HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
mailmap: Update entries for Nikita.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
263ea4eb 3;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
55e51b66 5;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com>
cc6f4912
LC		 6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
ceb5b11b 11;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
3c986a7d 12;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912
LC		 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
16;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net>
17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
93953ec7 22;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
1f15cbc8 23;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org>
f8dcdf2b 24;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
cc6f4912
LC		 25;;;
26;;; This file is part of GNU Guix.
27;;;
28;;; GNU Guix is free software; you can redistribute it and/or modify it
29;;; under the terms of the GNU General Public License as published by
30;;; the Free Software Foundation; either version 3 of the License, or (at
31;;; your option) any later version.
32;;;
33;;; GNU Guix is distributed in the hope that it will be useful, but
34;;; WITHOUT ANY WARRANTY; without even the implied warranty of
35;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
36;;; GNU General Public License for more details.
37;;;
38;;; You should have received a copy of the GNU General Public License
39;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
40
41(define-module (gnu packages python-crypto)
42 #:use-module (guix packages)
43 #:use-module (guix download)
44 #:use-module (guix git-download)
45 #:use-module (guix build-system python)
46 #:use-module (gnu packages)
ac257f12 47 #:use-module (gnu packages check)
b95c17c5 48 #:use-module (gnu packages crypto)
f8dcdf2b 49 #:use-module (gnu packages kerberos)
cc6f4912
LC		 50 #:use-module (gnu packages libffi)
51 #:use-module (gnu packages multiprecision)
08310637 52 #:use-module (gnu packages password-utils)
cc6f4912
LC		 53 #:use-module (gnu packages protobuf)
54 #:use-module (gnu packages python)
6fedf6f2 55 #:use-module (gnu packages python-check)
cb91f6ae 56 #:use-module (gnu packages python-web)
44d10b1f 57 #:use-module (gnu packages python-xyz)
33dc54b0 58 #:use-module (gnu packages time)
cc6f4912
LC		 59 #:use-module (gnu packages tls)
60 #:use-module ((guix licenses) #:prefix license:)
61 #:use-module (srfi srfi-1))
62
cef6dc64
NG		 63(define-public python-base58
64 (package
65 (name "python-base58")
ceb5b11b 66 (version "1.0.3")
cef6dc64
NG		 67 (source
68 (origin
69 (method url-fetch)
70 (uri (pypi-uri "base58" version))
71 (sha256
72 (base32
ceb5b11b 73 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 74 (build-system python-build-system)
75 (native-inputs
76 `(("python-pyhamcrest" ,python-pyhamcrest)))
77 (home-page "https://github.com/keis/base58")
78 (synopsis "Base58 and Base58Check implementation")
79 (description "Base58 and Base58Check implementation compatible
80with what is used by the Bitcoin network.")
81 (license license:expat)))
82
7c16af46
MB		 83(define-public python-bcrypt
84 (package
85 (name "python-bcrypt")
b5cb4624 86 (version "3.1.7")
7c16af46
MB		 87 (source
88 (origin
89 (method url-fetch)
90 (uri (pypi-uri "bcrypt" version))
91 (sha256
b5cb4624 92 (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b"))))
7c16af46
MB		 93 (build-system python-build-system)
94 (native-inputs
95 `(("python-pycparser" ,python-pycparser)
96 ("python-pytest" ,python-pytest)))
97 (propagated-inputs
98 `(("python-cffi" ,python-cffi)
99 ("python-six" ,python-six)))
100 (home-page "https://github.com/pyca/bcrypt/")
101 (synopsis
102 "Modern password hashing library")
103 (description
104 "Bcrypt is a Python module which provides a password hashing method based
105on the Blowfish password hashing algorithm, as described in
106@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
107Password Scheme\"} by Niels Provos and David Mazieres.")
108 (license license:asl2.0)))
109
110(define-public python2-bcrypt
111 (package-with-python2 python-bcrypt))
112
cc6f4912
LC		 113(define-public python-passlib
114 (package
115 (name "python-passlib")
aadd107d 116 (version "1.7.2")
cc6f4912
LC		 117 (source
118 (origin
119 (method url-fetch)
120 (uri (pypi-uri "passlib" version))
121 (sha256
aadd107d 122 (base32 "1a5ngap7kq0b4azq8nlfg6xg5bcl1i0v1sbynhmbr631jgpnqrld"))))
cc6f4912
LC		 123 (build-system python-build-system)
124 (native-inputs
125 `(("python-nose" ,python-nose)))
126 (propagated-inputs
127 `(("python-py-bcrypt" ,python-py-bcrypt)))
128 (arguments
129 `(#:phases
130 (modify-phases %standard-phases
131 (add-before 'check 'set-PYTHON_EGG_CACHE
132 ;; some tests require access to "$HOME/.cython"
133 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
134 (home-page "https://bitbucket.org/ecollins/passlib")
aadd107d 135 (synopsis "Comprehensive password hashing framework")
cc6f4912
LC		 136 (description
137 "Passlib is a password hashing library for Python 2 & 3, which provides
138cross-platform implementations of over 30 password hashing algorithms, as well
139as a framework for managing existing password hashes. It's designed to be
140useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
141to providing full-strength password hashing for multi-user application.")
142 (license license:bsd-3)))
143
144(define-public python2-passlib
145 (package-with-python2 python-passlib))
146
147(define-public python-py-bcrypt
148 (package
149 (name "python-py-bcrypt")
150 (version "0.4")
151 (source
152 (origin
153 (method url-fetch)
27864e7c 154 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 155 (sha256
156 (base32
157 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
158 (build-system python-build-system)
159 (home-page "https://code.google.com/p/py-bcrypt")
160 (synopsis
161 "Bcrypt password hashing and key derivation")
162 (description
163 "A python wrapper of OpenBSD's Blowfish password hashing code. This
164system hashes passwords using a version of Bruce Schneier's Blowfish block
165cipher with modifications designed to raise the cost of off-line password
166cracking and frustrate fast hardware implementation. The computation cost of
3defa90d 167the algorithm is parametrised, so it can be increased as computers get faster.
cc6f4912
LC		 168The intent is to make a compromise of a password database less likely to
169result in an attacker gaining knowledge of the plaintext passwords (e.g. using
170John the Ripper).")
171 ;; "sha2.c" is under BSD-3;
172 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
173 ;; the rest is under ISC.
174 (license (list license:isc license:bsd-3 license:bsd-4))))
175
176(define-public python2-py-bcrypt
177 (package-with-python2 python-py-bcrypt))
178
e64088f0
VC		 179(define-public python-pyblake2
180 (package
181 (name "python-pyblake2")
182 (version "1.1.2")
183 (source
184 (origin
185 (method url-fetch)
186 (uri (pypi-uri "pyblake2" version))
187 (sha256
188 (base32
189 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
190 (build-system python-build-system)
191 (home-page "https://github.com/dchest/pyblake2")
192 (synopsis "BLAKE2 hash function for Python")
193 (description "BLAKE2 is a cryptographic hash function, which offers
194stronger security while being as fast as MD5 or SHA-1, and comes in two
195flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
196of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
19732-bit platforms and produces digests of any size between 1 and 32 bytes.
