pkgs/tools/security/apg/default.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
  name = "apg-2.2.3";
  src = fetchurl {
    url = "http://www.adel.nursat.kz/apg/download/${name}.tar.gz";
    sha256 = "1fkxpaifv925i385krsyslrig42ksws5y19hfq5asn1rwv6zmjb9";
  };
  configurePhase = ''
    substituteInPlace Makefile --replace /usr/local "$out"
  '';

  patches = [ ./apg.patch ];

  meta = {
    description = "Tools for random password generation";
    longDescription = ''
      APG (Automated Password Generator) is the tool set for random
      password generation.

      Standalone version

        Generates some random words of required type and prints them
        to standard output.

      Network version

        APG server: When client's request is arrived generates some
        random words of predefined type and send them to client over
        the network (according to RFC0972).

        APG client: Sends the password generation request to the APG
        server, wait for generated Passwords arrival and then prints
        them to the standard output.

     Advantages

       * Built-in ANSI X9.17 RNG (Random Number Generator) (CAST/SHA1)
       * Built-in password quality checking system (it has support for
         Bloom filter for faster access)
       * Two Password Generation Algorithms:
           1. Pronounceable Password Generation Algorithm (according to
              NIST FIPS 181)
           2. Random Character Password Generation Algorithm with 35
              configurable modes of operation
       * Configurable password length parameters
       * Configurable amount of generated passwords
       * Ability to initialize RNG with user string
       * Support for /dev/random
       * Ability to crypt() generated passwords and print them as
         additional output
       * Special parameters to use APG in script
       * Ability to log password generation requests for network version
       * Ability to control APG service access using tcpd
       * Ability to use password generation service from any type of box
         (Mac, WinXX, etc.) that connected to network
       * Ability to enforce remote users to use only allowed type of
         password generation
    '';
    homepage = http://www.adel.nursat.kz/apg/;
    license = stdenv.lib.licenses.bsd3;
    maintainers = with stdenv.lib.maintainers; [ astsmtl ];
    platforms = stdenv.lib.platforms.linux;
  };
}