Commit | Line | Data |
---|---|---|
cc6f4912 LC |
1 | ;;; GNU Guix --- Functional package management for GNU |
2 | ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> | |
3bab9594 | 3 | ;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020, 2021 Efraim Flashner <efraim@flashner.co.il> |
0a90c789 | 4 | ;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name> |
55e51b66 | 5 | ;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com> |
cc6f4912 LC |
6 | ;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au> |
7 | ;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com> | |
8 | ;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com> | |
9 | ;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org> | |
10 | ;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org> | |
5d844fd6 | 11 | ;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr> |
3c986a7d | 12 | ;;; Copyright © 2016, 2017 Nikita <nikita@n0.is> |
cc6f4912 | 13 | ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> |
c6e33df9 | 14 | ;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net> |
cc6f4912 | 15 | ;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org> |
74f01758 | 16 | ;;; Copyright © 2016, 2017, 2020 Arun Isaac <arunisaac@systemreboot.net> |
cc6f4912 | 17 | ;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au> |
2f691218 | 18 | ;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org> |
ee375d1c | 19 | ;;; Copyright © 2018, 2021 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
e64088f0 | 20 | ;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org> |
8afe166d | 21 | ;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu> |
93953ec7 | 22 | ;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net> |
1f15cbc8 | 23 | ;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org> |
f8dcdf2b | 24 | ;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org> |
1b11e894 | 25 | ;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org> |
960dafce | 26 | ;;; Copyright © 2020 Vinicius Monego <monego@posteo.net> |
cc6f4912 LC |
27 | ;;; |
28 | ;;; This file is part of GNU Guix. | |
29 | ;;; | |
30 | ;;; GNU Guix is free software; you can redistribute it and/or modify it | |
31 | ;;; under the terms of the GNU General Public License as published by | |
32 | ;;; the Free Software Foundation; either version 3 of the License, or (at | |
33 | ;;; your option) any later version. | |
34 | ;;; | |
35 | ;;; GNU Guix is distributed in the hope that it will be useful, but | |
36 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of | |
37 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
38 | ;;; GNU General Public License for more details. | |
39 | ;;; | |
40 | ;;; You should have received a copy of the GNU General Public License | |
41 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. | |
42 | ||
43 | (define-module (gnu packages python-crypto) | |
44 | #:use-module (guix packages) | |
45 | #:use-module (guix download) | |
46 | #:use-module (guix git-download) | |
47 | #:use-module (guix build-system python) | |
48 | #:use-module (gnu packages) | |
ac257f12 | 49 | #:use-module (gnu packages check) |
b95c17c5 | 50 | #:use-module (gnu packages crypto) |
f8dcdf2b | 51 | #:use-module (gnu packages kerberos) |
cc6f4912 LC |
52 | #:use-module (gnu packages libffi) |
53 | #:use-module (gnu packages multiprecision) | |
08310637 | 54 | #:use-module (gnu packages password-utils) |
cc6f4912 LC |
55 | #:use-module (gnu packages protobuf) |
56 | #:use-module (gnu packages python) | |
dbcd2050 | 57 | #:use-module (gnu packages python-build) |
6fedf6f2 | 58 | #:use-module (gnu packages python-check) |
960dafce | 59 | #:use-module (gnu packages python-compression) |
cb91f6ae | 60 | #:use-module (gnu packages python-web) |
44d10b1f | 61 | #:use-module (gnu packages python-xyz) |
4764e83c | 62 | #:use-module (gnu packages swig) |
33dc54b0 | 63 | #:use-module (gnu packages time) |
cc6f4912 | 64 | #:use-module (gnu packages tls) |
68d425cd | 65 | #:use-module (gnu packages xml) |
cc6f4912 LC |
66 | #:use-module ((guix licenses) #:prefix license:) |
67 | #:use-module (srfi srfi-1)) | |
68 | ||
c6e8d17b RG |
69 | (define-public python-potr |
70 | (package | |
71 | (name "python-potr") | |
72 | (version "1.0.2") | |
73 | (source | |
74 | (origin | |
75 | (method git-fetch) | |
76 | (uri | |
77 | (git-reference | |
8ed4c468 | 78 | (url "https://github.com/python-otr/pure-python-otr") |
c6e8d17b RG |
79 | (commit version))) |
80 | (file-name | |
81 | (git-file-name name version)) | |
82 | (sha256 | |
83 | (base32 "1hzw6h01fm216nmipyylgz0zybd80w1xsk12m7djycnhqrnrvvv1")))) | |
84 | (build-system python-build-system) | |
85 | (propagated-inputs | |
86 | `(("python-pycrypto" ,python-pycrypto))) | |
87 | (synopsis "Python OTR Implementation") | |
88 | (description "Python OTR is an Off-The-Record Protocol Implementation in | |
89 | Python. It does not bind to libotr.") | |
90 | (home-page "https://github.com/python-otr/pure-python-otr") | |
91 | (license license:lgpl3+))) | |
92 | ||
cef6dc64 NG |
93 | (define-public python-base58 |
94 | (package | |
95 | (name "python-base58") | |
cba7a6f7 | 96 | (version "2.0.1") |
cef6dc64 NG |
97 | (source |
98 | (origin | |
99 | (method url-fetch) | |
100 | (uri (pypi-uri "base58" version)) | |
101 | (sha256 | |
102 | (base32 | |
cba7a6f7 | 103 | "0yfaqp76kbdb62hikr5n4jkkfjfmii89grwfy6sw3fmsv5hrap1n")))) |
cef6dc64 NG |
104 | (build-system python-build-system) |
105 | (native-inputs | |
106 | `(("python-pyhamcrest" ,python-pyhamcrest))) | |
107 | (home-page "https://github.com/keis/base58") | |
108 | (synopsis "Base58 and Base58Check implementation") | |
109 | (description "Base58 and Base58Check implementation compatible | |
110 | with what is used by the Bitcoin network.") | |
111 | (license license:expat))) | |
112 | ||
7c16af46 MB |
113 | (define-public python-bcrypt |
114 | (package | |
115 | (name "python-bcrypt") | |
b5cb4624 | 116 | (version "3.1.7") |
7c16af46 MB |
117 | (source |
118 | (origin | |
119 | (method url-fetch) | |
120 | (uri (pypi-uri "bcrypt" version)) | |
121 | (sha256 | |
b5cb4624 | 122 | (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b")))) |
7c16af46 MB |
123 | (build-system python-build-system) |
124 | (native-inputs | |
125 | `(("python-pycparser" ,python-pycparser) | |
126 | ("python-pytest" ,python-pytest))) | |
127 | (propagated-inputs | |
128 | `(("python-cffi" ,python-cffi) | |
129 | ("python-six" ,python-six))) | |
130 | (home-page "https://github.com/pyca/bcrypt/") | |
131 | (synopsis | |
132 | "Modern password hashing library") | |
133 | (description | |
134 | "Bcrypt is a Python module which provides a password hashing method based | |
135 | on the Blowfish password hashing algorithm, as described in | |
136 | @url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable | |
137 | Password Scheme\"} by Niels Provos and David Mazieres.") | |
138 | (license license:asl2.0))) | |
139 | ||
140 | (define-public python2-bcrypt | |
141 | (package-with-python2 python-bcrypt)) | |
142 | ||
cc6f4912 LC |
143 | (define-public python-passlib |
144 | (package | |
145 | (name "python-passlib") | |
2a30ca09 | 146 | (version "1.7.4") |
cc6f4912 LC |
147 | (source |
148 | (origin | |
149 | (method url-fetch) | |
150 | (uri (pypi-uri "passlib" version)) | |
151 | (sha256 | |
2a30ca09 | 152 | (base32 "015y5qaw9qnxr29lg60dml1g5rbqd4586wy5n8m41ib55gvm1zfy")))) |
cc6f4912 LC |
153 | (build-system python-build-system) |
154 | (native-inputs | |
155 | `(("python-nose" ,python-nose))) | |
156 | (propagated-inputs | |
157 | `(("python-py-bcrypt" ,python-py-bcrypt))) | |
158 | (arguments | |
159 | `(#:phases | |
160 | (modify-phases %standard-phases | |
161 | (add-before 'check 'set-PYTHON_EGG_CACHE | |
2a30ca09 TGR |
162 | ;; Some tests require access to "$HOME/.cython". |
163 | (lambda _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t))))) | |
cc6f4912 | 164 | (home-page "https://bitbucket.org/ecollins/passlib") |
aadd107d | 165 | (synopsis "Comprehensive password hashing framework") |
cc6f4912 LC |
166 | (description |
167 | "Passlib is a password hashing library for Python 2 & 3, which provides | |
168 | cross-platform implementations of over 30 password hashing algorithms, as well | |
169 | as a framework for managing existing password hashes. It's designed to be | |
170 | useful for a wide range of tasks, from verifying a hash found in /etc/shadow, | |
171 | to providing full-strength password hashing for multi-user application.") | |
172 | (license license:bsd-3))) | |
173 | ||
174 | (define-public python2-passlib | |
175 | (package-with-python2 python-passlib)) | |
176 | ||
177 | (define-public python-py-bcrypt | |
178 | (package | |
179 | (name "python-py-bcrypt") | |
180 | (version "0.4") | |
181 | (source | |
182 | (origin | |
183 | (method url-fetch) | |
27864e7c | 184 | (uri (pypi-uri "py-bcrypt" version)) |
cc6f4912 LC |
185 | (sha256 |
186 | (base32 | |
187 | "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az")))) | |
188 | (build-system python-build-system) | |
189 | (home-page "https://code.google.com/p/py-bcrypt") | |
190 | (synopsis | |
191 | "Bcrypt password hashing and key derivation") | |
192 | (description | |
193 | "A python wrapper of OpenBSD's Blowfish password hashing code. This | |
194 | system hashes passwords using a version of Bruce Schneier's Blowfish block | |
195 | cipher with modifications designed to raise the cost of off-line password | |
196 | cracking and frustrate fast hardware implementation. The computation cost of | |