198
199This package provides a Python interface for BLAKE2.")
200 ;; The COPYING file declares it as public domain, with the option to
201 ;; alternatively use and redistribute it under a variety of permissive
202 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
203 (license (list license:public-domain license:cc0))))
204
cc6f4912
LC		 205(define-public python-paramiko
206 (package
207 (name "python-paramiko")
6569549d 208 (version "2.4.2")
cc6f4912
LC		 209 (source
210 (origin
211 (method url-fetch)
212 (uri (pypi-uri "paramiko" version))
213 (sha256
214 (base32
6569549d 215 "1jqgj2gl1pz7bi2aab1r2xq0ml0gskmm9p235cg9y32nydymm5x8"))))
cc6f4912
LC		 216 (build-system python-build-system)
217 (arguments
8e84eb68
MB		 218 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
219 #:tests? #f))
cc6f4912 220 (propagated-inputs
2fbc38e3
LF		 221 `(("python-bcrypt" ,python-bcrypt)
222 ("python-pyasn1" ,python-pyasn1)
223 ("python-pynacl" ,python-pynacl)
cc6f4912 224 ("python-cryptography" ,python-cryptography)))
101ad242 225 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 226 (synopsis "SSHv2 protocol library")
227 (description "Paramiko is a python implementation of the SSHv2 protocol,
228providing both client and server functionality. While it leverages a Python C
229extension for low level cryptography (PyCrypto), Paramiko itself is a pure
230Python interface around SSH networking concepts.")
231 (license license:lgpl2.1+)))
232
233(define-public python2-paramiko
234 (package-with-python2 python-paramiko))
235
236(define-public python-ecdsa
237 (package
238 (name "python-ecdsa")
c57b8419 239 (version "0.14.1")
cc6f4912
LC		 240 (source
241 (origin
242 (method url-fetch)
86228e56 243 (uri (pypi-uri "ecdsa" version))
cc6f4912 244 (sha256
c57b8419 245 (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4"))))
cc6f4912 246 (build-system python-build-system)
92fe2513
EF		 247 (arguments
248 '(#:phases
249 (modify-phases %standard-phases
250 (replace 'check
251 (lambda _ (invoke "pytest"))))))
c57b8419
EF		 252 (propagated-inputs
253 `(("python-six" ,python-six)))
254 (native-inputs
92fe2513
EF		 255 `(("openssl" ,openssl)
256 ("python-pytest" ,python-pytest)))
9cd100b6
TGR		 257 (home-page "https://github.com/warner/python-ecdsa")
258 (synopsis "ECDSA cryptographic signature library (pure python)")
cc6f4912
LC		 259 (description
260 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
261Curve Digital Signature Algorithm), implemented purely in Python. With this
262library, you can quickly create keypairs (signing key and verifying key), sign
263messages, and verify the signatures. The keys and signatures are very short,
264making them easy to handle and incorporate into other protocols.")
265 (license license:expat)))
266
267(define-public python2-ecdsa
268 (package-with-python2 python-ecdsa))
269
270;;; Pycrypto is abandoned upstream:
271;;;
272;;; https://github.com/dlitz/pycrypto/issues/173
273;;;
274;;; TODO Remove this package from GNU Guix.
275(define-public python-pycrypto
276 (package
277 (name "python-pycrypto")
278 (version "2.6.1")
279 (source
280 (origin
281 (method url-fetch)
282 (uri (pypi-uri "pycrypto" version))
2a2a9878
MB		 283 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"
284 "python-pycrypto-time-clock.patch"))
cc6f4912
LC		 285 (sha256
286 (base32
287 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
288 (build-system python-build-system)
289 (inputs
290 `(("python" ,python)
291 ("gmp" ,gmp)))
292 (arguments
293 `(#:phases
294 (modify-phases %standard-phases
295 (add-before 'build 'set-build-env
296 ;; pycrypto runs an autoconf configure script behind the scenes
297 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
52888f52 298 (home-page "https://www.dlitz.net/software/pycrypto/")
cc6f4912
LC		 299 (synopsis "Cryptographic modules for Python")
300 (description
301 "Pycrypto is a collection of both secure hash functions (such as SHA256
302and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
303etc.). The package is structured to make adding new modules easy.")
304 (license license:public-domain)))
305
306(define-public python2-pycrypto
307 (let ((pycrypto (package-with-python2 python-pycrypto)))
308 (package (inherit pycrypto)
309 (inputs
310 `(("python" ,python-2)
311 ,@(alist-delete
312 "python"
313 (package-inputs pycrypto)))))))
314
f8dcdf2b
AT		 315(define-public python-kerberos
316 (package
317 (name "python-kerberos")
318 (version "1.3.0")
319 (source
320 (origin
321 (method url-fetch)
322 (uri (pypi-uri "kerberos" version))
323 (sha256
324 (base32
325 "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh"))))
326 (build-system python-build-system)
327 (inputs
328 `(("mit-krb5" ,mit-krb5)))
329 (home-page "https://github.com/apple/ccs-pykerberos")
330 (synopsis
331 "Python Kerberos library used by CalendarServer")
332 (description
333 "This Python package is a high-level wrapper for Kerberos (GSSAPI)
334operations. The goal is to avoid having to build a module that wraps the
335entire Kerberos.framework, and instead offer a limited set of functions that
336do what is needed for client/server Kerberos authentication based on
337<http://www.ietf.org/rfc/rfc4559.txt>.")
338 (license license:asl2.0)))
339
cc6f4912
LC		 340(define-public python-keyring
341 (package
342 (name "python-keyring")
6fedf6f2 343 (version "21.0.0")
cc6f4912
LC		 344 (source
345 (origin
346 (method url-fetch)
347 (uri (pypi-uri "keyring" version))
348 (sha256
349 (base32
6fedf6f2
EF		 350 "1k0w3yh3fz0qp0cvkxdiinq9jzbrnc6bd88qpjz34x3cgcr94psz"))
351 (modules '((guix build utils)))
352 (snippet
353 ;; https://github.com/jaraco/keyring/issues/414
354 '(begin (substitute* "tests/test_packaging.py"
355 (("ep, =") "(ep,) =")) #t))))
cc6f4912 356 (build-system python-build-system)
6fedf6f2
EF		 357 (arguments
358 `(#:phases
359 (modify-phases %standard-phases
360 (replace 'check
361 (lambda _
362 ;; Not clear why this test fails.
