HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Add emacs-scpaste.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
263ea4eb 3;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
55e51b66 5;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com>
cc6f4912
LC		 6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
ceb5b11b 11;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
3c986a7d 12;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
74f01758 16;;; Copyright © 2016, 2017, 2020 Arun Isaac <arunisaac@systemreboot.net>
cc6f4912 17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
93953ec7 22;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
1f15cbc8 23;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org>
f8dcdf2b 24;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
1b11e894 25;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org>
960dafce 26;;; Copyright © 2020 Vinicius Monego <monego@posteo.net>
cc6f4912
LC		 27;;;
28;;; This file is part of GNU Guix.
29;;;
30;;; GNU Guix is free software; you can redistribute it and/or modify it
31;;; under the terms of the GNU General Public License as published by
32;;; the Free Software Foundation; either version 3 of the License, or (at
33;;; your option) any later version.
34;;;
35;;; GNU Guix is distributed in the hope that it will be useful, but
36;;; WITHOUT ANY WARRANTY; without even the implied warranty of
37;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38;;; GNU General Public License for more details.
39;;;
40;;; You should have received a copy of the GNU General Public License
41;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
42
43(define-module (gnu packages python-crypto)
44 #:use-module (guix packages)
45 #:use-module (guix download)
46 #:use-module (guix git-download)
47 #:use-module (guix build-system python)
48 #:use-module (gnu packages)
ac257f12 49 #:use-module (gnu packages check)
b95c17c5 50 #:use-module (gnu packages crypto)
f8dcdf2b 51 #:use-module (gnu packages kerberos)
cc6f4912
LC		 52 #:use-module (gnu packages libffi)
53 #:use-module (gnu packages multiprecision)
08310637 54 #:use-module (gnu packages password-utils)
cc6f4912
LC		 55 #:use-module (gnu packages protobuf)
56 #:use-module (gnu packages python)
6fedf6f2 57 #:use-module (gnu packages python-check)
960dafce 58 #:use-module (gnu packages python-compression)
cb91f6ae 59 #:use-module (gnu packages python-web)
44d10b1f 60 #:use-module (gnu packages python-xyz)
4764e83c 61 #:use-module (gnu packages swig)
33dc54b0 62 #:use-module (gnu packages time)
cc6f4912
LC		 63 #:use-module (gnu packages tls)
64 #:use-module ((guix licenses) #:prefix license:)
65 #:use-module (srfi srfi-1))
66
cef6dc64
NG		 67(define-public python-base58
68 (package
69 (name "python-base58")
ceb5b11b 70 (version "1.0.3")
cef6dc64
NG		 71 (source
72 (origin
73 (method url-fetch)
74 (uri (pypi-uri "base58" version))
75 (sha256
76 (base32
ceb5b11b 77 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 78 (build-system python-build-system)
79 (native-inputs
80 `(("python-pyhamcrest" ,python-pyhamcrest)))
81 (home-page "https://github.com/keis/base58")
82 (synopsis "Base58 and Base58Check implementation")
83 (description "Base58 and Base58Check implementation compatible
84with what is used by the Bitcoin network.")
85 (license license:expat)))
86
7c16af46
MB		 87(define-public python-bcrypt
88 (package
89 (name "python-bcrypt")
b5cb4624 90 (version "3.1.7")
7c16af46
MB		 91 (source
92 (origin
93 (method url-fetch)
94 (uri (pypi-uri "bcrypt" version))
95 (sha256
b5cb4624 96 (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b"))))
7c16af46
MB		 97 (build-system python-build-system)
98 (native-inputs
99 `(("python-pycparser" ,python-pycparser)
100 ("python-pytest" ,python-pytest)))
101 (propagated-inputs
102 `(("python-cffi" ,python-cffi)
103 ("python-six" ,python-six)))
104 (home-page "https://github.com/pyca/bcrypt/")
105 (synopsis
106 "Modern password hashing library")
107 (description
108 "Bcrypt is a Python module which provides a password hashing method based
109on the Blowfish password hashing algorithm, as described in
110@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
111Password Scheme\"} by Niels Provos and David Mazieres.")
112 (license license:asl2.0)))
113
114(define-public python2-bcrypt
115 (package-with-python2 python-bcrypt))
116
cc6f4912
LC		 117(define-public python-passlib
118 (package
119 (name "python-passlib")
aadd107d 120 (version "1.7.2")
cc6f4912
LC		 121 (source
122 (origin
123 (method url-fetch)
124 (uri (pypi-uri "passlib" version))
125 (sha256
aadd107d 126 (base32 "1a5ngap7kq0b4azq8nlfg6xg5bcl1i0v1sbynhmbr631jgpnqrld"))))
cc6f4912
LC		 127 (build-system python-build-system)
128 (native-inputs
129 `(("python-nose" ,python-nose)))
130 (propagated-inputs
131 `(("python-py-bcrypt" ,python-py-bcrypt)))
132 (arguments
133 `(#:phases
134 (modify-phases %standard-phases
135 (add-before 'check 'set-PYTHON_EGG_CACHE
136 ;; some tests require access to "$HOME/.cython"
137 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
138 (home-page "https://bitbucket.org/ecollins/passlib")
aadd107d 139 (synopsis "Comprehensive password hashing framework")
cc6f4912
LC		 140 (description
141 "Passlib is a password hashing library for Python 2 & 3, which provides
142cross-platform implementations of over 30 password hashing algorithms, as well
143as a framework for managing existing password hashes. It's designed to be
144useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
145to providing full-strength password hashing for multi-user application.")
146 (license license:bsd-3)))
147
148(define-public python2-passlib
149 (package-with-python2 python-passlib))
150
151(define-public python-py-bcrypt
152 (package
153 (name "python-py-bcrypt")
154 (version "0.4")
155 (source
156 (origin
157 (method url-fetch)
27864e7c 158 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 159 (sha256
160 (base32
161 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
162 (build-system python-build-system)
163 (home-page "https://code.google.com/p/py-bcrypt")
164 (synopsis
165 "Bcrypt password hashing and key derivation")
166 (description
167 "A python wrapper of OpenBSD's Blowfish password hashing code. This
168system hashes passwords using a version of Bruce Schneier's Blowfish block
169cipher with modifications designed to raise the cost of off-line password
170cracking and frustrate fast hardware implementation. The computation cost of
3defa90d 171the algorithm is parametrised, so it can be increased as computers get faster.
cc6f4912
LC		 172The intent is to make a compromise of a password database less likely to
173result in an attacker gaining knowledge of the plaintext passwords (e.g. using
174John the Ripper).")
175 ;; "sha2.c" is under BSD-3;
176 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
177 ;; the rest is under ISC.
178 (license (list license:isc license:bsd-3 license:bsd-4))))
179
180(define-public python2-py-bcrypt
181 (package-with-python2 python-py-bcrypt))
182
e64088f0
VC		 183(define-public python-pyblake2
184 (package
185 (name "python-pyblake2")
186 (version "1.1.2")
187 (source
188 (origin
189 (method url-fetch)
190 (uri (pypi-uri "pyblake2" version))
191 (sha256
192 (base32
193 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
194 (build-system python-build-system)
195 (home-page "https://github.com/dchest/pyblake2")
196 (synopsis "BLAKE2 hash function for Python")
197 (description "BLAKE2 is a cryptographic hash function, which offers
198stronger security while being as fast as MD5 or SHA-1, and comes in two
199flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
200of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
20132-bit platforms and produces digests of any size between 1 and 32 bytes.
202
203This package provides a Python interface for BLAKE2.")