3defa90d | 197 | the algorithm is parametrised, so it can be increased as computers get faster. |
cc6f4912 LC |
198 | The intent is to make a compromise of a password database less likely to |
199 | result in an attacker gaining knowledge of the plaintext passwords (e.g. using | |
200 | John the Ripper).") | |
201 | ;; "sha2.c" is under BSD-3; | |
202 | ;; "blowfish.c" and "bcrypt.c" are under BSD-4; | |
203 | ;; the rest is under ISC. | |
204 | (license (list license:isc license:bsd-3 license:bsd-4)))) | |
205 | ||
206 | (define-public python2-py-bcrypt | |
207 | (package-with-python2 python-py-bcrypt)) | |
208 | ||
e64088f0 VC |
209 | (define-public python-pyblake2 |
210 | (package | |
211 | (name "python-pyblake2") | |
212 | (version "1.1.2") | |
213 | (source | |
214 | (origin | |
215 | (method url-fetch) | |
216 | (uri (pypi-uri "pyblake2" version)) | |
217 | (sha256 | |
218 | (base32 | |
219 | "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w")))) | |
220 | (build-system python-build-system) | |
221 | (home-page "https://github.com/dchest/pyblake2") | |
222 | (synopsis "BLAKE2 hash function for Python") | |
223 | (description "BLAKE2 is a cryptographic hash function, which offers | |
224 | stronger security while being as fast as MD5 or SHA-1, and comes in two | |
225 | flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests | |
226 | of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to | |
227 | 32-bit platforms and produces digests of any size between 1 and 32 bytes. | |
228 | ||
229 | This package provides a Python interface for BLAKE2.") | |
230 | ;; The COPYING file declares it as public domain, with the option to | |
231 | ;; alternatively use and redistribute it under a variety of permissive | |
232 | ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c. | |
233 | (license (list license:public-domain license:cc0)))) | |
234 | ||
cc6f4912 LC |
235 | (define-public python-paramiko |
236 | (package | |
237 | (name "python-paramiko") | |
c7aee804 | 238 | (version "2.7.2") |
cc6f4912 LC |
239 | (source |
240 | (origin | |
241 | (method url-fetch) | |
242 | (uri (pypi-uri "paramiko" version)) | |
243 | (sha256 | |
c7aee804 | 244 | (base32 "0dahwq623jnna7gsr9j0mkwr9k2n1pvkapjryhcx508d5jxg8dkz")))) |
cc6f4912 LC |
245 | (build-system python-build-system) |
246 | (arguments | |
8e84eb68 MB |
247 | `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt. |
248 | #:tests? #f)) | |
cc6f4912 | 249 | (propagated-inputs |
2fbc38e3 LF |
250 | `(("python-bcrypt" ,python-bcrypt) |
251 | ("python-pyasn1" ,python-pyasn1) | |
252 | ("python-pynacl" ,python-pynacl) | |
cc6f4912 | 253 | ("python-cryptography" ,python-cryptography))) |
101ad242 | 254 | (home-page "https://www.paramiko.org/") |
cc6f4912 LC |
255 | (synopsis "SSHv2 protocol library") |
256 | (description "Paramiko is a python implementation of the SSHv2 protocol, | |
257 | providing both client and server functionality. While it leverages a Python C | |
258 | extension for low level cryptography (PyCrypto), Paramiko itself is a pure | |
259 | Python interface around SSH networking concepts.") | |
260 | (license license:lgpl2.1+))) | |
261 | ||
262 | (define-public python2-paramiko | |
263 | (package-with-python2 python-paramiko)) | |
264 | ||
265 | (define-public python-ecdsa | |
266 | (package | |
267 | (name "python-ecdsa") | |
c57b8419 | 268 | (version "0.14.1") |
cc6f4912 LC |
269 | (source |
270 | (origin | |
271 | (method url-fetch) | |
86228e56 | 272 | (uri (pypi-uri "ecdsa" version)) |
cc6f4912 | 273 | (sha256 |
c57b8419 | 274 | (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4")))) |
cc6f4912 | 275 | (build-system python-build-system) |
92fe2513 EF |
276 | (arguments |
277 | '(#:phases | |
278 | (modify-phases %standard-phases | |
279 | (replace 'check | |
280 | (lambda _ (invoke "pytest")))))) | |
c57b8419 EF |
281 | (propagated-inputs |
282 | `(("python-six" ,python-six))) | |
283 | (native-inputs | |
92fe2513 EF |
284 | `(("openssl" ,openssl) |
285 | ("python-pytest" ,python-pytest))) | |
9cd100b6 TGR |
286 | (home-page "https://github.com/warner/python-ecdsa") |
287 | (synopsis "ECDSA cryptographic signature library (pure python)") | |
cc6f4912 LC |
288 | (description |
289 | "This is an easy-to-use implementation of ECDSA cryptography (Elliptic | |
290 | Curve Digital Signature Algorithm), implemented purely in Python. With this | |
7230f6d5 | 291 | library, you can quickly create key pairs (signing key and verifying key), sign |
cc6f4912 LC |
292 | messages, and verify the signatures. The keys and signatures are very short, |
293 | making them easy to handle and incorporate into other protocols.") | |
294 | (license license:expat))) | |
295 | ||
296 | (define-public python2-ecdsa | |
297 | (package-with-python2 python-ecdsa)) | |
298 | ||
299 | ;;; Pycrypto is abandoned upstream: | |
300 | ;;; | |
301 | ;;; https://github.com/dlitz/pycrypto/issues/173 | |
302 | ;;; | |
303 | ;;; TODO Remove this package from GNU Guix. | |
304 | (define-public python-pycrypto | |
305 | (package | |
306 | (name "python-pycrypto") | |
307 | (version "2.6.1") | |
308 | (source | |
309 | (origin | |
310 | (method url-fetch) | |
311 | (uri (pypi-uri "pycrypto" version)) | |
2a2a9878 MB |
312 | (patches (search-patches "python-pycrypto-CVE-2013-7459.patch" |
313 | "python-pycrypto-time-clock.patch")) | |
cc6f4912 LC |
314 | (sha256 |
315 | (base32 | |
316 | "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj")))) | |
317 | (build-system python-build-system) | |
318 | (inputs | |
319 | `(("python" ,python) | |
320 | ("gmp" ,gmp))) | |
321 | (arguments | |
322 | `(#:phases | |
323 | (modify-phases %standard-phases | |
324 | (add-before 'build 'set-build-env | |
325 | ;; pycrypto runs an autoconf configure script behind the scenes | |
326 | (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t))))) | |
52888f52 | 327 | (home-page "https://www.dlitz.net/software/pycrypto/") |
cc6f4912 LC |
328 | (synopsis "Cryptographic modules for Python") |
329 | (description | |
330 | "Pycrypto is a collection of both secure hash functions (such as SHA256 | |
331 | and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, | |
332 | etc.). The package is structured to make adding new modules easy.") | |
333 | (license license:public-domain))) | |
334 | ||
335 | (define-public python2-pycrypto | |
336 | (let ((pycrypto (package-with-python2 python-pycrypto))) | |
1a265842 | 337 | (package/inherit pycrypto |
cc6f4912 LC |
338 | (inputs |
339 | `(("python" ,python-2) | |
340 | ,@(alist-delete | |
341 | "python" | |
342 | (package-inputs pycrypto))))))) | |
343 | ||
f8dcdf2b AT |
344 | (define-public python-kerberos |
345 | (package | |
346 | (name "python-kerberos") | |
347 | (version "1.3.0") | |
348 | (source | |
349 | (origin | |
350 | (method url-fetch) | |
351 | (uri (pypi-uri "kerberos" version)) | |
352 | (sha256 | |
353 | (base32 | |
354 | "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh")))) | |
355 | (build-system python-build-system) | |
356 | (inputs | |
357 | `(("mit-krb5" ,mit-krb5))) | |
358 | (home-page "https://github.com/apple/ccs-pykerberos") | |
359 | (synopsis | |
360 | "Python Kerberos library used by CalendarServer") | |
361 | (description | |
362 | "This Python package is a high-level wrapper for Kerberos (GSSAPI) | |
363 | operations. The goal is to avoid having to build a module that wraps the | |
364 | entire Kerberos.framework, and instead offer a limited set of functions that | |
365 | do what is needed for client/server Kerberos authentication based on | |
366 | <http://www.ietf.org/rfc/rfc4559.txt>.") | |
367 | (license license:asl2.0))) | |
368 | ||
cc6f4912 LC |
369 | (define-public python-keyring |
370 | (package | |
371 | (name "python-keyring") | |
d9784b1a | 372 | (version "22.0.1") |
cc6f4912 LC |
373 | (source |
374 | (origin | |
375 | (method url-fetch) | |
376 | (uri (pypi-uri "keyring" version)) | |
377 | (sha256 | |
378 | (base32 | |
d9784b1a | 379 | "1pvqc6may03did0iz98gasg7cy4h8ljzs4ibh927bfzda8a3xjws")))) |
cc6f4912 | 380 | (build-system python-build-system) |
6fedf6f2 EF |
381 | (arguments |
382 | `(#:phases | |
383 | (modify-phases %standard-phases | |
384 | (replace 'check | |
f7c966ae EF |
385 | (lambda* (#:key tests? #:allow-other-keys) |
386 | (when tests? | |
387 | (invoke "pytest")) | |
388 | #t))))) | |
cc6f4912 | 389 | (native-inputs |
d9784b1a EF |
390 | `(("python-toml" ,python-toml) |
391 | ("python-pytest" ,python-pytest) | |
6fedf6f2 EF |
392 | ("python-pytest-checkdocs" ,python-pytest-checkdocs) |
393 | ("python-pytest-cov" ,python-pytest-cov) | |
394 | ("python-pytest-flake8" ,python-pytest-flake8) | |
d9784b1a | 395 | ("python-setuptools" ,python-setuptools) |
770b1d65 | 396 | ("python-setuptools-scm" ,python-setuptools-scm))) |
cc6f4912 | 397 | (propagated-inputs |
d9784b1a | 398 | `(("python-secretstorage" ,python-secretstorage))) |
cc6f4912 LC |
399 | (home-page "https://github.com/jaraco/keyring") |
400 | (synopsis "Store and access your passwords safely") | |
401 | (description | |
402 | "The Python keyring lib provides a easy way to access the system keyring | |
403 | service from python. It can be used in any application that needs safe | |
404 | password storage.") | |
405 | ;; "MIT" and PSF dual license | |
6fedf6f2 | 406 | (properties `((python2-variant . ,(delay python2-keyring)))) |
cc6f4912 LC |
407 | (license license:x11))) |
408 | ||
409 | (define-public python2-keyring | |
6fedf6f2 EF |
410 | (let ((keyring (package-with-python2 |
411 | (strip-python2-variant python-keyring)))) | |
412 | (package | |
413 | (inherit keyring) | |
414 | (name "python2-keyring") | |