363 (delete-file "tests/test_packaging.py")
364 (substitute* "pytest.ini"
365 (("--black ") ""))
366 (invoke "pytest"))))))
cc6f4912 367 (native-inputs
770b1d65 368 `(("python-pytest" ,python-pytest)
6fedf6f2
EF		 369 ("python-pytest-checkdocs" ,python-pytest-checkdocs)
370 ("python-pytest-cov" ,python-pytest-cov)
371 ("python-pytest-flake8" ,python-pytest-flake8)
770b1d65 372 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912 373 (propagated-inputs
6fedf6f2
EF		 374 `(("python-importlib-metadata" ,python-importlib-metadata)
375 ("python-secretstorage" ,python-secretstorage)))
cc6f4912
LC		 376 (home-page "https://github.com/jaraco/keyring")
377 (synopsis "Store and access your passwords safely")
378 (description
379 "The Python keyring lib provides a easy way to access the system keyring
380service from python. It can be used in any application that needs safe
381password storage.")
382 ;; "MIT" and PSF dual license
6fedf6f2 383 (properties `((python2-variant . ,(delay python2-keyring))))
cc6f4912
LC		 384 (license license:x11)))
385
386(define-public python2-keyring
6fedf6f2
EF		 387 (let ((keyring (package-with-python2
388 (strip-python2-variant python-keyring))))
389 (package
390 (inherit keyring)
391 (name "python2-keyring")
392 (version "8.7")
393 (source
394 (origin
395 (method url-fetch)
396 (uri (pypi-uri "keyring" version))
397 (sha256
398 (base32
399 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
400 (arguments
401 `(#:python ,python-2))
402 (native-inputs
403 `(("python2-pytest" ,python2-pytest)
404 ("python2-pytest-runner" ,python2-pytest-runner)
405 ("python2-setuptools-scm" ,python2-setuptools-scm)))
406 (propagated-inputs
407 `(("python2-pycrypto" ,python2-pycrypto))))))
cc6f4912 408
9a684b40
EF		 409(define-public python-keyrings.alt
410 (package
411 (name "python-keyrings.alt")
412 (version "3.4.0")
413 (source
414 (origin
415 (method url-fetch)
416 (uri (pypi-uri "keyrings.alt" version))
417 (sha256
418 (base32
419 "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli"))
420 (modules '((guix build utils)))
421 (snippet
422 '(begin
423 (delete-file "keyrings/alt/_win_crypto.py")
424 ;; Rely on python-keyring>20:
425 ;; https://github.com/jaraco/keyrings.alt/issues/33
426 (substitute* '("keyrings/alt/tests/test_Gnome.py"
427 "keyrings/alt/tests/test_Google.py"
428 "keyrings/alt/tests/test_Windows.py"
429 "keyrings/alt/tests/test_file.py"
430 "keyrings/alt/tests/test_pyfs.py")
431 (("keyring.tests.test_backend") "keyring.testing.backend")
432 (("keyring.tests.util") "keyring.testing.util"))
433 #t))))
434 (build-system python-build-system)
435 (native-inputs
436 `(("python-keyring" ,python-keyring)
437 ("python-pytest" ,python-pytest)
438 ("python-setuptools-scm" ,python-setuptools-scm)))
439 (home-page "https://github.com/jaraco/keyrings.alt")
440 (synopsis "Alternate keyring implementations")
441 (description "Keyrings in this package may have security risks or other
442implications. These backends were extracted from the main keyring project to
443make them available for those who wish to employ them, but are discouraged for
444general production use. Include this module and use its backends at your own
445risk.")
446 (license license:expat)))
447
cc6f4912
LC		 448(define-public python-certifi
449 (package
450 (name "python-certifi")
3b5671a3 451 (version "2019.3.9")
cc6f4912
LC		 452 (source (origin
453 (method url-fetch)
454 (uri (pypi-uri "certifi" version))
455 (sha256
456 (base32
3b5671a3 457 "1bnpw7hrf9i1l9gfxjnzi45hkrvzz0pyn9ia8m4mw7sxhgb08qdj"))))
cc6f4912
LC		 458 (build-system python-build-system)
459 (home-page "https://certifi.io/")
460 (synopsis "Python CA certificate bundle")
461 (description
462 "Certifi is a Python library that contains a CA certificate bundle, which
463is used by the Requests library to verify HTTPS requests.")
464 (license license:asl2.0)))
465
466(define-public python2-certifi
467 (package-with-python2 python-certifi))
468
469(define-public python-cryptography-vectors
470 (package
471 (name "python-cryptography-vectors")
618c7d66 472 (version "2.7")
cc6f4912
LC		 473 (source
474 (origin
475 (method url-fetch)
476 (uri (pypi-uri "cryptography_vectors" version))
477 (sha256
478 (base32
618c7d66 479 "1g38zw90510azyfrj6mxbslx2gp9yrnv5dac0w2819k9ssdznbgi"))))
cc6f4912
LC		 480 (build-system python-build-system)
481 (home-page "https://github.com/pyca/cryptography")
482 (synopsis "Test vectors for the cryptography package")
483 (description
484 "This package contains test vectors for the cryptography package.")
485 ;; Distributed under either BSD-3 or ASL2.0
486 (license (list license:bsd-3 license:asl2.0))))
487
488(define-public python2-cryptography-vectors
489 (package-with-python2 python-cryptography-vectors))
490
491(define-public python-cryptography
492 (package
493 (name "python-cryptography")
618c7d66 494 (version "2.7")
cc6f4912
LC		 495 (source
496 (origin
497 (method url-fetch)
498 (uri (pypi-uri "cryptography" version))
499 (sha256
500 (base32
618c7d66 501 "1inlnr36kl36551c9rcad99jmhk81v33by3glkadwdcgmi17fd76"))))
cc6f4912
LC		 502 (build-system python-build-system)
503 (inputs
504 `(("openssl" ,openssl)))
505 (propagated-inputs
506 `(("python-asn1crypto" ,python-asn1crypto)
507 ("python-cffi" ,python-cffi)
508 ("python-six" ,python-six)
509 ("python-idna" ,python-idna)
510 ("python-iso8601" ,python-iso8601)))
511 (native-inputs
512 `(("python-cryptography-vectors" ,python-cryptography-vectors)
513 ("python-hypothesis" ,python-hypothesis)
514 ("python-pretend" ,python-pretend)
515 ("python-pytz" ,python-pytz)
2dd12924 516 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 517 (home-page "https://github.com/pyca/cryptography")
518 (synopsis "Cryptographic recipes and primitives for Python")
519 (description
520 "cryptography is a package which provides cryptographic recipes and
521primitives to Python developers. It aims to be the “cryptographic standard
522library” for Python. The package includes both high level recipes, and low
523level interfaces to common cryptographic algorithms such as symmetric ciphers,
524message digests and key derivation functions.")