204 ;; The COPYING file declares it as public domain, with the option to
205 ;; alternatively use and redistribute it under a variety of permissive
206 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
207 (license (list license:public-domain license:cc0))))
208
cc6f4912
LC		 209(define-public python-paramiko
210 (package
211 (name "python-paramiko")
784dadc0 212 (version "2.7.1")
cc6f4912
LC		 213 (source
214 (origin
215 (method url-fetch)
216 (uri (pypi-uri "paramiko" version))
217 (sha256
218 (base32
784dadc0 219 "17wx8lkhqxmddfdq7z7x45xqq2w3gwa974hpq1n3y0dqbn4r414j"))))
cc6f4912
LC		 220 (build-system python-build-system)
221 (arguments
8e84eb68
MB		 222 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
223 #:tests? #f))
cc6f4912 224 (propagated-inputs
2fbc38e3
LF		 225 `(("python-bcrypt" ,python-bcrypt)
226 ("python-pyasn1" ,python-pyasn1)
227 ("python-pynacl" ,python-pynacl)
cc6f4912 228 ("python-cryptography" ,python-cryptography)))
101ad242 229 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 230 (synopsis "SSHv2 protocol library")
231 (description "Paramiko is a python implementation of the SSHv2 protocol,
232providing both client and server functionality. While it leverages a Python C
233extension for low level cryptography (PyCrypto), Paramiko itself is a pure
234Python interface around SSH networking concepts.")
235 (license license:lgpl2.1+)))
236
237(define-public python2-paramiko
238 (package-with-python2 python-paramiko))
239
240(define-public python-ecdsa
241 (package
242 (name "python-ecdsa")
c57b8419 243 (version "0.14.1")
cc6f4912
LC		 244 (source
245 (origin
246 (method url-fetch)
86228e56 247 (uri (pypi-uri "ecdsa" version))
cc6f4912 248 (sha256
c57b8419 249 (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4"))))
cc6f4912 250 (build-system python-build-system)
92fe2513
EF		 251 (arguments
252 '(#:phases
253 (modify-phases %standard-phases
254 (replace 'check
255 (lambda _ (invoke "pytest"))))))
c57b8419
EF		 256 (propagated-inputs
257 `(("python-six" ,python-six)))
258 (native-inputs
92fe2513
EF		 259 `(("openssl" ,openssl)
260 ("python-pytest" ,python-pytest)))
9cd100b6
TGR		 261 (home-page "https://github.com/warner/python-ecdsa")
262 (synopsis "ECDSA cryptographic signature library (pure python)")
cc6f4912
LC		 263 (description
264 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
265Curve Digital Signature Algorithm), implemented purely in Python. With this
266library, you can quickly create keypairs (signing key and verifying key), sign
267messages, and verify the signatures. The keys and signatures are very short,
268making them easy to handle and incorporate into other protocols.")
269 (license license:expat)))
270
271(define-public python2-ecdsa
272 (package-with-python2 python-ecdsa))
273
274;;; Pycrypto is abandoned upstream:
275;;;
276;;; https://github.com/dlitz/pycrypto/issues/173
277;;;
278;;; TODO Remove this package from GNU Guix.
279(define-public python-pycrypto
280 (package
281 (name "python-pycrypto")
282 (version "2.6.1")
283 (source
284 (origin
285 (method url-fetch)
286 (uri (pypi-uri "pycrypto" version))
2a2a9878
MB		 287 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"
288 "python-pycrypto-time-clock.patch"))
cc6f4912
LC		 289 (sha256
290 (base32
291 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
292 (build-system python-build-system)
293 (inputs
294 `(("python" ,python)
295 ("gmp" ,gmp)))
296 (arguments
297 `(#:phases
298 (modify-phases %standard-phases
299 (add-before 'build 'set-build-env
300 ;; pycrypto runs an autoconf configure script behind the scenes
301 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
52888f52 302 (home-page "https://www.dlitz.net/software/pycrypto/")
cc6f4912
LC		 303 (synopsis "Cryptographic modules for Python")
304 (description
305 "Pycrypto is a collection of both secure hash functions (such as SHA256
306and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
307etc.). The package is structured to make adding new modules easy.")
308 (license license:public-domain)))
309
310(define-public python2-pycrypto
311 (let ((pycrypto (package-with-python2 python-pycrypto)))
312 (package (inherit pycrypto)
313 (inputs
314 `(("python" ,python-2)
315 ,@(alist-delete
316 "python"
317 (package-inputs pycrypto)))))))
318
f8dcdf2b
AT		 319(define-public python-kerberos
320 (package
321 (name "python-kerberos")
322 (version "1.3.0")
323 (source
324 (origin
325 (method url-fetch)
326 (uri (pypi-uri "kerberos" version))
327 (sha256
328 (base32
329 "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh"))))
330 (build-system python-build-system)
331 (inputs
332 `(("mit-krb5" ,mit-krb5)))
333 (home-page "https://github.com/apple/ccs-pykerberos")
334 (synopsis
335 "Python Kerberos library used by CalendarServer")
336 (description
337 "This Python package is a high-level wrapper for Kerberos (GSSAPI)
338operations. The goal is to avoid having to build a module that wraps the
339entire Kerberos.framework, and instead offer a limited set of functions that
340do what is needed for client/server Kerberos authentication based on
341<http://www.ietf.org/rfc/rfc4559.txt>.")
342 (license license:asl2.0)))
343
cc6f4912
LC		 344(define-public python-keyring
345 (package
346 (name "python-keyring")
6fedf6f2 347 (version "21.0.0")
cc6f4912
LC		 348 (source
349 (origin
350 (method url-fetch)
351 (uri (pypi-uri "keyring" version))
352 (sha256
353 (base32
6fedf6f2
EF		 354 "1k0w3yh3fz0qp0cvkxdiinq9jzbrnc6bd88qpjz34x3cgcr94psz"))
355 (modules '((guix build utils)))
356 (snippet
357 ;; https://github.com/jaraco/keyring/issues/414
358 '(begin (substitute* "tests/test_packaging.py"
359 (("ep, =") "(ep,) =")) #t))))
cc6f4912 360 (build-system python-build-system)
6fedf6f2
EF		 361 (arguments
362 `(#:phases
363 (modify-phases %standard-phases
364 (replace 'check
365 (lambda _
366 ;; Not clear why this test fails.
367 (delete-file "tests/test_packaging.py")
368 (substitute* "pytest.ini"
369 (("--black ") ""))
370 (invoke "pytest"))))))
cc6f4912 371 (native-inputs
770b1d65 372 `(("python-pytest" ,python-pytest)
6fedf6f2
EF		 373 ("python-pytest-checkdocs" ,python-pytest-checkdocs)
374 ("python-pytest-cov" ,python-pytest-cov)
375 ("python-pytest-flake8" ,python-pytest-flake8)
770b1d65 376 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912 377 (propagated-inputs
6fedf6f2
EF		 378 `(("python-importlib-metadata" ,python-importlib-metadata)
379 ("python-secretstorage" ,python-secretstorage)))
cc6f4912
LC		 380 (home-page "https://github.com/jaraco/keyring")
381 (synopsis "Store and access your passwords safely")
382 (description
383 "The Python keyring lib provides a easy way to access the system keyring
384service from python. It can be used in any application that needs safe
385password storage.")