415 | (version "8.7") | |
416 | (source | |
417 | (origin | |
418 | (method url-fetch) | |
419 | (uri (pypi-uri "keyring" version)) | |
420 | (sha256 | |
421 | (base32 | |
422 | "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx")))) | |
423 | (arguments | |
424 | `(#:python ,python-2)) | |
425 | (native-inputs | |
426 | `(("python2-pytest" ,python2-pytest) | |
427 | ("python2-pytest-runner" ,python2-pytest-runner) | |
428 | ("python2-setuptools-scm" ,python2-setuptools-scm))) | |
429 | (propagated-inputs | |
430 | `(("python2-pycrypto" ,python2-pycrypto)))))) | |
cc6f4912 | 431 | |
9a684b40 EF |
432 | (define-public python-keyrings.alt |
433 | (package | |
434 | (name "python-keyrings.alt") | |
435 | (version "3.4.0") | |
436 | (source | |
437 | (origin | |
438 | (method url-fetch) | |
439 | (uri (pypi-uri "keyrings.alt" version)) | |
440 | (sha256 | |
441 | (base32 | |
442 | "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli")) | |
443 | (modules '((guix build utils))) | |
444 | (snippet | |
445 | '(begin | |
446 | (delete-file "keyrings/alt/_win_crypto.py") | |
447 | ;; Rely on python-keyring>20: | |
448 | ;; https://github.com/jaraco/keyrings.alt/issues/33 | |
449 | (substitute* '("keyrings/alt/tests/test_Gnome.py" | |
450 | "keyrings/alt/tests/test_Google.py" | |
451 | "keyrings/alt/tests/test_Windows.py" | |
452 | "keyrings/alt/tests/test_file.py" | |
453 | "keyrings/alt/tests/test_pyfs.py") | |
454 | (("keyring.tests.test_backend") "keyring.testing.backend") | |
455 | (("keyring.tests.util") "keyring.testing.util")) | |
456 | #t)))) | |
457 | (build-system python-build-system) | |
458 | (native-inputs | |
459 | `(("python-keyring" ,python-keyring) | |
460 | ("python-pytest" ,python-pytest) | |
461 | ("python-setuptools-scm" ,python-setuptools-scm))) | |
462 | (home-page "https://github.com/jaraco/keyrings.alt") | |
463 | (synopsis "Alternate keyring implementations") | |
464 | (description "Keyrings in this package may have security risks or other | |
465 | implications. These backends were extracted from the main keyring project to | |
466 | make them available for those who wish to employ them, but are discouraged for | |
467 | general production use. Include this module and use its backends at your own | |
468 | risk.") | |
469 | (license license:expat))) | |
470 | ||
cc6f4912 LC |
471 | (define-public python-certifi |
472 | (package | |
473 | (name "python-certifi") | |
07ecec41 | 474 | (version "2020.12.5") |
cc6f4912 LC |
475 | (source (origin |
476 | (method url-fetch) | |
477 | (uri (pypi-uri "certifi" version)) | |
478 | (sha256 | |
479 | (base32 | |
07ecec41 | 480 | "177mdbw0livdjvp17sz6wsfrc32838m9y59v871gpgv2888raj8s")))) |
cc6f4912 | 481 | (build-system python-build-system) |
ee3a5e07 | 482 | (arguments '(#:tests? #f)) ;no tests |
cc6f4912 LC |
483 | (home-page "https://certifi.io/") |
484 | (synopsis "Python CA certificate bundle") | |
485 | (description | |
486 | "Certifi is a Python library that contains a CA certificate bundle, which | |
487 | is used by the Requests library to verify HTTPS requests.") | |
488 | (license license:asl2.0))) | |
489 | ||
490 | (define-public python2-certifi | |
491 | (package-with-python2 python-certifi)) | |
492 | ||
493 | (define-public python-cryptography-vectors | |
494 | (package | |
495 | (name "python-cryptography-vectors") | |
229d39fa | 496 | (version "3.3.1") |
cc6f4912 LC |
497 | (source |
498 | (origin | |
499 | (method url-fetch) | |
500 | (uri (pypi-uri "cryptography_vectors" version)) | |
501 | (sha256 | |
502 | (base32 | |
229d39fa | 503 | "192wix3sr678x21brav5hgc6j93l7ab1kh69p2scr3fsblq9qy03")))) |
cc6f4912 LC |
504 | (build-system python-build-system) |
505 | (home-page "https://github.com/pyca/cryptography") | |
506 | (synopsis "Test vectors for the cryptography package") | |
507 | (description | |
508 | "This package contains test vectors for the cryptography package.") | |
509 | ;; Distributed under either BSD-3 or ASL2.0 | |
510 | (license (list license:bsd-3 license:asl2.0)))) | |
511 | ||
512 | (define-public python2-cryptography-vectors | |
513 | (package-with-python2 python-cryptography-vectors)) | |
514 | ||
515 | (define-public python-cryptography | |
516 | (package | |
517 | (name "python-cryptography") | |
229d39fa | 518 | (version "3.3.1") |
cc6f4912 LC |
519 | (source |
520 | (origin | |
521 | (method url-fetch) | |
522 | (uri (pypi-uri "cryptography" version)) | |
523 | (sha256 | |
524 | (base32 | |
229d39fa | 525 | "1ribd1vxq9wwz564mg60dzcy699gng54admihjjkgs9dx95pw5vy")))) |
cc6f4912 LC |
526 | (build-system python-build-system) |
527 | (inputs | |
528 | `(("openssl" ,openssl))) | |
529 | (propagated-inputs | |
530 | `(("python-asn1crypto" ,python-asn1crypto) | |
531 | ("python-cffi" ,python-cffi) | |
532 | ("python-six" ,python-six) | |
533 | ("python-idna" ,python-idna) | |
534 | ("python-iso8601" ,python-iso8601))) | |
535 | (native-inputs | |
536 | `(("python-cryptography-vectors" ,python-cryptography-vectors) | |
537 | ("python-hypothesis" ,python-hypothesis) | |
538 | ("python-pretend" ,python-pretend) | |
539 | ("python-pytz" ,python-pytz) | |
2dd12924 | 540 | ("python-pytest" ,python-pytest))) |
cc6f4912 LC |
541 | (home-page "https://github.com/pyca/cryptography") |
542 | (synopsis "Cryptographic recipes and primitives for Python") | |
543 | (description | |
544 | "cryptography is a package which provides cryptographic recipes and | |
545 | primitives to Python developers. It aims to be the “cryptographic standard | |
546 | library” for Python. The package includes both high level recipes, and low | |
547 | level interfaces to common cryptographic algorithms such as symmetric ciphers, | |
548 | message digests and key derivation functions.") | |
549 | ;; Distributed under either BSD-3 or ASL2.0 | |
550 | (license (list license:bsd-3 license:asl2.0)) | |
551 | (properties `((python2-variant . ,(delay python2-cryptography)))))) | |
552 | ||
553 | (define-public python2-cryptography | |
554 | (let ((crypto (package-with-python2 | |
555 | (strip-python2-variant python-cryptography)))) | |
1a265842 | 556 | (package/inherit crypto |
cc6f4912 LC |
557 | (propagated-inputs |
558 | `(("python2-ipaddress" ,python2-ipaddress) | |
559 | ("python2-backport-ssl-match-hostname" | |
560 | ,python2-backport-ssl-match-hostname) | |
561 | ("python2-enum34" ,python2-enum34) | |
562 | ,@(package-propagated-inputs crypto)))))) | |
563 | ||
564 | (define-public python-pyopenssl | |
565 | (package | |
566 | (name "python-pyopenssl") | |
ea8759f8 | 567 | (version "20.0.0") |
cc6f4912 LC |
568 | (source |
569 | (origin | |
570 | (method url-fetch) | |
571 | (uri (pypi-uri "pyOpenSSL" version)) | |
572 | (sha256 | |
573 | (base32 | |
ea8759f8 | 574 | "1i8ab5zn9i9iq2ksizp3rd42v157kacddzz88kviqw3kpp68xw4j")))) |
cc6f4912 LC |
575 | (build-system python-build-system) |
576 | (arguments | |
577 | '(#:phases | |
578 | (modify-phases %standard-phases | |
579 | (delete 'check) | |
580 | (add-after 'install 'check | |
581 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
582 | (add-installed-pythonpath inputs outputs) | |
55e51b66 MB |
583 | ;; PyOpenSSL runs tests against a certificate with a fixed |
584 | ;; expiry time. To ensure successful builds in the future, | |
585 | ;; set the time to roughly the release date. | |
ea8759f8 | 586 | (invoke "faketime" "2020-12-01" "py.test" "-v" "-k" |
c6e33df9 RW |
587 | (string-append |
588 | ;; This test tries to look up certificates from | |
589 | ;; the compiled-in default path in OpenSSL, which | |
590 | ;; does not exist in the build environment. | |
591 | "not test_fallback_default_verify_paths " | |
592 | ;; This test attempts to make a connection to | |
593 | ;; an external web service. | |
b3ec7772 LF |
594 | "and not test_set_default_verify_paths " |
595 | ;; Fails on i686-linux and possibly other 32-bit platforms | |
596 | ;; https://github.com/pyca/pyopenssl/issues/974 | |
597 | "and not test_verify_with_time"))))))) | |
cc6f4912 LC |
598 | (propagated-inputs |
599 | `(("python-cryptography" ,python-cryptography) | |
600 | ("python-six" ,python-six))) | |
601 | (inputs | |
602 | `(("openssl" ,openssl))) | |
603 | (native-inputs | |
55e51b66 MB |
604 | `(("libfaketime" ,libfaketime) |
605 | ("python-flaky" ,python-flaky) | |
cc6f4912 | 606 | ("python-pretend" ,python-pretend) |
2dd12924 | 607 | ("python-pytest" ,python-pytest))) |
cc6f4912 LC |
608 | (home-page "https://github.com/pyca/pyopenssl") |
609 | (synopsis "Python wrapper module around the OpenSSL library") | |
610 | (description | |
611 | "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL | |
612 | library.") | |
613 | (license license:asl2.0))) | |
614 | ||
615 | (define-public python2-pyopenssl | |
616 | (package-with-python2 python-pyopenssl)) | |
617 | ||
579b4362 DM |
618 | (define-public python-ed25519 |
619 | (package | |
620 | (name "python-ed25519") | |
621 | (version "1.4") | |
622 | (source | |
623 | (origin | |
624 | (method url-fetch) | |
625 | (uri (pypi-uri "ed25519" version)) | |
626 | (sha256 | |
627 | (base32 | |
628 | "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499")))) | |
629 | (build-system python-build-system) | |
630 | (home-page "https://github.com/warner/python-ed25519") | |
631 | (synopsis "Ed25519 public-key signatures") | |
632 | (description "Ed25519 public-key signatures") | |
633 | (license license:expat))) | |
634 | ||
635 | (define-public python2-ed25519 | |
636 | (package-with-python2 python-ed25519)) | |
637 | ||
cc6f4912 LC |
638 | (define-public python-axolotl-curve25519 |