525 ;; Distributed under either BSD-3 or ASL2.0
526 (license (list license:bsd-3 license:asl2.0))
527 (properties `((python2-variant . ,(delay python2-cryptography))))))
528
529(define-public python2-cryptography
530 (let ((crypto (package-with-python2
531 (strip-python2-variant python-cryptography))))
532 (package (inherit crypto)
533 (propagated-inputs
534 `(("python2-ipaddress" ,python2-ipaddress)
535 ("python2-backport-ssl-match-hostname"
536 ,python2-backport-ssl-match-hostname)
537 ("python2-enum34" ,python2-enum34)
538 ,@(package-propagated-inputs crypto))))))
539
540(define-public python-pyopenssl
541 (package
542 (name "python-pyopenssl")
c6e33df9 543 (version "19.0.0")
cc6f4912
LC		 544 (source
545 (origin
546 (method url-fetch)
547 (uri (pypi-uri "pyOpenSSL" version))
548 (sha256
549 (base32
c6e33df9 550 "007j40y7x3k8xj54dy2qnij9lldfp71k9mkflhd9vqbdiwrndjmf"))))
cc6f4912
LC		 551 (build-system python-build-system)
552 (arguments
553 '(#:phases
554 (modify-phases %standard-phases
555 (delete 'check)
556 (add-after 'install 'check
557 (lambda* (#:key inputs outputs #:allow-other-keys)
558 (add-installed-pythonpath inputs outputs)
55e51b66
MB		 559 ;; PyOpenSSL runs tests against a certificate with a fixed
560 ;; expiry time. To ensure successful builds in the future,
561 ;; set the time to roughly the release date.
562 (invoke "faketime" "2019-01-01" "py.test" "-v" "-k"
c6e33df9
RW		 563 (string-append
564 ;; This test tries to look up certificates from
565 ;; the compiled-in default path in OpenSSL, which
566 ;; does not exist in the build environment.
567 "not test_fallback_default_verify_paths "
568 ;; This test attempts to make a connection to
569 ;; an external web service.
570 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 571 (propagated-inputs
572 `(("python-cryptography" ,python-cryptography)
573 ("python-six" ,python-six)))
574 (inputs
575 `(("openssl" ,openssl)))
576 (native-inputs
55e51b66
MB		 577 `(("libfaketime" ,libfaketime)
578 ("python-flaky" ,python-flaky)
cc6f4912 579 ("python-pretend" ,python-pretend)
2dd12924 580 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 581 (home-page "https://github.com/pyca/pyopenssl")
582 (synopsis "Python wrapper module around the OpenSSL library")
583 (description
584 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
585library.")
586 (license license:asl2.0)))
587
588(define-public python2-pyopenssl
589 (package-with-python2 python-pyopenssl))
590
579b4362
DM		 591(define-public python-ed25519
592 (package
593 (name "python-ed25519")
594 (version "1.4")
595 (source
596 (origin
597 (method url-fetch)
598 (uri (pypi-uri "ed25519" version))
599 (sha256
600 (base32
601 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
602 (build-system python-build-system)
603 (home-page "https://github.com/warner/python-ed25519")
604 (synopsis "Ed25519 public-key signatures")
605 (description "Ed25519 public-key signatures")
606 (license license:expat)))
607
608(define-public python2-ed25519
609 (package-with-python2 python-ed25519))
610
cc6f4912
LC		 611(define-public python-axolotl-curve25519
612 (package
613 (name "python-axolotl-curve25519")
614 (version "0.1")
615 (source
616 (origin
617 (method git-fetch)
618 (uri (git-reference
619 (url "https://github.com/tgalal/python-axolotl-curve25519")
620 (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2")))
621 (file-name (string-append name "-" version "-checkout"))
622 (sha256
623 (base32
624 "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra"))))
625 (build-system python-build-system)
626 (arguments
627 `(;; Prevent creation of the egg. This works around
628 ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765
629 #:configure-flags '("--root=/")))
630 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
631 (synopsis "Python wrapper for curve25519 library")
632 (description "This is a python wrapper for the curve25519 library
633with ed25519 signatures. The C code was pulled from
634libaxolotl-android. At the moment this wrapper is meant for use by
635python-axolotl.")
636 (license (list license:gpl3 ; Most files
637 license:bsd-3)))) ; curve/curve25519-donna.c
638
639(define-public python2-axolotl-curve25519
640 (package-with-python2 python-axolotl-curve25519))
641
642(define-public python-axolotl
643 (package
644 (name "python-axolotl")
51f887f3 645 (version "0.1.39")
cc6f4912
LC		 646 (source
647 (origin
263ea4eb
EF		 648 (method git-fetch)
649 (uri (git-reference
650 (url "https://github.com/tgalal/python-axolotl")
651 (commit version)))
652 (file-name (git-file-name name version))
51f887f3 653 (patches (search-patches "python-axolotl-AES-fix.patch"))
cc6f4912 654 (sha256
263ea4eb 655 (base32 "0xm9qgcwf6fq7rhzfcviwhbzcbj4i7wkxkab2z55fy1x82lya9g6"))))
cc6f4912
LC		 656 (build-system python-build-system)
657 (arguments
658 `(#:phases
659 (modify-phases %standard-phases
660 ;; Don't install tests
661 (add-before 'install 'remove-tests
662 (lambda _
663 (for-each delete-file-recursively
664 '("axolotl/tests" "build/lib/axolotl/tests"))
665 #t)))))
666 (propagated-inputs
667 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
668 ("python-dateutil" ,python-dateutil)
669 ("python-protobuf" ,python-protobuf)
670 ("python-pycrypto" ,python-pycrypto)))
671 (home-page "https://github.com/tgalal/python-axolotl")
672 (synopsis "Python port of libaxolotl-android")
673 (description "This is a python port of libaxolotl-android. This
674is a ratcheting forward secrecy protocol that works in synchronous and
675asynchronous messaging environments.")
676 (license license:gpl3)))
677
678(define-public python2-axolotl
679 (package-with-python2 python-axolotl))
680
681;; SlowAES isn't compatible with Python 3.
682(define-public python2-slowaes
683 (package
684 (name "python2-slowaes")
685 (version "0.1a1")
686 (source
687 (origin
688 (method url-fetch)
689 (uri (pypi-uri "slowaes" version))
690 (sha256
691 (base32
692 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
693 (build-system python-build-system)
694 (arguments `(#:python ,python-2))
695 (home-page "http://code.google.com/p/slowaes/")
696 (synopsis "Implementation of AES in Python")
697 (description "This package contains an implementation of AES in Python.
698This implementation is slow (hence the project name) but still useful when
699faster ones are not available.")
700 (license license:asl2.0)))
701
702(define-public python-pyaes
703 (package
704 (name "python-pyaes")
6de86fd5 705 (version "1.6.1")
cc6f4912
LC		 706 (source
707 (origin
708 (method url-fetch)
709 (uri (pypi-uri "pyaes" version))
710 (sha256
711 (base32
6de86fd5 712 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 713 (build-system python-build-system)
714 (home-page "https://github.com/ricmoo/pyaes")
715 (synopsis "Implementation of AES in Python")
716 (description "This package contains a pure-Python implementation of the
717AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
718ECB and OFB).")