386 ;; "MIT" and PSF dual license
6fedf6f2 387 (properties `((python2-variant . ,(delay python2-keyring))))
cc6f4912
LC		 388 (license license:x11)))
389
390(define-public python2-keyring
6fedf6f2
EF		 391 (let ((keyring (package-with-python2
392 (strip-python2-variant python-keyring))))
393 (package
394 (inherit keyring)
395 (name "python2-keyring")
396 (version "8.7")
397 (source
398 (origin
399 (method url-fetch)
400 (uri (pypi-uri "keyring" version))
401 (sha256
402 (base32
403 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
404 (arguments
405 `(#:python ,python-2))
406 (native-inputs
407 `(("python2-pytest" ,python2-pytest)
408 ("python2-pytest-runner" ,python2-pytest-runner)
409 ("python2-setuptools-scm" ,python2-setuptools-scm)))
410 (propagated-inputs
411 `(("python2-pycrypto" ,python2-pycrypto))))))
cc6f4912 412
9a684b40
EF		 413(define-public python-keyrings.alt
414 (package
415 (name "python-keyrings.alt")
416 (version "3.4.0")
417 (source
418 (origin
419 (method url-fetch)
420 (uri (pypi-uri "keyrings.alt" version))
421 (sha256
422 (base32
423 "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli"))
424 (modules '((guix build utils)))
425 (snippet
426 '(begin
427 (delete-file "keyrings/alt/_win_crypto.py")
428 ;; Rely on python-keyring>20:
429 ;; https://github.com/jaraco/keyrings.alt/issues/33
430 (substitute* '("keyrings/alt/tests/test_Gnome.py"
431 "keyrings/alt/tests/test_Google.py"
432 "keyrings/alt/tests/test_Windows.py"
433 "keyrings/alt/tests/test_file.py"
434 "keyrings/alt/tests/test_pyfs.py")
435 (("keyring.tests.test_backend") "keyring.testing.backend")
436 (("keyring.tests.util") "keyring.testing.util"))
437 #t))))
438 (build-system python-build-system)
439 (native-inputs
440 `(("python-keyring" ,python-keyring)
441 ("python-pytest" ,python-pytest)
442 ("python-setuptools-scm" ,python-setuptools-scm)))
443 (home-page "https://github.com/jaraco/keyrings.alt")
444 (synopsis "Alternate keyring implementations")
445 (description "Keyrings in this package may have security risks or other
446implications. These backends were extracted from the main keyring project to
447make them available for those who wish to employ them, but are discouraged for
448general production use. Include this module and use its backends at your own
449risk.")
450 (license license:expat)))
451
cc6f4912
LC		 452(define-public python-certifi
453 (package
454 (name "python-certifi")
ee3a5e07 455 (version "2020.4.5.1")
cc6f4912
LC		 456 (source (origin
457 (method url-fetch)
458 (uri (pypi-uri "certifi" version))
459 (sha256
460 (base32
ee3a5e07 461 "06b5gfs7wmmipln8f3z928d2mmx2j4b3x7pnqmj6cvmyfh8v7z2i"))))
cc6f4912 462 (build-system python-build-system)
ee3a5e07 463 (arguments '(#:tests? #f)) ;no tests
cc6f4912
LC		 464 (home-page "https://certifi.io/")
465 (synopsis "Python CA certificate bundle")
466 (description
467 "Certifi is a Python library that contains a CA certificate bundle, which
468is used by the Requests library to verify HTTPS requests.")
469 (license license:asl2.0)))
470
471(define-public python2-certifi
472 (package-with-python2 python-certifi))
473
474(define-public python-cryptography-vectors
475 (package
476 (name "python-cryptography-vectors")
6144e2d7 477 (version "2.9.2")
cc6f4912
LC		 478 (source
479 (origin
480 (method url-fetch)
481 (uri (pypi-uri "cryptography_vectors" version))
482 (sha256
483 (base32
6144e2d7 484 "1d4iykcv7cn9j399hczlxm5pzxmqy6d80h3j16dkjwlmv3293b4r"))))
cc6f4912
LC		 485 (build-system python-build-system)
486 (home-page "https://github.com/pyca/cryptography")
487 (synopsis "Test vectors for the cryptography package")
488 (description
489 "This package contains test vectors for the cryptography package.")
490 ;; Distributed under either BSD-3 or ASL2.0
491 (license (list license:bsd-3 license:asl2.0))))
492
493(define-public python2-cryptography-vectors
494 (package-with-python2 python-cryptography-vectors))
495
496(define-public python-cryptography
497 (package
498 (name "python-cryptography")
6144e2d7 499 (version "2.9.2")
cc6f4912
LC		 500 (source
501 (origin
502 (method url-fetch)
503 (uri (pypi-uri "cryptography" version))
504 (sha256
505 (base32
6144e2d7 506 "0af25w5mkd6vwns3r6ai1w5ip9xp0ms9s261zzssbpadzdr05hx0"))))
cc6f4912
LC		 507 (build-system python-build-system)
508 (inputs
509 `(("openssl" ,openssl)))
510 (propagated-inputs
511 `(("python-asn1crypto" ,python-asn1crypto)
512 ("python-cffi" ,python-cffi)
513 ("python-six" ,python-six)
514 ("python-idna" ,python-idna)
515 ("python-iso8601" ,python-iso8601)))
516 (native-inputs
517 `(("python-cryptography-vectors" ,python-cryptography-vectors)
518 ("python-hypothesis" ,python-hypothesis)
519 ("python-pretend" ,python-pretend)
520 ("python-pytz" ,python-pytz)
2dd12924 521 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 522 (home-page "https://github.com/pyca/cryptography")
523 (synopsis "Cryptographic recipes and primitives for Python")
524 (description
525 "cryptography is a package which provides cryptographic recipes and
526primitives to Python developers. It aims to be the “cryptographic standard
527library” for Python. The package includes both high level recipes, and low
528level interfaces to common cryptographic algorithms such as symmetric ciphers,
529message digests and key derivation functions.")
530 ;; Distributed under either BSD-3 or ASL2.0
531 (license (list license:bsd-3 license:asl2.0))
532 (properties `((python2-variant . ,(delay python2-cryptography))))))
533
534(define-public python2-cryptography
535 (let ((crypto (package-with-python2
536 (strip-python2-variant python-cryptography))))
537 (package (inherit crypto)
538 (propagated-inputs
539 `(("python2-ipaddress" ,python2-ipaddress)
540 ("python2-backport-ssl-match-hostname"
541 ,python2-backport-ssl-match-hostname)
542 ("python2-enum34" ,python2-enum34)
543 ,@(package-propagated-inputs crypto))))))
544
545(define-public python-pyopenssl
546 (package
547 (name "python-pyopenssl")
da1eb6db 548 (version "19.1.0")
cc6f4912
LC		 549 (source
550 (origin
551 (method url-fetch)
552 (uri (pypi-uri "pyOpenSSL" version))
553 (sha256
554 (base32
da1eb6db 555 "01wmsq6w0frzbr3zps4ga9kmqjidp2h317jwpq1g9ah24r5lj94s"))))
cc6f4912
LC		 556 (build-system python-build-system)
557 (arguments
558 '(#:phases
559 (modify-phases %standard-phases
560 (delete 'check)
561 (add-after 'install 'check
562 (lambda* (#:key inputs outputs #:allow-other-keys)
563 (add-installed-pythonpath inputs outputs)
55e51b66
MB		 564 ;; PyOpenSSL runs tests against a certificate with a fixed
565 ;; expiry time. To ensure successful builds in the future,
566 ;; set the time to roughly the release date.
567 (invoke "faketime" "2019-01-01" "py.test" "-v" "-k"
c6e33df9
RW		 568 (string-append
569 ;; This test tries to look up certificates from
570 ;; the compiled-in default path in OpenSSL, which
571 ;; does not exist in the build environment.
572 "not test_fallback_default_verify_paths "
573 ;; This test attempts to make a connection to
574 ;; an external web service.