639 | (package | |
640 | (name "python-axolotl-curve25519") | |
74f01758 | 641 | (version "0.4.1.post2") |
cc6f4912 LC |
642 | (source |
643 | (origin | |
74f01758 AI |
644 | (method url-fetch) |
645 | (uri (pypi-uri "python-axolotl-curve25519" version)) | |
cc6f4912 LC |
646 | (sha256 |
647 | (base32 | |
74f01758 | 648 | "18v3rfyv7xi26fb97nw1xc0l6x8wi0i4xj8dlq4gblpbjxiac187")))) |
cc6f4912 | 649 | (build-system python-build-system) |
cc6f4912 LC |
650 | (home-page "https://github.com/tgalal/python-axolotl-curve25519") |
651 | (synopsis "Python wrapper for curve25519 library") | |
652 | (description "This is a python wrapper for the curve25519 library | |
653 | with ed25519 signatures. The C code was pulled from | |
654 | libaxolotl-android. At the moment this wrapper is meant for use by | |
655 | python-axolotl.") | |
656 | (license (list license:gpl3 ; Most files | |
657 | license:bsd-3)))) ; curve/curve25519-donna.c | |
658 | ||
659 | (define-public python2-axolotl-curve25519 | |
660 | (package-with-python2 python-axolotl-curve25519)) | |
661 | ||
662 | (define-public python-axolotl | |
663 | (package | |
664 | (name "python-axolotl") | |
b578168f | 665 | (version "0.2.3") |
cc6f4912 LC |
666 | (source |
667 | (origin | |
b578168f AI |
668 | (method url-fetch) |
669 | (uri (pypi-uri "python-axolotl" version)) | |
cc6f4912 | 670 | (sha256 |
b578168f AI |
671 | (base32 |
672 | "1bwdp24fmriffwx91aigs9k162albb51iskp23nc939z893q23py")))) | |
cc6f4912 LC |
673 | (build-system python-build-system) |
674 | (arguments | |
675 | `(#:phases | |
676 | (modify-phases %standard-phases | |
677 | ;; Don't install tests | |
678 | (add-before 'install 'remove-tests | |
679 | (lambda _ | |
680 | (for-each delete-file-recursively | |
681 | '("axolotl/tests" "build/lib/axolotl/tests")) | |
682 | #t))))) | |
683 | (propagated-inputs | |
684 | `(("python-axolotl-curve25519" ,python-axolotl-curve25519) | |
b578168f AI |
685 | ("python-cryptography" ,python-cryptography) |
686 | ("python-protobuf" ,python-protobuf))) | |
cc6f4912 LC |
687 | (home-page "https://github.com/tgalal/python-axolotl") |
688 | (synopsis "Python port of libaxolotl-android") | |
689 | (description "This is a python port of libaxolotl-android. This | |
690 | is a ratcheting forward secrecy protocol that works in synchronous and | |
691 | asynchronous messaging environments.") | |
692 | (license license:gpl3))) | |
693 | ||
694 | (define-public python2-axolotl | |
695 | (package-with-python2 python-axolotl)) | |
696 | ||
697 | ;; SlowAES isn't compatible with Python 3. | |
698 | (define-public python2-slowaes | |
699 | (package | |
700 | (name "python2-slowaes") | |
701 | (version "0.1a1") | |
702 | (source | |
703 | (origin | |
704 | (method url-fetch) | |
705 | (uri (pypi-uri "slowaes" version)) | |
706 | (sha256 | |
707 | (base32 | |
708 | "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3")))) | |
709 | (build-system python-build-system) | |
710 | (arguments `(#:python ,python-2)) | |
711 | (home-page "http://code.google.com/p/slowaes/") | |
712 | (synopsis "Implementation of AES in Python") | |
713 | (description "This package contains an implementation of AES in Python. | |
714 | This implementation is slow (hence the project name) but still useful when | |
715 | faster ones are not available.") | |
716 | (license license:asl2.0))) | |
717 | ||
718 | (define-public python-pyaes | |
719 | (package | |
720 | (name "python-pyaes") | |
6de86fd5 | 721 | (version "1.6.1") |
cc6f4912 LC |
722 | (source |
723 | (origin | |
724 | (method url-fetch) | |
725 | (uri (pypi-uri "pyaes" version)) | |
726 | (sha256 | |
727 | (base32 | |
6de86fd5 | 728 | "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82")))) |
cc6f4912 LC |
729 | (build-system python-build-system) |
730 | (home-page "https://github.com/ricmoo/pyaes") | |
731 | (synopsis "Implementation of AES in Python") | |
732 | (description "This package contains a pure-Python implementation of the | |
733 | AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR, | |
734 | ECB and OFB).") | |
735 | (license license:expat))) | |
736 | ||
737 | (define-public python2-pyaes | |
738 | (package-with-python2 python-pyaes)) | |
b95c17c5 LC |
739 | |
740 | (define-public python-asn1crypto | |
741 | (package | |
742 | (name "python-asn1crypto") | |
cf69b714 | 743 | (version "1.4.0") |
b95c17c5 | 744 | (source |
353bdae3 | 745 | (origin |
d3b7feb7 EF |
746 | (method git-fetch) |
747 | (uri (git-reference | |
353bdae3 MC |
748 | (url "https://github.com/wbond/asn1crypto") |
749 | (commit version))) | |
750 | (file-name (git-file-name name version)) | |
751 | (sha256 | |
752 | (base32 | |
753 | "19abibn6jw20mzi1ln4n9jjvpdka8ygm4m439hplyrdfqbvgm01r")))) | |
b95c17c5 | 754 | (build-system python-build-system) |
07c1ccb1 MB |
755 | (arguments |
756 | '(#:phases (modify-phases %standard-phases | |
757 | (replace 'check | |
758 | (lambda _ | |
759 | (invoke "python" "run.py" "tests")))))) | |
b95c17c5 LC |
760 | (home-page "https://github.com/wbond/asn1crypto") |
761 | (synopsis "ASN.1 parser and serializer in Python") | |
762 | (description "asn1crypto is an ASN.1 parser and serializer with definitions | |
763 | for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, | |
764 | PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.") | |
765 | (license license:expat))) | |
766 | ||
767 | (define-public python2-asn1crypto | |
768 | (package-with-python2 python-asn1crypto)) | |
769 | ||
770 | (define-public python-pynacl | |
771 | (package | |
772 | (name "python-pynacl") | |
f5e3f02f | 773 | (version "1.4.0") |
b95c17c5 LC |
774 | (source |
775 | (origin | |
776 | (method url-fetch) | |
777 | (uri (pypi-uri "PyNaCl" version)) | |
778 | (modules '((guix build utils))) | |
f5e3f02f MB |
779 | (snippet |
780 | '(begin | |
781 | ;; Remove spurious dependency on python-wheel, can be removed | |
782 | ;; for 1.5. | |
783 | (substitute* "setup.py" | |
784 | (("\"wheel\"") "")) | |
785 | ;; Remove bundled libsodium. | |
786 | (delete-file-recursively "src/libsodium") | |
787 | #t)) | |
b95c17c5 LC |
788 | (sha256 |
789 | (base32 | |
f5e3f02f | 790 | "01b56hxrbif3hx8l6rwz5kljrgvlbj7shmmd2rjh0hn7974a5sal")))) |
b95c17c5 LC |
791 | (build-system python-build-system) |
792 | (arguments | |
f5e3f02f MB |
793 | `(#:modules (,@%python-build-system-modules |
794 | (guix build utils) | |
795 | (ice-9 ftw) | |
796 | (srfi srfi-26)) | |
797 | #:phases | |
798 | (modify-phases (@ (guix build python-build-system) %standard-phases) | |
b95c17c5 LC |
799 | (add-before 'build 'use-system-sodium |
800 | (lambda _ | |
801 | (setenv "SODIUM_INSTALL" "system") | |
f5e3f02f MB |
802 | #t)) |
803 | (replace 'check | |
804 | (lambda _ | |
805 | (let ((build-directory | |
806 | (car (scandir "build" (cut string-prefix? "lib" <>))))) | |
807 | (setenv "PYTHONPATH" | |
808 | (string-append "./build/" build-directory ":" | |
809 | (getenv "PYTHONPATH"))) | |
810 | (invoke "pytest" "-vv"))))))) | |
b95c17c5 | 811 | (native-inputs |
6969ad0e LF |
812 | `(("python-hypothesis" ,python-hypothesis) |
813 | ("python-pytest" ,python-pytest))) | |
b95c17c5 LC |
814 | (propagated-inputs |
815 | `(("python-cffi" ,python-cffi) | |
816 | ("python-six" ,python-six) | |
817 | ("libsodium" ,libsodium))) | |
818 | (home-page "https://github.com/pyca/pynacl/") | |
819 | (synopsis "Python bindings to libsodium") | |
820 | (description | |
821 | "PyNaCl is a Python binding to libsodium, which is a fork of the | |
822 | Networking and Cryptography library. These libraries have a stated goal | |
823 | of improving usability, security and speed.") | |
824 | (license license:asl2.0))) | |
825 | ||
acc6e695 JL |
826 | (define-public python2-pynacl |
827 | (package-with-python2 python-pynacl)) | |
828 | ||
b95c17c5 LC |
829 | (define-public python2-pgpdump |
830 | (package | |
831 | (name "python2-pgpdump") | |
832 | (version "1.5") | |
833 | (source | |
834 | (origin | |
835 | (method url-fetch) | |
836 | (uri (pypi-uri "pgpdump" version)) | |
837 | (sha256 | |
838 | (base32 | |
839 | "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw")))) | |
840 | (build-system python-build-system) | |
841 | ||
842 | ;; Currently fails to build with Python 3. | |
843 | (arguments `(#:python ,python-2)) | |
844 | ||
845 | (home-page "https://github.com/toofishes/python-pgpdump") | |
846 | (synopsis "Python library for parsing PGP packets") | |
847 | (description | |
848 | "Python-pgpdump is an OpenPGP packet parser based on | |
849 | @uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports: | |
850 | ||
851 | @itemize | |
852 | @item signature packets; | |
853 | @item public key packets; | |
854 | @item secret key packets; | |
855 | @item trust, user ID, and user attribute packets; | |
856 | @item ASCII-armor decoding and CRC check. | |
857 | @end itemize\n") | |
858 | (license license:bsd-3))) | |
859 | ||
860 | (define-public python2-roca-detect | |
861 | (package | |
862 | (name "python2-roca-detect") | |
863 | (version "1.0.8") | |
864 | (source | |
865 | (origin | |
866 | (method url-fetch) | |
867 | (uri (pypi-uri "roca-detect" version)) | |
868 | (sha256 | |
869 | (base32 | |
870 | "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27")))) | |
871 | (build-system python-build-system) | |
872 | (native-inputs | |
873 | ;; TODO: apk_parse_ph4, pyjks | |
874 | `(("python2-dateutil" ,python2-dateutil) | |
875 | ("python2-six" ,python2-six) | |
876 | ("python2-cryptography" ,python2-cryptography) | |
877 | ("python2-future" ,python2-future) | |
878 | ("python2-coloredlogs" ,python2-coloredlogs) | |