719 (license license:expat)))
720
721(define-public python2-pyaes
722 (package-with-python2 python-pyaes))
b95c17c5
LC		 723
724(define-public python-asn1crypto
725 (package
726 (name "python-asn1crypto")
19f2a526 727 (version "0.24.0")
b95c17c5
LC		 728 (source
729 (origin
d3b7feb7
EF		 730 (method git-fetch)
731 (uri (git-reference
732 (url "https://github.com/wbond/asn1crypto.git")
733 (commit version)))
734 (file-name (git-file-name name version))
b95c17c5
LC		 735 (sha256
736 (base32
19f2a526 737 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 738 (build-system python-build-system)
739 (home-page "https://github.com/wbond/asn1crypto")
740 (synopsis "ASN.1 parser and serializer in Python")
741 (description "asn1crypto is an ASN.1 parser and serializer with definitions
742for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
743PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
744 (license license:expat)))
745
746(define-public python2-asn1crypto
747 (package-with-python2 python-asn1crypto))
748
749(define-public python-pynacl
750 (package
751 (name "python-pynacl")
60ed8787 752 (version "1.3.0")
b95c17c5
LC		 753 (source
754 (origin
755 (method url-fetch)
756 (uri (pypi-uri "PyNaCl" version))
757 (modules '((guix build utils)))
3a844a98 758 ;; Remove bundled libsodium.
6cbee49d
MW		 759 (snippet '(begin (delete-file-recursively "src/libsodium")
760 #t))
b95c17c5
LC		 761 (sha256
762 (base32
60ed8787 763 "0330wyvggm19xhmwmz9rrr97lzbv3siwfy50gmax3vvgs7nh0q8c"))))
b95c17c5
LC		 764 (build-system python-build-system)
765 (arguments
766 `(#:phases
767 (modify-phases %standard-phases
768 (add-before 'build 'use-system-sodium
769 (lambda _
770 (setenv "SODIUM_INSTALL" "system")
771 #t)))))
772 (native-inputs
6969ad0e
LF		 773 `(("python-hypothesis" ,python-hypothesis)
774 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 775 (propagated-inputs
776 `(("python-cffi" ,python-cffi)
777 ("python-six" ,python-six)
778 ("libsodium" ,libsodium)))
779 (home-page "https://github.com/pyca/pynacl/")
780 (synopsis "Python bindings to libsodium")
781 (description
782 "PyNaCl is a Python binding to libsodium, which is a fork of the
783Networking and Cryptography library. These libraries have a stated goal
784of improving usability, security and speed.")
785 (license license:asl2.0)))
786
acc6e695
JL		 787(define-public python2-pynacl
788 (package-with-python2 python-pynacl))
789
b95c17c5
LC		 790(define-public python2-pgpdump
791 (package
792 (name "python2-pgpdump")
793 (version "1.5")
794 (source
795 (origin
796 (method url-fetch)
797 (uri (pypi-uri "pgpdump" version))
798 (sha256
799 (base32
800 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
801 (build-system python-build-system)
802
803 ;; Currently fails to build with Python 3.
804 (arguments `(#:python ,python-2))
805
806 (home-page "https://github.com/toofishes/python-pgpdump")
807 (synopsis "Python library for parsing PGP packets")
808 (description
809 "Python-pgpdump is an OpenPGP packet parser based on
810@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
811
812@itemize
813@item signature packets;
814@item public key packets;
815@item secret key packets;
816@item trust, user ID, and user attribute packets;
817@item ASCII-armor decoding and CRC check.
818@end itemize\n")
819 (license license:bsd-3)))
820
821(define-public python2-roca-detect
822 (package
823 (name "python2-roca-detect")
824 (version "1.0.8")
825 (source
826 (origin
827 (method url-fetch)
828 (uri (pypi-uri "roca-detect" version))
829 (sha256
830 (base32
831 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
832 (build-system python-build-system)
833 (native-inputs
834 ;; TODO: apk_parse_ph4, pyjks
835 `(("python2-dateutil" ,python2-dateutil)
836 ("python2-six" ,python2-six)
837 ("python2-cryptography" ,python2-cryptography)
838 ("python2-future" ,python2-future)
839 ("python2-coloredlogs" ,python2-coloredlogs)
840 ("python2-pgpdump" ,python2-pgpdump)))
841 (arguments
842 `(;; Basic testing routine is quite simple and works with Py3
843 ;; but the rest of the code that processes the different
844 ;; key formats and extracts the modulus for inspection is
845 ;; not yet fully py3 ready.
846 #:python ,python-2))
847 (home-page "https://github.com/crocs-muni/roca")
848 (synopsis "ROCA detection tool")
849 (description
850 "This tool is related to the paper entitled @i{Return of the
851Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
852enables you to test public RSA keys for a presence of the described
853vulnerability. Currently the tool supports the following key formats: X.509
854Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
855key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
856file, and more.")
857 (license license:gpl3)))
d0d5f726 858
3eca7ff9
EF		 859(define-public python-blurhash
860 (package
861 (name "python-blurhash")
862 (version "1.1.4")
863 (source
864 (origin
865 ;; Tests not included in pypi release and releases not tagged in git repo.
866 (method git-fetch)
867 (uri (git-reference
868 (url "https://github.com/halcy/blurhash-python")
869 (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8")))
870 (file-name (git-file-name name version))
871 (sha256
872 (base32
873 "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf"))))
874 (build-system python-build-system)
875 (arguments
876 '(#:phases
877 (modify-phases %standard-phases
878 (replace 'check
879 (lambda _
880 (delete-file "setup.cfg")
881 (invoke "pytest"))))))
882 (native-inputs
883 `(("python-numpy" ,python-numpy)
884 ("python-pillow" ,python-pillow)
885 ("python-pytest" ,python-pytest)))
886 (home-page "https://github.com/halcy/blurhash-python")
887 (synopsis
888 "Pure-Python implementation of the blurhash algorithm")
889 (description
890 "Pure-Python implementation of the blurhash algorithm.")
891 (license license:expat)))
892
d0d5f726
DM		 893(define-public python-ecpy
894 (package
895 (name "python-ecpy")
37da5813 896 (version "0.10.0")
d0d5f726
DM		 897 (source
898 (origin
899 (method url-fetch)
900 (uri (pypi-uri "ECPy" version))
901 (sha256
902 (base32
37da5813 903 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 904 (build-system python-build-system)
905 (propagated-inputs
906 `(("python-future" ,python-future)))
907 (home-page "https://github.com/ubinity/ECPy")
908 (synopsis "Pure Python Elliptic Curve Library")
909 (description "This package provides a Elliptic Curve Library in pure
910Python.")
