2001
From: Philip Potter <philip.g.potter@gmail.com>
Date: Wed, 16 Oct 2019 22:03:58 +0100
Subject: [PATCH 1/2] gnupg-pkcs11-scd: init at 0.9.2

This adds gnupg-pkcs11-scd, a smart card daemon for GnuPG that supports
PKCS#11 smartcards (such as the Yubikey PIV module).

You can use it by adding something like this to your
~/.gnupg/gpg-agent.conf:

    scdaemon-program /home/<user>/.nix-profile/bin/gnupg-pkcs11-scd

You will also need to install `opensc` and have a
~/.gnupg/gnupg-pkcs11-scd.conf with something like the following:

    providers opensc

    provider-opensc-library /home/philandstuff/.nix-profile/lib/pkcs11/opensc-pkcs11.so

Then `gpg` smartcard operations will access your PKCS#11-capable
smartcard.
---
 .../security/gnupg-pkcs11-scd/default.nix     | 33 +++++++++++++++++++
 pkgs/top-level/all-packages.nix               |  2 ++
 2 files changed, 35 insertions(+)
 create mode 100644 pkgs/tools/security/gnupg-pkcs11-scd/default.nix

diff --git a/pkgs/tools/security/gnupg-pkcs11-scd/default.nix b/pkgs/tools/security/gnupg-pkcs11-scd/default.nix
new file mode 100644
index 000000000000..77537f1bfeb3
--- /dev/null
+++ b/pkgs/tools/security/gnupg-pkcs11-scd/default.nix
@@ -0,0 +1,33 @@
+{ stdenv, fetchurl, libgpgerror, libassuan, libgcrypt, pkcs11helper,
+  pkgconfig, openssl }:
+
+stdenv.mkDerivation rec {
+  pname = "gnupg-pkcs11-scd";
+  version = "0.9.2";
+
+  src = fetchurl {
+    url = "https://github.com/alonbl/${pname}/releases/download/${pname}-${version}/${pname}-${version}.tar.bz2";
+    sha256 = "sha256:1mfh9zjbahjd788rq1mzx009pd7p1sq62sbz586rd7szif7pkpgx";
+  };
+
+  buildInputs = [ pkcs11helper pkgconfig openssl ];
+
+  configureFlags = [
+    "--with-libgpg-error-prefix=${libgpgerror.dev}"
+    "--with-libassuan-prefix=${libassuan.dev}"
+    "--with-libgcrypt-prefix=${libgcrypt.dev}"
+  ];
+
+  meta = with stdenv.lib; {
+    description = "A smart-card daemon to enable the use of PKCS#11 tokens with GnuPG";
+    longDescription = ''
+    gnupg-pkcs11 is a project to implement a BSD-licensed smart-card
+    daemon to enable the use of PKCS#11 tokens with GnuPG.
+    '';
+    homepage = http://gnupg-pkcs11.sourceforge.net/;
+    license = licenses.bsd3;
+    maintainers = with maintainers; [ philandstuff ];
+    platforms = platforms.unix;
+  };
+}
+
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index f6a3bd68294a..7ca55ed818b1 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3506,6 +3506,8 @@ in
   };
   gnupg = gnupg22;
 
+  gnupg-pkcs11-scd = callPackage ../tools/security/gnupg-pkcs11-scd { };
+
   gnuplot = libsForQt5.callPackage ../tools/graphics/gnuplot { };
 
   gnuplot_qt = gnuplot.override { withQt = true; };

From 10d7313c013604b045fce4ab86debdb3263ad98f Mon Sep 17 00:00:00 2001
From: Philip Potter <philip.g.potter@gmail.com>
Date: Mon, 28 Oct 2019 20:57:49 +0000
Subject: [PATCH 2/2] gnupg-pkcs11-scd: add @lschuermann as maintainer

---
 pkgs/tools/security/gnupg-pkcs11-scd/default.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkgs/tools/security/gnupg-pkcs11-scd/default.nix b/pkgs/tools/security/gnupg-pkcs11-scd/default.nix
index 77537f1bfeb3..bc7cff99dc23 100644
--- a/pkgs/tools/security/gnupg-pkcs11-scd/default.nix
+++ b/pkgs/tools/security/gnupg-pkcs11-scd/default.nix
@@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
     '';
     homepage = http://gnupg-pkcs11.sourceforge.net/;
     license = licenses.bsd3;
-    maintainers = with maintainers; [ philandstuff ];
+    maintainers = with maintainers; [ lschuermann philandstuff ];
     platforms = platforms.unix;
   };
 }