879 | ("python2-pgpdump" ,python2-pgpdump))) | |
880 | (arguments | |
881 | `(;; Basic testing routine is quite simple and works with Py3 | |
882 | ;; but the rest of the code that processes the different | |
883 | ;; key formats and extracts the modulus for inspection is | |
884 | ;; not yet fully py3 ready. | |
885 | #:python ,python-2)) | |
886 | (home-page "https://github.com/crocs-muni/roca") | |
887 | (synopsis "ROCA detection tool") | |
888 | (description | |
889 | "This tool is related to the paper entitled @i{Return of the | |
890 | Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It | |
891 | enables you to test public RSA keys for a presence of the described | |
892 | vulnerability. Currently the tool supports the following key formats: X.509 | |
893 | Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public | |
894 | key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF | |
895 | file, and more.") | |
896 | (license license:gpl3))) | |
d0d5f726 | 897 | |
3eca7ff9 EF |
898 | (define-public python-blurhash |
899 | (package | |
900 | (name "python-blurhash") | |
901 | (version "1.1.4") | |
902 | (source | |
903 | (origin | |
904 | ;; Tests not included in pypi release and releases not tagged in git repo. | |
905 | (method git-fetch) | |
906 | (uri (git-reference | |
907 | (url "https://github.com/halcy/blurhash-python") | |
908 | (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8"))) | |
909 | (file-name (git-file-name name version)) | |
910 | (sha256 | |
911 | (base32 | |
912 | "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf")))) | |
913 | (build-system python-build-system) | |
914 | (arguments | |
915 | '(#:phases | |
916 | (modify-phases %standard-phases | |
917 | (replace 'check | |
918 | (lambda _ | |
919 | (delete-file "setup.cfg") | |
920 | (invoke "pytest")))))) | |
921 | (native-inputs | |
922 | `(("python-numpy" ,python-numpy) | |
923 | ("python-pillow" ,python-pillow) | |
924 | ("python-pytest" ,python-pytest))) | |
925 | (home-page "https://github.com/halcy/blurhash-python") | |
926 | (synopsis | |
927 | "Pure-Python implementation of the blurhash algorithm") | |
928 | (description | |
929 | "Pure-Python implementation of the blurhash algorithm.") | |
930 | (license license:expat))) | |
931 | ||
d0d5f726 DM |
932 | (define-public python-ecpy |
933 | (package | |
934 | (name "python-ecpy") | |
37da5813 | 935 | (version "0.10.0") |
d0d5f726 DM |
936 | (source |
937 | (origin | |
938 | (method url-fetch) | |
939 | (uri (pypi-uri "ECPy" version)) | |
940 | (sha256 | |
941 | (base32 | |
37da5813 | 942 | "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8")))) |
d0d5f726 DM |
943 | (build-system python-build-system) |
944 | (propagated-inputs | |
945 | `(("python-future" ,python-future))) | |
946 | (home-page "https://github.com/ubinity/ECPy") | |
947 | (synopsis "Pure Python Elliptic Curve Library") | |
948 | (description "This package provides a Elliptic Curve Library in pure | |
949 | Python.") | |
950 | (license license:asl2.0))) | |
951 | ||
952 | (define-public python2-ecpy | |
953 | (package-with-python2 python-ecpy)) | |
c1927129 LF |
954 | |
955 | (define-public python-josepy | |
956 | (package | |
957 | (name "python-josepy") | |
205044b9 | 958 | (version "1.1.0") |
c1927129 LF |
959 | (source (origin |
960 | (method url-fetch) | |
961 | (uri (pypi-uri "josepy" version)) | |
962 | (sha256 | |
963 | (base32 | |
205044b9 | 964 | "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v")))) |
c1927129 LF |
965 | (build-system python-build-system) |
966 | (arguments | |
205044b9 | 967 | ;; The tests require flake8 >= 3.5, which is not yet packaged. |
c1927129 LF |
968 | '(#:tests? #f)) |
969 | (propagated-inputs | |
970 | `(("python-cryptography" ,python-cryptography) | |
971 | ("python-pyopenssl" ,python-pyopenssl) | |
972 | ("python-six" ,python-six))) | |
205044b9 | 973 | ;; TODO Enable when we have flake8 >= 3.5. |
c1927129 LF |
974 | ; (native-inputs |
975 | ; `(("python-coverage" ,python-coverage) | |
976 | ; ("python-flake8" ,python-flake8) | |
977 | ; ("python-isort" ,python-isort) | |
978 | ; ("python-mock" ,python-mock) | |
205044b9 | 979 | ; ("python-pytest" ,python-pytest) |
c1927129 LF |
980 | ; ("python-pytest-cov" ,python-pytest-cov) |
981 | ; ("python-pytest-cache" ,python-pytest-cache) | |
982 | ; ("python-pytest-flake8" ,python-pytest-flake8))) | |
983 | (home-page "https://github.com/certbot/josepy") | |
984 | (synopsis "JOSE protocol implementation in Python") | |
985 | (description "This package provides a Python implementation of the JOSE | |
986 | protocol (Javascript Object Signing and Encryption).") | |
987 | (license license:asl2.0))) | |
988 | ||
989 | (define-public python2-josepy | |
990 | (package-with-python2 python-josepy)) | |
d32456d5 OP |
991 | |
992 | (define-public python-pycryptodome | |
993 | (package | |
994 | (name "python-pycryptodome") | |
bb2d1dae | 995 | (version "3.9.9") |
d32456d5 OP |
996 | (source |
997 | (origin | |
998 | (method url-fetch) | |
999 | (uri (pypi-uri "pycryptodome" version)) | |
1000 | (sha256 | |
1001 | (base32 | |
bb2d1dae | 1002 | "1i4m74f88qj9ci8rpyzrbk2slmsdj5ipmwdkq6qk24byalm203li")))) |
d32456d5 OP |
1003 | (build-system python-build-system) |
1004 | (home-page "https://www.pycryptodome.org") | |
970a3026 TGR |
1005 | (synopsis "Low-level cryptographic Python library") |
1006 | (description | |
1007 | "PyCryptodome is a self-contained Python package of low-level | |
1008 | cryptographic primitives. It's not a wrapper to a separate C library like | |
1009 | OpenSSL. To the largest possible extent, algorithms are implemented in pure | |
1010 | Python. Only the pieces that are extremely critical to performance (e.g., | |
1011 | block ciphers) are implemented as C extensions. | |
1012 | ||
1013 | You are expected to have a solid understanding of cryptography and security | |
1014 | engineering to successfully use these primitives. You must also be able to | |
1015 | recognize that some are obsolete (e.g., TDES) or even insecure (RC4). | |
d32456d5 | 1016 | |
970a3026 | 1017 | It provides many enhancements over the last release of PyCrypto (2.6.1): |
d32456d5 OP |
1018 | |
1019 | @itemize | |
1020 | @item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB) | |
1021 | @item Accelerated AES on Intel platforms via AES-NI | |
970a3026 | 1022 | @item First-class support for PyPy |
d32456d5 OP |
1023 | @item Elliptic curves cryptography (NIST P-256 curve only) |
1024 | @item Better and more compact API (nonce and iv attributes for ciphers, | |
1025 | automatic generation of random nonces and IVs, simplified CTR cipher mode, and | |
1026 | more) | |
1027 | @item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms | |
1028 | @item Salsa20 and ChaCha20 stream ciphers | |
1029 | @item scrypt and HKDF | |
1030 | @item Deterministic (EC)DSA | |
1031 | @item Password-protected PKCS#8 key containers | |
1032 | @item Shamir’s Secret Sharing scheme | |
1033 | @item Random numbers get sourced directly from the OS (and not from a CSPRNG | |
1034 | in userspace) | |
1035 | @item Cleaner RSA and DSA key generation (largely based on FIPS 186-4) | |
970a3026 TGR |
1036 | @item Major clean-ups and simplification of the code base |
1037 | @end itemize | |
1038 | ||
1039 | This package provides drop-in compatibility with PyCrypto. It is one of two | |
1040 | PyCryptodome variants, the other being python-pycryptodomex.") | |
c8ca9eb8 TGR |
1041 | (license (list license:bsd-2 |
1042 | license:public-domain)))) ; code inherited from PyCrypto | |
d32456d5 OP |
1043 | |
1044 | (define-public python2-pycryptodome | |
1045 | (package-with-python2 python-pycryptodome)) | |
2f691218 | 1046 | |
5ef1913c | 1047 | (define-public python-pycryptodomex |
cbfa23c7 | 1048 | (package (inherit python-pycryptodome) |
5ef1913c | 1049 | (name "python-pycryptodomex") |
cbfa23c7 | 1050 | (version (package-version python-pycryptodome)) |
5ef1913c TGR |
1051 | (source |
1052 | (origin | |
1053 | (method url-fetch) | |
1054 | (uri (pypi-uri "pycryptodomex" version)) | |
1055 | (sha256 | |
1056 | (base32 "0lbx4qk3xmwqiidhmkj8qa7bh2lf8bwzg0xjpsh2w5zqjrc7qnvv")))) | |
5ef1913c TGR |
1057 | (description |
1058 | "PyCryptodome is a self-contained Python package of low-level | |
1059 | cryptographic primitives. It's not a wrapper to a separate C library like | |
1060 | OpenSSL. To the largest possible extent, algorithms are implemented in pure | |
1061 | Python. Only the pieces that are extremely critical to performance (e.g., | |
1062 | block ciphers) are implemented as C extensions. | |
1063 | ||
1064 | You are expected to have a solid understanding of cryptography and security | |
1065 | engineering to successfully use these primitives. You must also be able to | |
1066 | recognize that some are obsolete (e.g., TDES) or even insecure (RC4). | |
1067 | ||
1068 | It provides many enhancements over the last release of PyCrypto (2.6.1): | |
1069 | ||
1070 | @itemize | |
1071 | @item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB) | |
1072 | @item Accelerated AES on Intel platforms via AES-NI | |
1073 | @item First-class support for PyPy | |
1074 | @item Elliptic curves cryptography (NIST P-256 curve only) | |
1075 | @item Better and more compact API (nonce and iv attributes for ciphers, | |
1076 | automatic generation of random nonces and IVs, simplified CTR cipher mode, and | |
1077 | more) | |
1078 | @item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms | |
1079 | @item Salsa20 and ChaCha20 stream ciphers | |
1080 | @item scrypt and HKDF | |
1081 | @item Deterministic (EC)DSA | |