911 (license license:asl2.0)))
912
913(define-public python2-ecpy
914 (package-with-python2 python-ecpy))
c1927129
LF		 915
916(define-public python-josepy
917 (package
918 (name "python-josepy")
205044b9 919 (version "1.1.0")
c1927129
LF		 920 (source (origin
921 (method url-fetch)
922 (uri (pypi-uri "josepy" version))
923 (sha256
924 (base32
205044b9 925 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 926 (build-system python-build-system)
927 (arguments
205044b9 928 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 929 '(#:tests? #f))
930 (propagated-inputs
931 `(("python-cryptography" ,python-cryptography)
932 ("python-pyopenssl" ,python-pyopenssl)
933 ("python-six" ,python-six)))
205044b9 934;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 935; (native-inputs
936; `(("python-coverage" ,python-coverage)
937; ("python-flake8" ,python-flake8)
938; ("python-isort" ,python-isort)
939; ("python-mock" ,python-mock)
205044b9 940; ("python-pytest" ,python-pytest)
c1927129
LF		 941; ("python-pytest-cov" ,python-pytest-cov)
942; ("python-pytest-cache" ,python-pytest-cache)
943; ("python-pytest-flake8" ,python-pytest-flake8)))
944 (home-page "https://github.com/certbot/josepy")
945 (synopsis "JOSE protocol implementation in Python")
946 (description "This package provides a Python implementation of the JOSE
947protocol (Javascript Object Signing and Encryption).")
948 (license license:asl2.0)))
949
950(define-public python2-josepy
951 (package-with-python2 python-josepy))
d32456d5
OP		 952
953(define-public python-pycryptodome
954 (package
955 (name "python-pycryptodome")
a62887d3 956 (version "3.7.3")
d32456d5
OP		 957 (source
958 (origin
959 (method url-fetch)
960 (uri (pypi-uri "pycryptodome" version))
961 (sha256
962 (base32
a62887d3 963 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 964 (build-system python-build-system)
965 (home-page "https://www.pycryptodome.org")
966 (synopsis "Cryptographic library for Python")
967 (description "This package provides a cryptographic library for Python.
968
969It brings the following enhancements with respect to the last official version
970of PyCrypto:
971
972@itemize
973@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
974@item Accelerated AES on Intel platforms via AES-NI
975@item First class support for PyPy
976@item Elliptic curves cryptography (NIST P-256 curve only)
977@item Better and more compact API (nonce and iv attributes for ciphers,
978automatic generation of random nonces and IVs, simplified CTR cipher mode, and
979more)
980@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
981@item Salsa20 and ChaCha20 stream ciphers
982@item scrypt and HKDF
983@item Deterministic (EC)DSA
984@item Password-protected PKCS#8 key containers
985@item Shamir’s Secret Sharing scheme
986@item Random numbers get sourced directly from the OS (and not from a CSPRNG
987in userspace)
988@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
989@item Major clean ups and simplification of the code base
990@end itemize\n")
991 (license license:bsd-2)))
992
993(define-public python2-pycryptodome
994 (package-with-python2 python-pycryptodome))
2f691218
 995
996(define-public python-m2crypto
997 (package
998 (name "python-m2crypto")
3b4cc5cb 999 (version "0.35.2")
2f691218
 1000 (source
1001 (origin
1002 (method url-fetch)
1003 (uri (pypi-uri "M2Crypto" version))
1004 (sha256
3b4cc5cb 1005 (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc"))))
2f691218
 1006 (build-system python-build-system)
1007 (inputs `(("openssl" ,openssl)))
2f691218
 1008 (home-page "https://gitlab.com/m2crypto/m2crypto")
1009 (synopsis "Python crypto and TLS toolkit")
1010 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
1011featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
1012(including AES); TLS functionality to implement clients and servers; HTTPS
1013extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
1014AuthCookies for web session management; FTP/TLS client and server; S/MIME;
1015M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
1016through the Engine interface.")
e810de3e 1017 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 1018 (license license:expat)))
1019
1020(define-public python2-m2crypto
e810de3e
MB		 1021 (let ((m2crypto (package-with-python2
1022 (strip-python2-variant python-m2crypto))))
1023 (package (inherit m2crypto)
1024 (propagated-inputs
1025 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 1026
1027(define-public python-pylibscrypt
1028 (package
1029 (name "python-pylibscrypt")
1030 (version "1.7.1")
1031 (source
1032 (origin
1033 (method url-fetch)
1034 (uri (pypi-uri "pylibscrypt" version))
1035 (sha256
1036 (base32
1037 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
1038 (build-system python-build-system)
1039 (arguments
929d4d2f
NG		 1040 `(#:phases
1041 (modify-phases %standard-phases
1042 (add-before 'build 'hard-code-path-to-libscrypt
1043 (lambda* (#:key inputs #:allow-other-keys)
1044 (let ((libscrypt (assoc-ref inputs "libscrypt")))
1045 (substitute* "pylibscrypt/pylibscrypt.py"
1046 (("find_library\\('scrypt'\\)")
1047 (string-append "'" libscrypt "/lib/libscrypt.so'")))
1048 #t))))
1049 ;; The library can use various scrypt implementations and tests all of
1050 ;; them. Since we only provide a single implementation, most tests
1051 ;; fail. Simply skip them.
1052 #:tests? #f))
1053 ;; FIXME: Using "libscrypt" is the second best choice. The best one
1054 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
1055 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 1056 (inputs
929d4d2f 1057 `(("libscrypt" ,libscrypt)))
c158d476
NG		 1058 (home-page "https://github.com/jvarho/pylibscrypt")
1059 (synopsis "Scrypt for Python")
1060 (description "There are a lot of different scrypt modules for Python, but
1061none of them have everything that I'd like, so here's one more. It uses
929d4d2f 1062@code{libscrypt}.")
c158d476 1063 (license license:isc)))
40c6e454
NG		 1064
1065(define-public python-libnacl
1066 (package
1067 (name "python-libnacl")
1068 (version "1.6.1")
1069 (source
1070 (origin
1071 (method url-fetch)
1072 (uri (pypi-uri "libnacl" version))
1073 (sha256
1074 (base32
1075 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
1076 (build-system python-build-system)
1077 (arguments
1078 `(#:phases
1079 (modify-phases %standard-phases
1080 (add-after 'unpack 'locate-libsodium
1081 (lambda* (#:key inputs #:allow-other-keys)
1082 (substitute* "libnacl/__init__.py"
1083 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
1084 _ pre post)
1085 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
1086 "/lib/libsodium.so")))
1087 (string-append pre libsodium post)))))))))
1088 (native-inputs
1089 `(("python-pyhamcrest" ,python-pyhamcrest)))
1090 (inputs
1091 `(("libsodium" ,libsodium)))
1092 (home-page "https://libnacl.readthedocs.org/")
1093 (synopsis "Python bindings for libsodium based on ctypes")
1094 (description "@code{libnacl} is used to gain direct access to the
1095functions exposed by @code{NaCl} library via @code{libsodium}. It has
1096been constructed to maintain extensive documentation on how to use
1097@code{NaCl} as well as being completely portable.")