575 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 576 (propagated-inputs
577 `(("python-cryptography" ,python-cryptography)
578 ("python-six" ,python-six)))
579 (inputs
580 `(("openssl" ,openssl)))
581 (native-inputs
55e51b66
MB		 582 `(("libfaketime" ,libfaketime)
583 ("python-flaky" ,python-flaky)
cc6f4912 584 ("python-pretend" ,python-pretend)
2dd12924 585 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 586 (home-page "https://github.com/pyca/pyopenssl")
587 (synopsis "Python wrapper module around the OpenSSL library")
588 (description
589 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
590library.")
591 (license license:asl2.0)))
592
593(define-public python2-pyopenssl
594 (package-with-python2 python-pyopenssl))
595
579b4362
DM		 596(define-public python-ed25519
597 (package
598 (name "python-ed25519")
599 (version "1.4")
600 (source
601 (origin
602 (method url-fetch)
603 (uri (pypi-uri "ed25519" version))
604 (sha256
605 (base32
606 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
607 (build-system python-build-system)
608 (home-page "https://github.com/warner/python-ed25519")
609 (synopsis "Ed25519 public-key signatures")
610 (description "Ed25519 public-key signatures")
611 (license license:expat)))
612
613(define-public python2-ed25519
614 (package-with-python2 python-ed25519))
615
cc6f4912
LC		 616(define-public python-axolotl-curve25519
617 (package
618 (name "python-axolotl-curve25519")
74f01758 619 (version "0.4.1.post2")
cc6f4912
LC		 620 (source
621 (origin
74f01758
AI		 622 (method url-fetch)
623 (uri (pypi-uri "python-axolotl-curve25519" version))
cc6f4912
LC		 624 (sha256
625 (base32
74f01758 626 "18v3rfyv7xi26fb97nw1xc0l6x8wi0i4xj8dlq4gblpbjxiac187"))))
cc6f4912 627 (build-system python-build-system)
cc6f4912
LC		 628 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
629 (synopsis "Python wrapper for curve25519 library")
630 (description "This is a python wrapper for the curve25519 library
631with ed25519 signatures. The C code was pulled from
632libaxolotl-android. At the moment this wrapper is meant for use by
633python-axolotl.")
634 (license (list license:gpl3 ; Most files
635 license:bsd-3)))) ; curve/curve25519-donna.c
636
637(define-public python2-axolotl-curve25519
638 (package-with-python2 python-axolotl-curve25519))
639
640(define-public python-axolotl
641 (package
642 (name "python-axolotl")
b578168f 643 (version "0.2.3")
cc6f4912
LC		 644 (source
645 (origin
b578168f
AI		 646 (method url-fetch)
647 (uri (pypi-uri "python-axolotl" version))
cc6f4912 648 (sha256
b578168f
AI		 649 (base32
650 "1bwdp24fmriffwx91aigs9k162albb51iskp23nc939z893q23py"))))
cc6f4912
LC		 651 (build-system python-build-system)
652 (arguments
653 `(#:phases
654 (modify-phases %standard-phases
655 ;; Don't install tests
656 (add-before 'install 'remove-tests
657 (lambda _
658 (for-each delete-file-recursively
659 '("axolotl/tests" "build/lib/axolotl/tests"))
660 #t)))))
661 (propagated-inputs
662 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
b578168f
AI		 663 ("python-cryptography" ,python-cryptography)
664 ("python-protobuf" ,python-protobuf)))
cc6f4912
LC		 665 (home-page "https://github.com/tgalal/python-axolotl")
666 (synopsis "Python port of libaxolotl-android")
667 (description "This is a python port of libaxolotl-android. This
668is a ratcheting forward secrecy protocol that works in synchronous and
669asynchronous messaging environments.")
670 (license license:gpl3)))
671
672(define-public python2-axolotl
673 (package-with-python2 python-axolotl))
674
675;; SlowAES isn't compatible with Python 3.
676(define-public python2-slowaes
677 (package
678 (name "python2-slowaes")
679 (version "0.1a1")
680 (source
681 (origin
682 (method url-fetch)
683 (uri (pypi-uri "slowaes" version))
684 (sha256
685 (base32
686 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
687 (build-system python-build-system)
688 (arguments `(#:python ,python-2))
689 (home-page "http://code.google.com/p/slowaes/")
690 (synopsis "Implementation of AES in Python")
691 (description "This package contains an implementation of AES in Python.
692This implementation is slow (hence the project name) but still useful when
693faster ones are not available.")
694 (license license:asl2.0)))
695
696(define-public python-pyaes
697 (package
698 (name "python-pyaes")
6de86fd5 699 (version "1.6.1")
cc6f4912
LC		 700 (source
701 (origin
702 (method url-fetch)
703 (uri (pypi-uri "pyaes" version))
704 (sha256
705 (base32
6de86fd5 706 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 707 (build-system python-build-system)
708 (home-page "https://github.com/ricmoo/pyaes")
709 (synopsis "Implementation of AES in Python")
710 (description "This package contains a pure-Python implementation of the
711AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
712ECB and OFB).")
713 (license license:expat)))
714
715(define-public python2-pyaes
716 (package-with-python2 python-pyaes))
b95c17c5
LC		 717
718(define-public python-asn1crypto
719 (package
720 (name "python-asn1crypto")
19f2a526 721 (version "0.24.0")
b95c17c5
LC		 722 (source
723 (origin
d3b7feb7
EF		 724 (method git-fetch)
725 (uri (git-reference
b0e7b699 726 (url "https://github.com/wbond/asn1crypto")
d3b7feb7
EF		 727 (commit version)))
728 (file-name (git-file-name name version))
b95c17c5
LC		 729 (sha256
730 (base32
19f2a526 731 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 732 (build-system python-build-system)
733 (home-page "https://github.com/wbond/asn1crypto")
734 (synopsis "ASN.1 parser and serializer in Python")
735 (description "asn1crypto is an ASN.1 parser and serializer with definitions
736for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
737PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
738 (license license:expat)))
739
740(define-public python2-asn1crypto
741 (package-with-python2 python-asn1crypto))
742
743(define-public python-pynacl
744 (package
745 (name "python-pynacl")
f5e3f02f 746 (version "1.4.0")
b95c17c5
LC		 747 (source
748 (origin
749 (method url-fetch)
750 (uri (pypi-uri "PyNaCl" version))
751 (modules '((guix build utils)))
f5e3f02f
MB		 752 (snippet
753 '(begin
754 ;; Remove spurious dependency on python-wheel, can be removed
755 ;; for 1.5.
756 (substitute* "setup.py"
757 (("\"wheel\"") ""))
758 ;; Remove bundled libsodium.
759 (delete-file-recursively "src/libsodium")
760 #t))
b95c17c5
LC		 761 (sha256
762 (base32
f5e3f02f 763 "01b56hxrbif3hx8l6rwz5kljrgvlbj7shmmd2rjh0hn7974a5sal"))))
b95c17c5
LC		 764 (build-system python-build-system)
765 (arguments
f5e3f02f
MB		 766 `(#:modules (,@%python-build-system-modules
767 (guix build utils)
768 (ice-9 ftw)
769 (srfi srfi-26))
770 #:phases
771 (modify-phases (@ (guix build python-build-system) %standard-phases)
b95c17c5
LC		 772 (add-before 'build 'use-system-sodium
773 (lambda _
774 (setenv "SODIUM_INSTALL" "system")
f5e3f02f
MB		 775 #t))
776 (replace 'check
777 (lambda _
778 (let ((build-directory
779 (car (scandir "build" (cut string-prefix? "lib" <>)))))
780 (setenv "PYTHONPATH"
781 (string-append "./build/" build-directory ":"
782 (getenv "PYTHONPATH")))
783 (invoke "pytest" "-vv")))))))
b95c17c5 784 (native-inputs
6969ad0e
LF		 785 `(("python-hypothesis" ,python-hypothesis)
786 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 787 (propagated-inputs
788 `(("python-cffi" ,python-cffi)
789 ("python-six" ,python-six)
790 ("libsodium" ,libsodium)))
791 (home-page "https://github.com/pyca/pynacl/")
792 (synopsis "Python bindings to libsodium")
793 (description
794 "PyNaCl is a Python binding to libsodium, which is a fork of the
795Networking and Cryptography library. These libraries have a stated goal
796of improving usability, security and speed.")