1082 | @item Password-protected PKCS#8 key containers | |
1083 | @item Shamir’s Secret Sharing scheme | |
1084 | @item Random numbers get sourced directly from the OS (and not from a CSPRNG | |
1085 | in userspace) | |
1086 | @item Cleaner RSA and DSA key generation (largely based on FIPS 186-4) | |
1087 | @item Major clean-ups and simplification of the code base | |
1088 | @end itemize | |
1089 | ||
1090 | PyCryptodomex is the stand-alone version of PyCryptodome that no longer | |
cbfa23c7 | 1091 | provides drop-in compatibility with PyCrypto."))) |
5ef1913c | 1092 | |
2f691218 TČ |
1093 | (define-public python-m2crypto |
1094 | (package | |
1095 | (name "python-m2crypto") | |
3b4cc5cb | 1096 | (version "0.35.2") |
2f691218 TČ |
1097 | (source |
1098 | (origin | |
1099 | (method url-fetch) | |
1100 | (uri (pypi-uri "M2Crypto" version)) | |
1101 | (sha256 | |
3b4cc5cb | 1102 | (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc")))) |
2f691218 | 1103 | (build-system python-build-system) |
f736dedc LLB |
1104 | (arguments |
1105 | `(;; FIXME: Tests start failing with time due to date checks in TLS | |
1106 | ;; certificates. | |
1107 | #:tests? #f)) | |
2f691218 | 1108 | (inputs `(("openssl" ,openssl))) |
4764e83c | 1109 | (native-inputs `(("swig" ,swig))) |
2f691218 TČ |
1110 | (home-page "https://gitlab.com/m2crypto/m2crypto") |
1111 | (synopsis "Python crypto and TLS toolkit") | |
1112 | (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL | |
1113 | featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers | |
1114 | (including AES); TLS functionality to implement clients and servers; HTTPS | |
1115 | extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing | |
1116 | AuthCookies for web session management; FTP/TLS client and server; S/MIME; | |
1117 | M2Crypto can also be used to provide TLS for Twisted. Smartcards supported | |
1118 | through the Engine interface.") | |
e810de3e | 1119 | (properties `((python2-variant . ,(delay python2-m2crypto)))) |
2f691218 TČ |
1120 | (license license:expat))) |
1121 | ||
1122 | (define-public python2-m2crypto | |
e810de3e MB |
1123 | (let ((m2crypto (package-with-python2 |
1124 | (strip-python2-variant python-m2crypto)))) | |
1a265842 | 1125 | (package/inherit m2crypto |
e810de3e MB |
1126 | (propagated-inputs |
1127 | `(("python2-typing" ,python2-typing)))))) | |
c158d476 | 1128 | |
68d425cd VM |
1129 | (define-public python-pykeepass |
1130 | (package | |
1131 | (name "python-pykeepass") | |
0404b28d | 1132 | (version "3.2.1") |
68d425cd VM |
1133 | (source |
1134 | (origin | |
1135 | (method git-fetch) | |
1136 | ;; Source tarball on PyPI doesn't include tests. | |
1137 | (uri (git-reference | |
1138 | (url "https://github.com/libkeepass/pykeepass") | |
1139 | (commit version))) | |
1140 | (file-name (git-file-name name version)) | |
1141 | (sha256 | |
0404b28d | 1142 | (base32 "1symxf4ahylynihnp9z4z3lh2vy65ipvg8s4hjrnn936hcaaxghk")))) |
68d425cd VM |
1143 | (build-system python-build-system) |
1144 | (arguments | |
1145 | `(#:phases | |
1146 | (modify-phases %standard-phases | |
1147 | (add-after 'unpack 'make-kdbx-writable | |
1148 | ;; Tests have to write to the .kdbx files in the test directory. | |
1149 | (lambda _ | |
1150 | (with-directory-excursion "tests" | |
1151 | (for-each make-file-writable (find-files ".")) | |
1152 | #t))) | |
1153 | (add-before 'build 'patch-requirements | |
1154 | (lambda _ | |
1155 | ;; Update requirements from dependency==version | |
1156 | ;; to dependency>=version. | |
1157 | (substitute* "setup.py" | |
1158 | (("==") ">=")) | |
1159 | #t))))) | |
1160 | (propagated-inputs | |
1161 | `(("python-argon2-cffi" ,python-argon2-cffi) | |
1162 | ("python-construct" ,python-construct) | |
1163 | ("python-dateutil" ,python-dateutil) | |
1164 | ("python-future" ,python-future) | |
1165 | ("python-lxml" ,python-lxml) | |
0404b28d | 1166 | ("python-pycryptodomex" ,python-pycryptodomex))) |
68d425cd VM |
1167 | (home-page "https://github.com/libkeepass/pykeepass") |
1168 | (synopsis "Python library to interact with keepass databases") | |
1169 | (description | |
1170 | "This library allows you to write entries to a KeePass database. It | |
1171 | supports KDBX3 and KDBX4.") | |
1172 | ;; There are no copyright headers in the source code. The LICENSE file | |
1173 | ;; indicates GPL3. | |
1174 | (license license:gpl3+))) | |
1175 | ||
c158d476 NG |
1176 | (define-public python-pylibscrypt |
1177 | (package | |
1178 | (name "python-pylibscrypt") | |
1179 | (version "1.7.1") | |
1180 | (source | |
1181 | (origin | |
1182 | (method url-fetch) | |
1183 | (uri (pypi-uri "pylibscrypt" version)) | |
1184 | (sha256 | |
1185 | (base32 | |
1186 | "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs")))) | |
1187 | (build-system python-build-system) | |
1188 | (arguments | |
929d4d2f NG |
1189 | `(#:phases |
1190 | (modify-phases %standard-phases | |
1191 | (add-before 'build 'hard-code-path-to-libscrypt | |
1192 | (lambda* (#:key inputs #:allow-other-keys) | |
1193 | (let ((libscrypt (assoc-ref inputs "libscrypt"))) | |
1194 | (substitute* "pylibscrypt/pylibscrypt.py" | |
1195 | (("find_library\\('scrypt'\\)") | |
1196 | (string-append "'" libscrypt "/lib/libscrypt.so'"))) | |
1197 | #t)))) | |
1198 | ;; The library can use various scrypt implementations and tests all of | |
1199 | ;; them. Since we only provide a single implementation, most tests | |
1200 | ;; fail. Simply skip them. | |
1201 | #:tests? #f)) | |
1202 | ;; FIXME: Using "libscrypt" is the second best choice. The best one | |
1203 | ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL | |
1204 | ;; 1.1+. Use that as soon as Guix provides it. | |
c158d476 | 1205 | (inputs |
929d4d2f | 1206 | `(("libscrypt" ,libscrypt))) |
c158d476 NG |
1207 | (home-page "https://github.com/jvarho/pylibscrypt") |
1208 | (synopsis "Scrypt for Python") | |
1209 | (description "There are a lot of different scrypt modules for Python, but | |
1210 | none of them have everything that I'd like, so here's one more. It uses | |
929d4d2f | 1211 | @code{libscrypt}.") |
c158d476 | 1212 | (license license:isc))) |
40c6e454 NG |
1213 | |
1214 | (define-public python-libnacl | |
1215 | (package | |
1216 | (name "python-libnacl") | |
2bb3ceda | 1217 | (version "1.7.2") |
40c6e454 NG |
1218 | (source |
1219 | (origin | |
1220 | (method url-fetch) | |
1221 | (uri (pypi-uri "libnacl" version)) | |
1222 | (sha256 | |
1223 | (base32 | |
2bb3ceda | 1224 | "0srx7i264v4dq9and8y6gpzzhrg8jpxs5iy9ggw4plimfj0rjfdm")))) |
40c6e454 NG |
1225 | (build-system python-build-system) |
1226 | (arguments | |
1227 | `(#:phases | |
1228 | (modify-phases %standard-phases | |
1229 | (add-after 'unpack 'locate-libsodium | |
1230 | (lambda* (#:key inputs #:allow-other-keys) | |
1231 | (substitute* "libnacl/__init__.py" | |
2bb3ceda NG |
1232 | (("/usr/local/lib/libsodium.so") |
1233 | (string-append (assoc-ref inputs "libsodium") | |
1234 | "/lib/libsodium.so"))) | |
1235 | #t))))) | |
40c6e454 NG |
1236 | (native-inputs |
1237 | `(("python-pyhamcrest" ,python-pyhamcrest))) | |
1238 | (inputs | |
1239 | `(("libsodium" ,libsodium))) | |
1240 | (home-page "https://libnacl.readthedocs.org/") | |
1241 | (synopsis "Python bindings for libsodium based on ctypes") | |
1242 | (description "@code{libnacl} is used to gain direct access to the | |
1243 | functions exposed by @code{NaCl} library via @code{libsodium}. It has | |
1244 | been constructed to maintain extensive documentation on how to use | |
1245 | @code{NaCl} as well as being completely portable.") | |
1246 | (license license:asl2.0))) | |
cb91f6ae | 1247 | |
6f8d776d VM |
1248 | (define-public python-pyotp |
1249 | (package | |
1250 | (name "python-pyotp") | |
31f1888a | 1251 | (version "2.4.1") |
6f8d776d VM |
1252 | (source |
1253 | (origin | |
1254 | (method url-fetch) | |
1255 | (uri (pypi-uri "pyotp" version)) | |
1256 | (sha256 | |
31f1888a | 1257 | (base32 "0jsqfmx9i7j8z81r4zazv76xzy1fcq8v9s2r4kvx7ajfndq3z2h3")))) |
6f8d776d VM |
1258 | (build-system python-build-system) |
1259 | (home-page "https://github.com/pyauth/pyotp") | |
1260 | (synopsis "Python One Time Password Library") | |
1261 | (description | |
1262 | "PyOTP is a Python library for generating and verifying one-time | |
1263 | passwords. It can be used to implement two-factor (2FA) or multi-factor | |
1264 | (MFA) authentication methods in web applications and in other systems that | |
1265 | require users to log in.") | |
1266 | (license license:expat))) | |
1267 | ||
1fa1d822 NG |
1268 | (define-public python-scrypt |
1269 | (package | |
1270 | (name "python-scrypt") | |
cc314e90 | 1271 | (version "0.8.7") |
1fa1d822 NG |
1272 | (source |
1273 | (origin | |
1274 | (method url-fetch) | |
1275 | (uri (pypi-uri "scrypt" version)) | |
1276 | (sha256 | |
1277 | (base32 | |
cc314e90 | 1278 | "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr")))) |
1fa1d822 NG |
1279 | (build-system python-build-system) |
1280 | (inputs | |
1281 | `(("openssl" ,openssl))) | |
20c604c5 | 1282 | (home-page "https://bitbucket.org/mhallin/py-scrypt") |
1fa1d822 NG |
1283 | (synopsis "Bindings for the scrypt key derivation function library") |
1284 | (description "This is a set of Python bindings for the scrypt key | |
1285 | derivation function.") | |
1286 | (license license:bsd-2))) | |
8afe166d NN |
1287 | |
1288 | (define-public python-service-identity | |
1289 | (package | |
1290 | (name "python-service-identity") | |
c105e509 | 1291 | (version "18.1.0") |
8afe166d NN |
1292 | (source |
1293 | (origin | |
1294 | (method url-fetch) | |