1098 (license license:asl2.0)))
cb91f6ae 1099
1fa1d822
NG		 1100(define-public python-scrypt
1101 (package
1102 (name "python-scrypt")
cc314e90 1103 (version "0.8.7")
1fa1d822
NG		 1104 (source
1105 (origin
1106 (method url-fetch)
1107 (uri (pypi-uri "scrypt" version))
1108 (sha256
1109 (base32
cc314e90 1110 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 1111 (build-system python-build-system)
1112 (inputs
1113 `(("openssl" ,openssl)))
20c604c5 1114 (home-page "https://bitbucket.org/mhallin/py-scrypt")
1fa1d822
NG		 1115 (synopsis "Bindings for the scrypt key derivation function library")
1116 (description "This is a set of Python bindings for the scrypt key
1117derivation function.")
1118 (license license:bsd-2)))
8afe166d
NN		 1119
1120(define-public python-service-identity
1121 (package
1122 (name "python-service-identity")
c105e509 1123 (version "18.1.0")
8afe166d
NN		 1124 (source
1125 (origin
1126 (method url-fetch)
1127 (uri (pypi-uri "service_identity" version))
1128 (sha256
1129 (base32
c105e509 1130 "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
8afe166d
NN		 1131 (build-system python-build-system)
1132 (propagated-inputs
1133 `(("python-attrs" ,python-attrs)
1134 ("python-pyasn1" ,python-pyasn1)
1135 ("python-pyasn1-modules" ,python-pyasn1-modules)
1136 ("python-pyopenssl" ,python-pyopenssl)))
1137 (home-page "https://service-identity.readthedocs.io/")
1138 (synopsis "Service identity verification for PyOpenSSL")
1139 (description
1140 "@code{service_identity} aspires to give you all the tools you need
1141for verifying whether a certificate is valid for the intended purposes.
1142In the simplest case, this means host name verification. However,
1143service_identity implements RFC 6125 fully and plans to add other
1144relevant RFCs too.")
1145 (license license:expat)))
1146
1147(define-public python2-service-identity
1148 (package-with-python2 python-service-identity))
0a90c789
LF		 1149
1150(define-public python-hkdf
1151 (package
1152 (name "python-hkdf")
1153 (version "0.0.3")
1154 (source
1155 (origin
1156 (method url-fetch)
1157 (uri (pypi-uri "hkdf" version))
1158 (sha256
1159 (base32
1160 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1161 (build-system python-build-system)
1162 (native-inputs
1163 `(("python-nose" ,python-nose)))
1164 (home-page "https://github.com/casebeer/python-hkdf")
1165 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1166 (description "This package provides a Python implementation of the HMAC Key
1167Derivation function (HKDF) defined in RFC 5869.")
1168 (license license:bsd-2)))
fc681a18
LF		 1169
1170(define-public python-spake2
1171 (package
1172 (name "python-spake2")
1173 (version "0.8")
1174 (source
1175 (origin
1176 (method url-fetch)
1177 (uri (pypi-uri "spake2" version))
1178 (sha256
1179 (base32
1180 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1181 (build-system python-build-system)
1182 (propagated-inputs
1183 `(("python-hkdf" ,python-hkdf)))
1184 (home-page "https://github.com/warner/python-spake2")
1185 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1186 (description "This package provides a Python implementation of the SPAKE2
1187Password-Authenticated Key Exchange algorithm.")
1188 (license license:expat)))
215f3db0
LF		 1189
1190(define-public python-txtorcon
1191 (package
1192 (name "python-txtorcon")
1193 (version "19.0.0")
1194 (source
1195 (origin
1196 (method url-fetch)
1197 (uri (pypi-uri "txtorcon" version))
1198 (sha256
1199 (base32
1200 "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p"))))
1201 (build-system python-build-system)
1202 (arguments
1203 ;; The tests fail immediately due to a missing file. Reported upstream:
1204 ;; <https://github.com/meejah/txtorcon/issues/330>
1205 `(#:tests? #f))
1206 (propagated-inputs
1207 `(("python-automat" ,python-automat)
1208 ("python-idna" ,python-idna)
1209 ("python-incremental" ,python-incremental)
1210 ("python-ipaddress" ,python-ipaddress)
1211 ("python-service-identity" ,python-service-identity)
1212 ("python-twisted" ,python-twisted)
1213 ("python-zope-interface" ,python-zope-interface)))
1214 (home-page "https://github.com/meejah/txtorcon")
1215 (synopsis "Twisted-based Tor controller client")
1216 (description "This package provides a Twisted-based Tor controller client,
1217with state-tracking and configuration abstractions.")
1218 (license license:expat)))
93953ec7
GLV		 1219
1220(define-public python-keyutils
1221 (package
1222 (name "python-keyutils")
1223 (version "0.6")
1224 (source
1225 (origin
1226 (method url-fetch)
1227 (uri (pypi-uri "keyutils" version))
1228 (sha256
1229 (base32
1230 "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9"))))
1231 (build-system python-build-system)
1232 (native-inputs
1233 `(("python-pytest" ,python-pytest)
1234 ("python-pytest-runner" ,python-pytest-runner)))
1235 (inputs
1236 `(("keyutils" ,keyutils)))
1237 (arguments
1238 '(#:tests? #f))
1239 (home-page "https://github.com/sassoftware/python-keyutils")
1240 (synopsis "Python bindings for keyutils")
1241 (description
1242 "This is a set of python bindings for keyutils, a key management suite
1243that leverages the infrastructure provided by the Linux kernel for safely
a806b0b0 1244storing and retrieving sensitive information in your programs.")
93953ec7 1245 (license license:asl2.0)))
1f15cbc8
CL		 1246
1247(define-public python-mcuboot-imgtool
1248 (package
1249 (name "python-mcuboot-imgtool")
1250 (version "1.4.0")
1251 (source
1252 (origin
1253 (method git-fetch)
1254 (uri (git-reference
1255 (url "https://github.com/JuulLabs-OSS/mcuboot")
1256 (commit (string-append "v" version))))
1257 (file-name (git-file-name name version))
1258 (sha256
1259 (base32
1260 "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q"))))
1261 (build-system python-build-system)
1262 (arguments
1263 `(#:phases
1264 (modify-phases %standard-phases
1265 (add-after 'unpack 'fix-broken-test
1266 (lambda _
1267 (substitute* "scripts/imgtool/keys/ed25519_test.py"
1268 (("raw_sign") "sign_digest"))
1269 #t))
1270 (add-before 'build 'change-directory
1271 (lambda _
1272 (chdir "scripts")
1273 #t)))))
1274 (propagated-inputs
1275 `(("python-click" ,python-click)
1276 ("python-intelhex" ,python-intelhex)
1277 ("python-cryptography" ,python-cryptography)))
1278 (home-page "https://mcuboot.com")
1279 (synopsis "Tool to securely sign firmware images for booting by MCUboot")
1280 (description "MCUboot is a secure bootloader for 32-bit MCUs. This
1281package provides a tool to securely sign firmware images for booting by
1282MCUboot.")