797 (license license:asl2.0)))
798
acc6e695
JL		 799(define-public python2-pynacl
800 (package-with-python2 python-pynacl))
801
b95c17c5
LC		 802(define-public python2-pgpdump
803 (package
804 (name "python2-pgpdump")
805 (version "1.5")
806 (source
807 (origin
808 (method url-fetch)
809 (uri (pypi-uri "pgpdump" version))
810 (sha256
811 (base32
812 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
813 (build-system python-build-system)
814
815 ;; Currently fails to build with Python 3.
816 (arguments `(#:python ,python-2))
817
818 (home-page "https://github.com/toofishes/python-pgpdump")
819 (synopsis "Python library for parsing PGP packets")
820 (description
821 "Python-pgpdump is an OpenPGP packet parser based on
822@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
823
824@itemize
825@item signature packets;
826@item public key packets;
827@item secret key packets;
828@item trust, user ID, and user attribute packets;
829@item ASCII-armor decoding and CRC check.
830@end itemize\n")
831 (license license:bsd-3)))
832
833(define-public python2-roca-detect
834 (package
835 (name "python2-roca-detect")
836 (version "1.0.8")
837 (source
838 (origin
839 (method url-fetch)
840 (uri (pypi-uri "roca-detect" version))
841 (sha256
842 (base32
843 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
844 (build-system python-build-system)
845 (native-inputs
846 ;; TODO: apk_parse_ph4, pyjks
847 `(("python2-dateutil" ,python2-dateutil)
848 ("python2-six" ,python2-six)
849 ("python2-cryptography" ,python2-cryptography)
850 ("python2-future" ,python2-future)
851 ("python2-coloredlogs" ,python2-coloredlogs)
852 ("python2-pgpdump" ,python2-pgpdump)))
853 (arguments
854 `(;; Basic testing routine is quite simple and works with Py3
855 ;; but the rest of the code that processes the different
856 ;; key formats and extracts the modulus for inspection is
857 ;; not yet fully py3 ready.
858 #:python ,python-2))
859 (home-page "https://github.com/crocs-muni/roca")
860 (synopsis "ROCA detection tool")
861 (description
862 "This tool is related to the paper entitled @i{Return of the
863Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
864enables you to test public RSA keys for a presence of the described
865vulnerability. Currently the tool supports the following key formats: X.509
866Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
867key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
868file, and more.")
869 (license license:gpl3)))
d0d5f726 870
3eca7ff9
EF		 871(define-public python-blurhash
872 (package
873 (name "python-blurhash")
874 (version "1.1.4")
875 (source
876 (origin
877 ;; Tests not included in pypi release and releases not tagged in git repo.
878 (method git-fetch)
879 (uri (git-reference
880 (url "https://github.com/halcy/blurhash-python")
881 (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8")))
882 (file-name (git-file-name name version))
883 (sha256
884 (base32
885 "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf"))))
886 (build-system python-build-system)
887 (arguments
888 '(#:phases
889 (modify-phases %standard-phases
890 (replace 'check
891 (lambda _
892 (delete-file "setup.cfg")
893 (invoke "pytest"))))))
894 (native-inputs
895 `(("python-numpy" ,python-numpy)
896 ("python-pillow" ,python-pillow)
897 ("python-pytest" ,python-pytest)))
898 (home-page "https://github.com/halcy/blurhash-python")
899 (synopsis
900 "Pure-Python implementation of the blurhash algorithm")
901 (description
902 "Pure-Python implementation of the blurhash algorithm.")
903 (license license:expat)))
904
d0d5f726
DM		 905(define-public python-ecpy
906 (package
907 (name "python-ecpy")
37da5813 908 (version "0.10.0")
d0d5f726
DM		 909 (source
910 (origin
911 (method url-fetch)
912 (uri (pypi-uri "ECPy" version))
913 (sha256
914 (base32
37da5813 915 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 916 (build-system python-build-system)
917 (propagated-inputs
918 `(("python-future" ,python-future)))
919 (home-page "https://github.com/ubinity/ECPy")
920 (synopsis "Pure Python Elliptic Curve Library")
921 (description "This package provides a Elliptic Curve Library in pure
922Python.")
923 (license license:asl2.0)))
924
925(define-public python2-ecpy
926 (package-with-python2 python-ecpy))
c1927129
LF		 927
928(define-public python-josepy
929 (package
930 (name "python-josepy")
205044b9 931 (version "1.1.0")
c1927129
LF		 932 (source (origin
933 (method url-fetch)
934 (uri (pypi-uri "josepy" version))
935 (sha256
936 (base32
205044b9 937 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 938 (build-system python-build-system)
939 (arguments
205044b9 940 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 941 '(#:tests? #f))
942 (propagated-inputs
943 `(("python-cryptography" ,python-cryptography)
944 ("python-pyopenssl" ,python-pyopenssl)
945 ("python-six" ,python-six)))
205044b9 946;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 947; (native-inputs
948; `(("python-coverage" ,python-coverage)
949; ("python-flake8" ,python-flake8)
950; ("python-isort" ,python-isort)
951; ("python-mock" ,python-mock)
205044b9 952; ("python-pytest" ,python-pytest)
c1927129
LF		 953; ("python-pytest-cov" ,python-pytest-cov)
954; ("python-pytest-cache" ,python-pytest-cache)
955; ("python-pytest-flake8" ,python-pytest-flake8)))
956 (home-page "https://github.com/certbot/josepy")
957 (synopsis "JOSE protocol implementation in Python")
958 (description "This package provides a Python implementation of the JOSE
959protocol (Javascript Object Signing and Encryption).")
960 (license license:asl2.0)))
961
962(define-public python2-josepy
963 (package-with-python2 python-josepy))
d32456d5
OP		 964
965(define-public python-pycryptodome
966 (package
967 (name "python-pycryptodome")
a62887d3 968 (version "3.7.3")
d32456d5
OP		 969 (source
970 (origin
971 (method url-fetch)
972 (uri (pypi-uri "pycryptodome" version))
973 (sha256
974 (base32
a62887d3 975 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 976 (build-system python-build-system)
977 (home-page "https://www.pycryptodome.org")
978 (synopsis "Cryptographic library for Python")
979 (description "This package provides a cryptographic library for Python.