1295 | (uri (pypi-uri "service_identity" version)) | |
1296 | (sha256 | |
1297 | (base32 | |
c105e509 | 1298 | "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08")))) |
8afe166d NN |
1299 | (build-system python-build-system) |
1300 | (propagated-inputs | |
1301 | `(("python-attrs" ,python-attrs) | |
1302 | ("python-pyasn1" ,python-pyasn1) | |
1303 | ("python-pyasn1-modules" ,python-pyasn1-modules) | |
1304 | ("python-pyopenssl" ,python-pyopenssl))) | |
1305 | (home-page "https://service-identity.readthedocs.io/") | |
1306 | (synopsis "Service identity verification for PyOpenSSL") | |
1307 | (description | |
1308 | "@code{service_identity} aspires to give you all the tools you need | |
1309 | for verifying whether a certificate is valid for the intended purposes. | |
1310 | In the simplest case, this means host name verification. However, | |
1311 | service_identity implements RFC 6125 fully and plans to add other | |
1312 | relevant RFCs too.") | |
1313 | (license license:expat))) | |
1314 | ||
1315 | (define-public python2-service-identity | |
1316 | (package-with-python2 python-service-identity)) | |
0a90c789 LF |
1317 | |
1318 | (define-public python-hkdf | |
1319 | (package | |
1320 | (name "python-hkdf") | |
1321 | (version "0.0.3") | |
1322 | (source | |
1323 | (origin | |
1324 | (method url-fetch) | |
1325 | (uri (pypi-uri "hkdf" version)) | |
1326 | (sha256 | |
1327 | (base32 | |
1328 | "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2")))) | |
1329 | (build-system python-build-system) | |
1330 | (native-inputs | |
1331 | `(("python-nose" ,python-nose))) | |
1332 | (home-page "https://github.com/casebeer/python-hkdf") | |
1333 | (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)") | |
1334 | (description "This package provides a Python implementation of the HMAC Key | |
1335 | Derivation function (HKDF) defined in RFC 5869.") | |
1336 | (license license:bsd-2))) | |
fc681a18 LF |
1337 | |
1338 | (define-public python-spake2 | |
1339 | (package | |
1340 | (name "python-spake2") | |
1341 | (version "0.8") | |
1342 | (source | |
1343 | (origin | |
1344 | (method url-fetch) | |
1345 | (uri (pypi-uri "spake2" version)) | |
1346 | (sha256 | |
1347 | (base32 | |
1348 | "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1")))) | |
1349 | (build-system python-build-system) | |
1350 | (propagated-inputs | |
1351 | `(("python-hkdf" ,python-hkdf))) | |
1352 | (home-page "https://github.com/warner/python-spake2") | |
1353 | (synopsis "SPAKE2 password-authenticated key exchange in Python") | |
1354 | (description "This package provides a Python implementation of the SPAKE2 | |
1355 | Password-Authenticated Key Exchange algorithm.") | |
1356 | (license license:expat))) | |
215f3db0 LF |
1357 | |
1358 | (define-public python-txtorcon | |
1359 | (package | |
1360 | (name "python-txtorcon") | |
1361 | (version "19.0.0") | |
1362 | (source | |
1363 | (origin | |
1364 | (method url-fetch) | |
1365 | (uri (pypi-uri "txtorcon" version)) | |
1366 | (sha256 | |
1367 | (base32 | |
1368 | "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p")))) | |
1369 | (build-system python-build-system) | |
1370 | (arguments | |
1371 | ;; The tests fail immediately due to a missing file. Reported upstream: | |
1372 | ;; <https://github.com/meejah/txtorcon/issues/330> | |
1373 | `(#:tests? #f)) | |
1374 | (propagated-inputs | |
1375 | `(("python-automat" ,python-automat) | |
1376 | ("python-idna" ,python-idna) | |
1377 | ("python-incremental" ,python-incremental) | |
215f3db0 LF |
1378 | ("python-service-identity" ,python-service-identity) |
1379 | ("python-twisted" ,python-twisted) | |
1380 | ("python-zope-interface" ,python-zope-interface))) | |
1381 | (home-page "https://github.com/meejah/txtorcon") | |
1382 | (synopsis "Twisted-based Tor controller client") | |
1383 | (description "This package provides a Twisted-based Tor controller client, | |
1384 | with state-tracking and configuration abstractions.") | |
1385 | (license license:expat))) | |
93953ec7 GLV |
1386 | |
1387 | (define-public python-keyutils | |
1388 | (package | |
1389 | (name "python-keyutils") | |
1390 | (version "0.6") | |
1391 | (source | |
1392 | (origin | |
1393 | (method url-fetch) | |
1394 | (uri (pypi-uri "keyutils" version)) | |
1395 | (sha256 | |
1396 | (base32 | |
1397 | "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9")))) | |
1398 | (build-system python-build-system) | |
1399 | (native-inputs | |
1400 | `(("python-pytest" ,python-pytest) | |
1401 | ("python-pytest-runner" ,python-pytest-runner))) | |
1402 | (inputs | |
1403 | `(("keyutils" ,keyutils))) | |
1404 | (arguments | |
1405 | '(#:tests? #f)) | |
1406 | (home-page "https://github.com/sassoftware/python-keyutils") | |
1407 | (synopsis "Python bindings for keyutils") | |
1408 | (description | |
1409 | "This is a set of python bindings for keyutils, a key management suite | |
1410 | that leverages the infrastructure provided by the Linux kernel for safely | |
a806b0b0 | 1411 | storing and retrieving sensitive information in your programs.") |
93953ec7 | 1412 | (license license:asl2.0))) |
1f15cbc8 CL |
1413 | |
1414 | (define-public python-mcuboot-imgtool | |
1415 | (package | |
1416 | (name "python-mcuboot-imgtool") | |
1417 | (version "1.4.0") | |
1418 | (source | |
1419 | (origin | |
1420 | (method git-fetch) | |
1421 | (uri (git-reference | |
1422 | (url "https://github.com/JuulLabs-OSS/mcuboot") | |
1423 | (commit (string-append "v" version)))) | |
1424 | (file-name (git-file-name name version)) | |
1425 | (sha256 | |
1426 | (base32 | |
1427 | "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q")))) | |
1428 | (build-system python-build-system) | |
1429 | (arguments | |
1430 | `(#:phases | |
1431 | (modify-phases %standard-phases | |
1432 | (add-after 'unpack 'fix-broken-test | |
1433 | (lambda _ | |
1434 | (substitute* "scripts/imgtool/keys/ed25519_test.py" | |
1435 | (("raw_sign") "sign_digest")) | |
1436 | #t)) | |
1437 | (add-before 'build 'change-directory | |
1438 | (lambda _ | |
1439 | (chdir "scripts") | |
1440 | #t))))) | |
1441 | (propagated-inputs | |
1442 | `(("python-click" ,python-click) | |
1443 | ("python-intelhex" ,python-intelhex) | |
1444 | ("python-cryptography" ,python-cryptography))) | |
1445 | (home-page "https://mcuboot.com") | |
1446 | (synopsis "Tool to securely sign firmware images for booting by MCUboot") | |
1447 | (description "MCUboot is a secure bootloader for 32-bit MCUs. This | |
1448 | package provides a tool to securely sign firmware images for booting by | |
1449 | MCUboot.") | |
1450 | (license license:expat))) | |
83feb3d0 | 1451 | |
163997c9 AT |
1452 | (define-public python-ntlm-auth |
1453 | (package | |
1454 | (name "python-ntlm-auth") | |
1455 | (version "1.4.0") | |
1456 | (source | |
1457 | (origin | |
1458 | (method url-fetch) | |
1459 | (uri (pypi-uri "ntlm-auth" version)) | |
1460 | (sha256 | |
1461 | (base32 | |
1462 | "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm")))) | |
1463 | (build-system python-build-system) | |
1464 | (propagated-inputs | |
1465 | `(("python-cryptography" ,python-cryptography))) | |
1466 | (home-page "https://github.com/jborean93/ntlm-auth") | |
1467 | (synopsis | |
1468 | "Calculates NTLM Authentication codes") | |
1469 | (description | |
1470 | "This library handles the low-level details of NTLM authentication for | |
1471 | use in authenticating with a service that uses NTLM. It will create and parse | |
1472 | the 3 different message types in the order required and produce a base64 | |
1473 | encoded value that can be attached to the HTTP header. | |
1474 | ||
1475 | The goal of this library is to offer full NTLM support including signing and | |
1476 | sealing of messages as well as supporting MIC for message integrity and the | |
1477 | ability to customise and set limits on the messages sent. Please see Features | |
1478 | and Backlog for a list of what is and is not currently supported.") | |
1479 | (license license:expat))) | |
1480 | ||
4ee1ea76 EF |
1481 | (define-public python-secretstorage |
1482 | (package | |
1483 | (name "python-secretstorage") | |
78b043bb | 1484 | (version "3.3.1") |
4ee1ea76 EF |
1485 | (source |
1486 | (origin | |
1487 | (method url-fetch) | |
1488 | (uri (pypi-uri "SecretStorage" version)) | |
1489 | (sha256 | |
1490 | (base32 | |
78b043bb | 1491 | "15ginv4gzxrx77n7517xnvf2jcpqc6ran12s951hc85zlr8nqrpx")))) |
4ee1ea76 EF |
1492 | (build-system python-build-system) |
1493 | (arguments | |
1494 | '(#:tests? #f)) ; Tests require a running dbus service. | |
1495 | (propagated-inputs | |
1496 | `(("python-cryptography" ,python-cryptography) | |
1497 | ("python-jeepney" ,python-jeepney))) | |
1498 | (home-page "https://github.com/mitya57/secretstorage") | |
1499 | (synopsis "Python bindings to FreeDesktop.org Secret Service API") | |
1500 | (description | |
1501 | "@code{python-secretstorage} provides a way for securely storing passwords | |
1502 | and other secrets. It uses D-Bus Secret Service API that is supported by GNOME | |
1503 | Keyring (since version 2.30) and KSecretsService. SecretStorage supports most | |
1504 | of the functions provided by Secret Service, including creating and deleting | |
1505 | items and collections, editing items, locking and unlocking collections | |
1506 | (asynchronous unlocking is also supported).") | |
1507 | (license license:bsd-3))) | |
1508 | ||
960dafce VM |
1509 | (define-public python-trustme |
1510 | (package | |
1511 | (name "python-trustme") | |
1512 | (version "0.6.0") | |
1513 | (source | |
1514 | (origin | |
1515 | (method url-fetch) | |