980
981It brings the following enhancements with respect to the last official version
982of PyCrypto:
983
984@itemize
985@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
986@item Accelerated AES on Intel platforms via AES-NI
987@item First class support for PyPy
988@item Elliptic curves cryptography (NIST P-256 curve only)
989@item Better and more compact API (nonce and iv attributes for ciphers,
990automatic generation of random nonces and IVs, simplified CTR cipher mode, and
991more)
992@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
993@item Salsa20 and ChaCha20 stream ciphers
994@item scrypt and HKDF
995@item Deterministic (EC)DSA
996@item Password-protected PKCS#8 key containers
997@item Shamir’s Secret Sharing scheme
998@item Random numbers get sourced directly from the OS (and not from a CSPRNG
999in userspace)
1000@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
1001@item Major clean ups and simplification of the code base
1002@end itemize\n")
1003 (license license:bsd-2)))
1004
1005(define-public python2-pycryptodome
1006 (package-with-python2 python-pycryptodome))
2f691218
 1007
1008(define-public python-m2crypto
1009 (package
1010 (name "python-m2crypto")
3b4cc5cb 1011 (version "0.35.2")
2f691218
 1012 (source
1013 (origin
1014 (method url-fetch)
1015 (uri (pypi-uri "M2Crypto" version))
1016 (sha256
3b4cc5cb 1017 (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc"))))
2f691218
 1018 (build-system python-build-system)
1019 (inputs `(("openssl" ,openssl)))
4764e83c 1020 (native-inputs `(("swig" ,swig)))
2f691218
 1021 (home-page "https://gitlab.com/m2crypto/m2crypto")
1022 (synopsis "Python crypto and TLS toolkit")
1023 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
1024featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
1025(including AES); TLS functionality to implement clients and servers; HTTPS
1026extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
1027AuthCookies for web session management; FTP/TLS client and server; S/MIME;
1028M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
1029through the Engine interface.")
e810de3e 1030 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 1031 (license license:expat)))
1032
1033(define-public python2-m2crypto
e810de3e
MB		 1034 (let ((m2crypto (package-with-python2
1035 (strip-python2-variant python-m2crypto))))
1036 (package (inherit m2crypto)
1037 (propagated-inputs
1038 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 1039
1040(define-public python-pylibscrypt
1041 (package
1042 (name "python-pylibscrypt")
1043 (version "1.7.1")
1044 (source
1045 (origin
1046 (method url-fetch)
1047 (uri (pypi-uri "pylibscrypt" version))
1048 (sha256
1049 (base32
1050 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
1051 (build-system python-build-system)
1052 (arguments
929d4d2f
NG		 1053 `(#:phases
1054 (modify-phases %standard-phases
1055 (add-before 'build 'hard-code-path-to-libscrypt
1056 (lambda* (#:key inputs #:allow-other-keys)
1057 (let ((libscrypt (assoc-ref inputs "libscrypt")))
1058 (substitute* "pylibscrypt/pylibscrypt.py"
1059 (("find_library\\('scrypt'\\)")
1060 (string-append "'" libscrypt "/lib/libscrypt.so'")))
1061 #t))))
1062 ;; The library can use various scrypt implementations and tests all of
1063 ;; them. Since we only provide a single implementation, most tests
1064 ;; fail. Simply skip them.
1065 #:tests? #f))
1066 ;; FIXME: Using "libscrypt" is the second best choice. The best one
1067 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
1068 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 1069 (inputs
929d4d2f 1070 `(("libscrypt" ,libscrypt)))
c158d476
NG		 1071 (home-page "https://github.com/jvarho/pylibscrypt")
1072 (synopsis "Scrypt for Python")
1073 (description "There are a lot of different scrypt modules for Python, but
1074none of them have everything that I'd like, so here's one more. It uses
929d4d2f 1075@code{libscrypt}.")
c158d476 1076 (license license:isc)))
40c6e454
NG		 1077
1078(define-public python-libnacl
1079 (package
1080 (name "python-libnacl")
1081 (version "1.6.1")
1082 (source
1083 (origin
1084 (method url-fetch)
1085 (uri (pypi-uri "libnacl" version))
1086 (sha256
1087 (base32
1088 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
1089 (build-system python-build-system)
1090 (arguments
1091 `(#:phases
1092 (modify-phases %standard-phases
1093 (add-after 'unpack 'locate-libsodium
1094 (lambda* (#:key inputs #:allow-other-keys)
1095 (substitute* "libnacl/__init__.py"
1096 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
1097 _ pre post)
1098 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
1099 "/lib/libsodium.so")))
1100 (string-append pre libsodium post)))))))))
1101 (native-inputs
1102 `(("python-pyhamcrest" ,python-pyhamcrest)))
1103 (inputs
1104 `(("libsodium" ,libsodium)))
1105 (home-page "https://libnacl.readthedocs.org/")
1106 (synopsis "Python bindings for libsodium based on ctypes")
1107 (description "@code{libnacl} is used to gain direct access to the
1108functions exposed by @code{NaCl} library via @code{libsodium}. It has
1109been constructed to maintain extensive documentation on how to use
1110@code{NaCl} as well as being completely portable.")
1111 (license license:asl2.0)))
cb91f6ae 1112
1fa1d822
NG		 1113(define-public python-scrypt
1114 (package
1115 (name "python-scrypt")
cc314e90 1116 (version "0.8.7")
1fa1d822
NG		 1117 (source
1118 (origin
1119 (method url-fetch)
1120 (uri (pypi-uri "scrypt" version))
1121 (sha256
1122 (base32
cc314e90 1123 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 1124 (build-system python-build-system)
1125 (inputs
1126 `(("openssl" ,openssl)))
20c604c5 1127 (home-page "https://bitbucket.org/mhallin/py-scrypt")
1fa1d822
NG		 1128 (synopsis "Bindings for the scrypt key derivation function library")
1129 (description "This is a set of Python bindings for the scrypt key
1130derivation function.")
1131 (license license:bsd-2)))
8afe166d
NN		 1132
1133(define-public python-service-identity
1134 (package
1135 (name "python-service-identity")
c105e509 1136 (version "18.1.0")
8afe166d
NN		 1137 (source
1138 (origin
1139 (method url-fetch)
1140 (uri (pypi-uri "service_identity" version))
1141 (sha256
1142 (base32
c105e509 1143 "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
8afe166d
NN		 1144 (build-system python-build-system)
1145 (propagated-inputs
1146 `(("python-attrs" ,python-attrs)
1147 ("python-pyasn1" ,python-pyasn1)
1148 ("python-pyasn1-modules" ,python-pyasn1-modules)
1149 ("python-pyopenssl" ,python-pyopenssl)))
1150 (home-page "https://service-identity.readthedocs.io/")
1151 (synopsis "Service identity verification for PyOpenSSL")
1152 (description
1153 "@code{service_identity} aspires to give you all the tools you need
1154for verifying whether a certificate is valid for the intended purposes.
1155In the simplest case, this means host name verification. However,
1156service_identity implements RFC 6125 fully and plans to add other
1157relevant RFCs too.")
1158 (license license:expat)))
1159
1160(define-public python2-service-identity
1161 (package-with-python2 python-service-identity))
0a90c789
LF		 1162
1163(define-public python-hkdf
1164 (package
1165 (name "python-hkdf")
1166 (version "0.0.3")
1167 (source
1168 (origin
1169 (method url-fetch)
1170 (uri (pypi-uri "hkdf" version))
1171 (sha256
1172 (base32
1173 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1174 (build-system python-build-system)
1175 (native-inputs
1176 `(("python-nose" ,python-nose)))
1177 (home-page "https://github.com/casebeer/python-hkdf")
1178 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1179 (description "This package provides a Python implementation of the HMAC Key
1180Derivation function (HKDF) defined in RFC 5869.")
1181 (license license:bsd-2)))
fc681a18
LF		 1182
1183(define-public python-spake2
1184 (package
1185 (name "python-spake2")
1186 (version "0.8")
1187 (source
1188 (origin
1189 (method url-fetch)
1190 (uri (pypi-uri "spake2" version))
1191 (sha256
1192 (base32
1193 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1194 (build-system python-build-system)
1195 (propagated-inputs
1196 `(("python-hkdf" ,python-hkdf)))
1197 (home-page "https://github.com/warner/python-spake2")
1198 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1199 (description "This package provides a Python implementation of the SPAKE2
1200Password-Authenticated Key Exchange algorithm.")
1201 (license license:expat)))
215f3db0
LF		 1202
1203(define-public python-txtorcon
1204 (package
1205 (name "python-txtorcon")
1206 (version "19.0.0")
1207 (source
1208 (origin
1209 (method url-fetch)
1210 (uri (pypi-uri "txtorcon" version))
1211 (sha256
1212 (base32
1213 "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p"))))
1214 (build-system python-build-system)
1215 (arguments
1216 ;; The tests fail immediately due to a missing file. Reported upstream:
1217 ;; <https://github.com/meejah/txtorcon/issues/330>
1218 `(#:tests? #f))
1219 (propagated-inputs
1220 `(("python-automat" ,python-automat)
1221 ("python-idna" ,python-idna)
1222 ("python-incremental" ,python-incremental)
215f3db0
LF		 1223 ("python-service-identity" ,python-service-identity)
1224 ("python-twisted" ,python-twisted)
1225 ("python-zope-interface" ,python-zope-interface)))
1226 (home-page "https://github.com/meejah/txtorcon")
1227 (synopsis "Twisted-based Tor controller client")
1228 (description "This package provides a Twisted-based Tor controller client,
1229with state-tracking and configuration abstractions.")
1230 (license license:expat)))
93953ec7
GLV		 1231
1232(define-public python-keyutils
1233 (package
1234 (name "python-keyutils")
1235 (version "0.6")
1236 (source
1237 (origin
1238 (method url-fetch)
1239 (uri (pypi-uri "keyutils" version))
1240 (sha256
1241 (base32
1242 "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9"))))
1243 (build-system python-build-system)
1244 (native-inputs
1245 `(("python-pytest" ,python-pytest)
1246 ("python-pytest-runner" ,python-pytest-runner)))
1247 (inputs
1248 `(("keyutils" ,keyutils)))
1249 (arguments
1250 '(#:tests? #f))
1251 (home-page "https://github.com/sassoftware/python-keyutils")
1252 (synopsis "Python bindings for keyutils")
1253 (description
1254 "This is a set of python bindings for keyutils, a key management suite
1255that leverages the infrastructure provided by the Linux kernel for safely
a806b0b0 1256storing and retrieving sensitive information in your programs.")
93953ec7 1257 (license license:asl2.0)))
1f15cbc8
CL		 1258
1259(define-public python-mcuboot-imgtool
1260 (package
1261 (name "python-mcuboot-imgtool")
1262 (version "1.4.0")
1263 (source
1264 (origin
1265 (method git-fetch)
1266 (uri (git-reference
1267 (url "https://github.com/JuulLabs-OSS/mcuboot")
1268 (commit (string-append "v" version))))
1269 (file-name (git-file-name name version))
1270 (sha256
1271 (base32
1272 "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q"))))
1273 (build-system python-build-system)
1274 (arguments
1275 `(#:phases
1276 (modify-phases %standard-phases
1277 (add-after 'unpack 'fix-broken-test
1278 (lambda _
1279 (substitute* "scripts/imgtool/keys/ed25519_test.py"
1280 (("raw_sign") "sign_digest"))
1281 #t))
1282 (add-before 'build 'change-directory
1283 (lambda _
1284 (chdir "scripts")
1285 #t)))))
1286 (propagated-inputs
1287 `(("python-click" ,python-click)
1288 ("python-intelhex" ,python-intelhex)
1289 ("python-cryptography" ,python-cryptography)))
1290 (home-page "https://mcuboot.com")
1291 (synopsis "Tool to securely sign firmware images for booting by MCUboot")
1292 (description "MCUboot is a secure bootloader for 32-bit MCUs. This
1293package provides a tool to securely sign firmware images for booting by
1294MCUboot.")
1295 (license license:expat)))
83feb3d0 1296
163997c9
AT		 1297(define-public python-ntlm-auth
1298 (package
1299 (name "python-ntlm-auth")
1300 (version "1.4.0")
1301 (source
1302 (origin
1303 (method url-fetch)
1304 (uri (pypi-uri "ntlm-auth" version))
1305 (sha256
1306 (base32
1307 "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm"))))
1308 (build-system python-build-system)
1309 (propagated-inputs
1310 `(("python-cryptography" ,python-cryptography)))
1311 (home-page "https://github.com/jborean93/ntlm-auth")
1312 (synopsis
1313 "Calculates NTLM Authentication codes")
1314 (description
1315 "This library handles the low-level details of NTLM authentication for
1316use in authenticating with a service that uses NTLM. It will create and parse
1317the 3 different message types in the order required and produce a base64
1318encoded value that can be attached to the HTTP header.
1319
1320The goal of this library is to offer full NTLM support including signing and
1321sealing of messages as well as supporting MIC for message integrity and the
1322ability to customise and set limits on the messages sent. Please see Features
1323and Backlog for a list of what is and is not currently supported.")
1324 (license license:expat)))
1325
4ee1ea76
EF		 1326(define-public python-secretstorage
1327 (package
1328 (name "python-secretstorage")
1329 (version "3.1.2")
1330 (source
1331 (origin
1332 (method url-fetch)
1333 (uri (pypi-uri "SecretStorage" version))
1334 (sha256
1335 (base32
1336 "1xmzr0j3066s220bss4nkgqbiwb5k4kkp2rkpqlqwjb5kfc8mnhm"))))
1337 (build-system python-build-system)
1338 (arguments
1339 '(#:tests? #f)) ; Tests require a running dbus service.
1340 (propagated-inputs
1341 `(("python-cryptography" ,python-cryptography)
1342 ("python-jeepney" ,python-jeepney)))
1343 (home-page "https://github.com/mitya57/secretstorage")
1344 (synopsis "Python bindings to FreeDesktop.org Secret Service API")
1345 (description
1346 "@code{python-secretstorage} provides a way for securely storing passwords
1347and other secrets. It uses D-Bus Secret Service API that is supported by GNOME
1348Keyring (since version 2.30) and KSecretsService. SecretStorage supports most
1349of the functions provided by Secret Service, including creating and deleting
1350items and collections, editing items, locking and unlocking collections
1351(asynchronous unlocking is also supported).")
1352 (license license:bsd-3)))
1353
960dafce
VM		 1354(define-public python-trustme
1355 (package
1356 (name "python-trustme")
1357 (version "0.6.0")
1358 (source
1359 (origin
1360 (method url-fetch)
1361 (uri (pypi-uri "trustme" version))
1362 (sha256
1363 (base32 "0v3vr5z6apnfmklf07m45kv5kaqvm6hxrkaqywch57bjd2siiywx"))))
1364 (build-system python-build-system)
1365 (arguments
1366 `(#:phases
1367 (modify-phases %standard-phases
1368 (replace 'check
1369 (lambda* (#:key inputs outputs #:allow-other-keys)
1370 (add-installed-pythonpath inputs outputs)
1371 (invoke "pytest" "-vv"))))))
1372 (native-inputs
1373 `(("python-more-itertools" ,python-more-itertools)
1374 ("python-pyopenssl" ,python-pyopenssl)
1375 ("python-pytest" ,python-pytest)
1376 ("python-pytest-cov" ,python-pytest-cov)
1377 ("python-service-identity" ,python-service-identity)
1378 ("python-zipp" ,python-zipp)))
1379 (propagated-inputs
1380 `(("python-cryptography" ,python-cryptography)))
1381 (home-page "https://github.com/python-trio/trustme")
1382 (synopsis "Fake a certificate authority for tests")
1383 (description
1384 "@code{trustme} is a tiny Python package that does one thing: it gives you
1385a fake certificate authority (CA) that you can use to generate fake TLS certs to
1386use in your tests.")
1387 ;; Either license applies.