1516 | (uri (pypi-uri "trustme" version)) | |
1517 | (sha256 | |
1518 | (base32 "0v3vr5z6apnfmklf07m45kv5kaqvm6hxrkaqywch57bjd2siiywx")))) | |
1519 | (build-system python-build-system) | |
1520 | (arguments | |
1521 | `(#:phases | |
1522 | (modify-phases %standard-phases | |
1523 | (replace 'check | |
1524 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
1525 | (add-installed-pythonpath inputs outputs) | |
1526 | (invoke "pytest" "-vv")))))) | |
1527 | (native-inputs | |
1528 | `(("python-more-itertools" ,python-more-itertools) | |
1529 | ("python-pyopenssl" ,python-pyopenssl) | |
1530 | ("python-pytest" ,python-pytest) | |
1531 | ("python-pytest-cov" ,python-pytest-cov) | |
1532 | ("python-service-identity" ,python-service-identity) | |
1533 | ("python-zipp" ,python-zipp))) | |
1534 | (propagated-inputs | |
1535 | `(("python-cryptography" ,python-cryptography))) | |
1536 | (home-page "https://github.com/python-trio/trustme") | |
1537 | (synopsis "Fake a certificate authority for tests") | |
1538 | (description | |
1539 | "@code{trustme} is a tiny Python package that does one thing: it gives you | |
1540 | a fake certificate authority (CA) that you can use to generate fake TLS certs to | |
1541 | use in your tests.") | |
1542 | ;; Either license applies. | |
1543 | (license (list license:expat license:asl2.0)))) | |
1544 | ||
5e5c695d EF |
1545 | (define-public python-certipy |
1546 | (package | |
1547 | (name "python-certipy") | |
1548 | (version "0.1.3") | |
1549 | (source | |
1550 | (origin | |
1551 | (method url-fetch) | |
1552 | (uri (pypi-uri "certipy" version)) | |
1553 | (sha256 | |
1554 | (base32 | |
1555 | "0n980gqpzh0fm58h3i4mi2i10wgj606lscm1r5sk60vbf6vh8mv9")))) | |
1556 | (build-system python-build-system) | |
1557 | (propagated-inputs | |
1558 | `(("python-pyopenssl" ,python-pyopenssl))) | |
1559 | (native-inputs | |
1560 | `(("python-pytest" ,python-pytest))) | |
1561 | (home-page "https://github.com/LLNL/certipy") | |
1562 | (synopsis "Utility to create and sign CAs and certificates") | |
1563 | (description | |
1564 | "Certipy was made to simplify the certificate creation process. To that | |
1565 | end, certipy exposes methods for creating and managing certificate authorities, | |
1566 | certificates, signing and building trust bundles.") | |
1567 | (license license:bsd-3))) | |
1568 | ||
83feb3d0 EF |
1569 | (define-public python-jeepney |
1570 | (package | |
1571 | (name "python-jeepney") | |
3bab9594 | 1572 | (version "0.6.0") |
83feb3d0 EF |
1573 | (source |
1574 | (origin | |
1575 | (method url-fetch) | |
1576 | (uri (pypi-uri "jeepney" version)) | |
1577 | (sha256 | |
3bab9594 | 1578 | (base32 "0mw6ch5s4czpmsiwqwhcidgk27858pl8vlvb7acrxjkm4ribcnbx")))) |
83feb3d0 EF |
1579 | (build-system python-build-system) |
1580 | (native-inputs | |
1581 | `(("python-testpath" ,python-testpath) | |
1582 | ("python-tornado" ,python-tornado) | |
3bab9594 EF |
1583 | ("python-trio" ,python-trio) |
1584 | ("python-pytest" ,python-pytest) | |
1585 | ("python-pytest-trio" ,python-pytest-trio))) | |
83feb3d0 EF |
1586 | (home-page "https://gitlab.com/takluyver/jeepney") |
1587 | (synopsis "Low-level, pure Python DBus protocol wrapper") | |
1588 | (description | |
1589 | "This is a low-level, pure Python DBus protocol client. It has an | |
1590 | I/O-free core, and integration modules for different event loops.") | |
1591 | (license license:expat))) | |
08310637 EF |
1592 | |
1593 | (define-public python-argon2-cffi | |
1594 | (package | |
1595 | (name "python-argon2-cffi") | |
9813805b | 1596 | (version "20.1.0") |
08310637 EF |
1597 | (source |
1598 | (origin | |
1599 | (method url-fetch) | |
1600 | (uri (pypi-uri "argon2-cffi" version)) | |
1601 | (sha256 | |
1602 | (base32 | |
9813805b | 1603 | "0zgr4mnnm0p4i99023safb0qb8cgvl202nly1rvylk2b7qnrn0nq")) |
08310637 EF |
1604 | (modules '((guix build utils))) |
1605 | (snippet '(begin (delete-file-recursively "extras") #t)))) | |
1606 | (build-system python-build-system) | |
1607 | (arguments | |
1608 | '(#:phases | |
1609 | (modify-phases %standard-phases | |
1610 | (replace 'build | |
1611 | (lambda _ | |
1612 | (setenv "ARGON2_CFFI_USE_SYSTEM" "1") | |
1613 | (invoke "python" "setup.py" "build"))) | |
1614 | (replace 'check | |
1615 | (lambda* (#:key inputs outputs #:allow-other-keys) | |
1616 | (add-installed-pythonpath inputs outputs) | |
1617 | (invoke "pytest") | |
1618 | (invoke "python" "-m" "argon2" "--help") | |
1619 | ;; see tox.ini | |
1620 | (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1")))))) | |
1621 | (propagated-inputs | |
1622 | `(("python-cffi" ,python-cffi) | |
1623 | ("python-six" ,python-six))) | |
1624 | (inputs `(("argon2" ,argon2))) | |
1625 | (native-inputs | |
1626 | `(("python-hypothesis" ,python-hypothesis) | |
1627 | ("python-pytest" ,python-pytest))) | |
1628 | (home-page "https://argon2-cffi.readthedocs.io/") | |
1629 | (synopsis "Secure Password Hashes for Python") | |
1630 | (description | |
1631 | "Argon2 is a secure password hashing algorithm. It is designed to have | |
1632 | both a configurable runtime as well as memory consumption. This means that you | |
1633 | can decide how long it takes to hash a password and how much memory is required.") | |
1634 | (license license:expat))) | |
0a124c46 EF |
1635 | |
1636 | (define-public python-privy | |
1637 | (package | |
1638 | (name "python-privy") | |
1639 | (version "6.0.0") | |
1640 | (source | |
1641 | (origin | |
1642 | (method git-fetch) | |
1643 | (uri (git-reference | |
1644 | ;; Releases are untagged | |
1645 | (url "https://github.com/ofek/privy") | |
1646 | (commit "2838db3df239797c71bddacc48a4c49a83f35747"))) | |
1647 | (file-name (git-file-name name version)) | |
1648 | (sha256 | |
1649 | (base32 | |
1650 | "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9")))) | |
1651 | (build-system python-build-system) | |
1652 | (arguments | |
1653 | '(#:phases | |
1654 | (modify-phases %standard-phases | |
1655 | (replace 'check | |
1656 | (lambda _ | |
1657 | (invoke "python" "-m" "pytest")))))) | |
1658 | (native-inputs | |
1659 | `(("python-pytest" ,python-pytest))) | |
1660 | (propagated-inputs | |
1661 | `(("python-argon2-cffi" ,python-argon2-cffi) | |
1662 | ("python-cryptography" ,python-cryptography))) | |
1663 | (home-page "https://www.dropbox.com/developers") | |
1664 | (synopsis "Library to password-protect your data") | |
1665 | (description | |
1666 | "Privy is a small and fast utility for password-protecting secret | |
1667 | data such as API keys, cryptocurrency wallets, or seeds for digital | |
1668 | signatures.") | |
1669 | (license (list license:expat license:asl2.0)))) ; dual licensed | |
1b11e894 JW |
1670 | |
1671 | (define-public python-pgpy | |
1672 | (package | |
1673 | (name "python-pgpy") | |
642647ae | 1674 | (version "0.5.3") |
1b11e894 JW |
1675 | (source |
1676 | (origin | |
1677 | (method url-fetch) | |
1678 | (uri (pypi-uri "PGPy" version)) | |
1679 | (sha256 | |
642647ae | 1680 | (base32 "11rrq15gmn6qbahli7czflfcngjl7zyybjlvk732my6axnf2d754")))) |
1b11e894 | 1681 | (build-system python-build-system) |
ed0e8c7c TGR |
1682 | (arguments |
1683 | `(#:phases | |
1684 | (modify-phases %standard-phases | |
1685 | (replace 'check | |
1686 | (lambda* (#:key tests? #:allow-other-keys) | |
1687 | (when tests? | |
1688 | (invoke "pytest"))))))) | |
1b11e894 JW |
1689 | (native-inputs |
1690 | `(("python-cryptography" ,python-cryptography) | |
1691 | ("python-pyasn1" ,python-pyasn1) | |
ed0e8c7c | 1692 | ("python-pytest" ,python-pytest) |
1b11e894 | 1693 | ("python-singledispatch" ,python-singledispatch) |
642647ae TGR |
1694 | ("python-six" ,python-six) |
1695 | ("python-wheel" ,python-wheel))) | |
1b11e894 JW |
1696 | (home-page "https://github.com/SecurityInnovation/PGPy") |
1697 | (synopsis "Python implementation of OpenPGP") | |
1698 | (description | |
1699 | "Currently, PGPy can load keys and signatures of all kinds in both ASCII | |
1700 | armored and binary formats. | |
1701 | ||
1702 | It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It | |
1703 | can also encrypt and decrypt messages using RSA and ECDH.") | |
1704 | (license license:bsd-3))) | |
df6fb956 JW |
1705 | |
1706 | (define-public python-sop | |
1707 | (package | |
1708 | (name "python-sop") | |
1709 | (version "0.2.0") | |
1710 | (source | |
1711 | (origin | |
1712 | (method url-fetch) | |
1713 | (uri (pypi-uri "sop" version)) | |
1714 | (sha256 | |
1715 | (base32 | |
1716 | "0gljyjsdn6hdmwlwwb5g5s0c031p6izamvfxp0d39x60af8k5jyf")))) | |
1717 | (build-system python-build-system) | |
1718 | (arguments | |
1719 | '(#:tests? #f)) ; There are no tests, and unittest throws an error trying | |
1720 | ; to find some: | |
1721 | ; TypeError: don't know how to make test from: 0.2.0 | |
1722 | (home-page "https://gitlab.com/dkg/python-sop") | |
1723 | (synopsis "Stateless OpenPGP Command-Line Interface") | |
1724 | (description | |
1725 | "The Stateless OpenPGP Command-Line Interface (or sop) is a | |
1726 | specification that encourages OpenPGP implementors to provide a common, | |
1727 | relatively simple command-line API for purposes of object security. | |
1728 | ||
1729 | This Python module helps implementers build such a CLI from any implementation | |
1730 | accessible to the Python interpreter. | |
1731 | ||
1732 | It does not provide such an implementation itself -- this is just the | |
1733 | scaffolding for the command line, which should make it relatively easy to | |
1734 | supply a handful of python functions as methods to a class.") | |
1735 | (license license:expat))) ; MIT license |