1388 (license (list license:expat license:asl2.0))))
1389
5e5c695d
EF		 1390(define-public python-certipy
1391 (package
1392 (name "python-certipy")
1393 (version "0.1.3")
1394 (source
1395 (origin
1396 (method url-fetch)
1397 (uri (pypi-uri "certipy" version))
1398 (sha256
1399 (base32
1400 "0n980gqpzh0fm58h3i4mi2i10wgj606lscm1r5sk60vbf6vh8mv9"))))
1401 (build-system python-build-system)
1402 (propagated-inputs
1403 `(("python-pyopenssl" ,python-pyopenssl)))
1404 (native-inputs
1405 `(("python-pytest" ,python-pytest)))
1406 (home-page "https://github.com/LLNL/certipy")
1407 (synopsis "Utility to create and sign CAs and certificates")
1408 (description
1409 "Certipy was made to simplify the certificate creation process. To that
1410end, certipy exposes methods for creating and managing certificate authorities,
1411certificates, signing and building trust bundles.")
1412 (license license:bsd-3)))
1413
83feb3d0
EF		 1414(define-public python-jeepney
1415 (package
1416 (name "python-jeepney")
1417 (version "0.4.2")
1418 (source
1419 (origin
1420 (method url-fetch)
1421 (uri (pypi-uri "jeepney" version))
1422 (sha256
1423 (base32
1424 "1fz9lb5fl831sijg2j0sbki698j2z6awbblas7mz3gp9jz2xi9hb"))))
1425 (build-system python-build-system)
1426 (native-inputs
1427 `(("python-testpath" ,python-testpath)
1428 ("python-tornado" ,python-tornado)
1429 ("python-pytest" ,python-pytest)))
1430 (home-page "https://gitlab.com/takluyver/jeepney")
1431 (synopsis "Low-level, pure Python DBus protocol wrapper")
1432 (description
1433 "This is a low-level, pure Python DBus protocol client. It has an
1434I/O-free core, and integration modules for different event loops.")
1435 (license license:expat)))
08310637
EF		 1436
1437(define-public python-argon2-cffi
1438 (package
1439 (name "python-argon2-cffi")
9813805b 1440 (version "20.1.0")
08310637
EF		 1441 (source
1442 (origin
1443 (method url-fetch)
1444 (uri (pypi-uri "argon2-cffi" version))
1445 (sha256
1446 (base32
9813805b 1447 "0zgr4mnnm0p4i99023safb0qb8cgvl202nly1rvylk2b7qnrn0nq"))
08310637
EF		 1448 (modules '((guix build utils)))
1449 (snippet '(begin (delete-file-recursively "extras") #t))))
1450 (build-system python-build-system)
1451 (arguments
1452 '(#:phases
1453 (modify-phases %standard-phases
1454 (replace 'build
1455 (lambda _
1456 (setenv "ARGON2_CFFI_USE_SYSTEM" "1")
1457 (invoke "python" "setup.py" "build")))
1458 (replace 'check
1459 (lambda* (#:key inputs outputs #:allow-other-keys)
1460 (add-installed-pythonpath inputs outputs)
1461 (invoke "pytest")
1462 (invoke "python" "-m" "argon2" "--help")
1463 ;; see tox.ini
1464 (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1"))))))
1465 (propagated-inputs
1466 `(("python-cffi" ,python-cffi)
1467 ("python-six" ,python-six)))
1468 (inputs `(("argon2" ,argon2)))
1469 (native-inputs
1470 `(("python-hypothesis" ,python-hypothesis)
1471 ("python-pytest" ,python-pytest)))
1472 (home-page "https://argon2-cffi.readthedocs.io/")
1473 (synopsis "Secure Password Hashes for Python")
1474 (description
1475 "Argon2 is a secure password hashing algorithm. It is designed to have
1476both a configurable runtime as well as memory consumption. This means that you
1477can decide how long it takes to hash a password and how much memory is required.")
1478 (license license:expat)))
0a124c46
EF		 1479
1480(define-public python-privy
1481 (package
1482 (name "python-privy")
1483 (version "6.0.0")
1484 (source
1485 (origin
1486 (method git-fetch)
1487 (uri (git-reference
1488 ;; Releases are untagged
1489 (url "https://github.com/ofek/privy")
1490 (commit "2838db3df239797c71bddacc48a4c49a83f35747")))
1491 (file-name (git-file-name name version))
1492 (sha256
1493 (base32
1494 "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9"))))
1495 (build-system python-build-system)
1496 (arguments
1497 '(#:phases
1498 (modify-phases %standard-phases
1499 (replace 'check
1500 (lambda _
1501 (invoke "python" "-m" "pytest"))))))
1502 (native-inputs
1503 `(("python-pytest" ,python-pytest)))
1504 (propagated-inputs
1505 `(("python-argon2-cffi" ,python-argon2-cffi)
1506 ("python-cryptography" ,python-cryptography)))
1507 (home-page "https://www.dropbox.com/developers")
1508 (synopsis "Library to password-protect your data")
1509 (description
1510 "Privy is a small and fast utility for password-protecting secret
1511data such as API keys, cryptocurrency wallets, or seeds for digital
1512signatures.")
1513 (license (list license:expat license:asl2.0)))) ; dual licensed
1b11e894
JW		 1514
1515(define-public python-pgpy
1516 (package
1517 (name "python-pgpy")
1518 (version "0.5.2")
1519 (source
1520 (origin
1521 (method url-fetch)
1522 (uri (pypi-uri "PGPy" version))
1523 (sha256
1524 (base32
1525 "0i4lqhzdwkjkim3wab0kqadx28z3r5ixlh6qxj4lif4gif56c0m7"))))
1526 (build-system python-build-system)
1527 (native-inputs
1528 `(("python-cryptography" ,python-cryptography)
1529 ("python-pyasn1" ,python-pyasn1)
1530 ("python-singledispatch" ,python-singledispatch)
1531 ("python-six" ,python-six)))
1532 (home-page "https://github.com/SecurityInnovation/PGPy")
1533 (synopsis "Python implementation of OpenPGP")
1534 (description
1535 "Currently, PGPy can load keys and signatures of all kinds in both ASCII
1536armored and binary formats.
1537
1538It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It
1539can also encrypt and decrypt messages using RSA and ECDH.")
1540 (license license:bsd-3)))
df6fb956
JW		 1541
1542(define-public python-sop
1543 (package
1544 (name "python-sop")
1545 (version "0.2.0")
1546 (source
1547 (origin
1548 (method url-fetch)
1549 (uri (pypi-uri "sop" version))
1550 (sha256
1551 (base32
1552 "0gljyjsdn6hdmwlwwb5g5s0c031p6izamvfxp0d39x60af8k5jyf"))))
1553 (build-system python-build-system)
1554 (arguments
1555 '(#:tests? #f)) ; There are no tests, and unittest throws an error trying
1556 ; to find some:
1557 ; TypeError: don't know how to make test from: 0.2.0
1558 (home-page "https://gitlab.com/dkg/python-sop")
1559 (synopsis "Stateless OpenPGP Command-Line Interface")
1560 (description
1561 "The Stateless OpenPGP Command-Line Interface (or sop) is a
1562specification that encourages OpenPGP implementors to provide a common,
1563relatively simple command-line API for purposes of object security.
1564
1565This Python module helps implementers build such a CLI from any implementation
1566accessible to the Python interpreter.
1567
1568It does not provide such an implementation itself -- this is just the
1569scaffolding for the command line, which should make it relatively easy to
1570supply a handful of python functions as methods to a class.")
1571 (license license:expat))) ; MIT license
jackhill's copy of GNU Guix: https://guix.gnu.org/