1283 (license license:expat)))
83feb3d0 1284
163997c9
AT		 1285(define-public python-ntlm-auth
1286 (package
1287 (name "python-ntlm-auth")
1288 (version "1.4.0")
1289 (source
1290 (origin
1291 (method url-fetch)
1292 (uri (pypi-uri "ntlm-auth" version))
1293 (sha256
1294 (base32
1295 "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm"))))
1296 (build-system python-build-system)
1297 (propagated-inputs
1298 `(("python-cryptography" ,python-cryptography)))
1299 (home-page "https://github.com/jborean93/ntlm-auth")
1300 (synopsis
1301 "Calculates NTLM Authentication codes")
1302 (description
1303 "This library handles the low-level details of NTLM authentication for
1304use in authenticating with a service that uses NTLM. It will create and parse
1305the 3 different message types in the order required and produce a base64
1306encoded value that can be attached to the HTTP header.
1307
1308The goal of this library is to offer full NTLM support including signing and
1309sealing of messages as well as supporting MIC for message integrity and the
1310ability to customise and set limits on the messages sent. Please see Features
1311and Backlog for a list of what is and is not currently supported.")
1312 (license license:expat)))
1313
4ee1ea76
EF		 1314(define-public python-secretstorage
1315 (package
1316 (name "python-secretstorage")
1317 (version "3.1.2")
1318 (source
1319 (origin
1320 (method url-fetch)
1321 (uri (pypi-uri "SecretStorage" version))
1322 (sha256
1323 (base32
1324 "1xmzr0j3066s220bss4nkgqbiwb5k4kkp2rkpqlqwjb5kfc8mnhm"))))
1325 (build-system python-build-system)
1326 (arguments
1327 '(#:tests? #f)) ; Tests require a running dbus service.
1328 (propagated-inputs
1329 `(("python-cryptography" ,python-cryptography)
1330 ("python-jeepney" ,python-jeepney)))
1331 (home-page "https://github.com/mitya57/secretstorage")
1332 (synopsis "Python bindings to FreeDesktop.org Secret Service API")
1333 (description
1334 "@code{python-secretstorage} provides a way for securely storing passwords
1335and other secrets. It uses D-Bus Secret Service API that is supported by GNOME
1336Keyring (since version 2.30) and KSecretsService. SecretStorage supports most
1337of the functions provided by Secret Service, including creating and deleting
1338items and collections, editing items, locking and unlocking collections
1339(asynchronous unlocking is also supported).")
1340 (license license:bsd-3)))
1341
83feb3d0
EF		 1342(define-public python-jeepney
1343 (package
1344 (name "python-jeepney")
1345 (version "0.4.2")
1346 (source
1347 (origin
1348 (method url-fetch)
1349 (uri (pypi-uri "jeepney" version))
1350 (sha256
1351 (base32
1352 "1fz9lb5fl831sijg2j0sbki698j2z6awbblas7mz3gp9jz2xi9hb"))))
1353 (build-system python-build-system)
1354 (native-inputs
1355 `(("python-testpath" ,python-testpath)
1356 ("python-tornado" ,python-tornado)
1357 ("python-pytest" ,python-pytest)))
1358 (home-page "https://gitlab.com/takluyver/jeepney")
1359 (synopsis "Low-level, pure Python DBus protocol wrapper")
1360 (description
1361 "This is a low-level, pure Python DBus protocol client. It has an
1362I/O-free core, and integration modules for different event loops.")
1363 (license license:expat)))
08310637
EF		 1364
1365(define-public python-argon2-cffi
1366 (package
1367 (name "python-argon2-cffi")
1368 (version "19.2.0")
1369 (source
1370 (origin
1371 (method url-fetch)
1372 (uri (pypi-uri "argon2-cffi" version))
1373 (sha256
1374 (base32
1375 "18xxfw30gi3lwaz4vwb05iavzlrk3fa1x9fippzrgd3px8z65apz"))
1376 (modules '((guix build utils)))
1377 (snippet '(begin (delete-file-recursively "extras") #t))))
1378 (build-system python-build-system)
1379 (arguments
1380 '(#:phases
1381 (modify-phases %standard-phases
1382 (replace 'build
1383 (lambda _
1384 (setenv "ARGON2_CFFI_USE_SYSTEM" "1")
1385 (invoke "python" "setup.py" "build")))
1386 (replace 'check
1387 (lambda* (#:key inputs outputs #:allow-other-keys)
1388 (add-installed-pythonpath inputs outputs)
1389 (invoke "pytest")
1390 (invoke "python" "-m" "argon2" "--help")
1391 ;; see tox.ini
1392 (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1"))))))
1393 (propagated-inputs
1394 `(("python-cffi" ,python-cffi)
1395 ("python-six" ,python-six)))
1396 (inputs `(("argon2" ,argon2)))
1397 (native-inputs
1398 `(("python-hypothesis" ,python-hypothesis)
1399 ("python-pytest" ,python-pytest)))
1400 (home-page "https://argon2-cffi.readthedocs.io/")
1401 (synopsis "Secure Password Hashes for Python")
1402 (description
1403 "Argon2 is a secure password hashing algorithm. It is designed to have
1404both a configurable runtime as well as memory consumption. This means that you
1405can decide how long it takes to hash a password and how much memory is required.")
1406 (license license:expat)))
0a124c46
EF		 1407
1408(define-public python-privy
1409 (package
1410 (name "python-privy")
1411 (version "6.0.0")
1412 (source
1413 (origin
1414 (method git-fetch)
1415 (uri (git-reference
1416 ;; Releases are untagged
1417 (url "https://github.com/ofek/privy")
1418 (commit "2838db3df239797c71bddacc48a4c49a83f35747")))
1419 (file-name (git-file-name name version))
1420 (sha256
1421 (base32
1422 "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9"))))
1423 (build-system python-build-system)
1424 (arguments
1425 '(#:phases
1426 (modify-phases %standard-phases
1427 (replace 'check
1428 (lambda _
1429 (invoke "python" "-m" "pytest"))))))
1430 (native-inputs
1431 `(("python-pytest" ,python-pytest)))
1432 (propagated-inputs
1433 `(("python-argon2-cffi" ,python-argon2-cffi)
1434 ("python-cryptography" ,python-cryptography)))
1435 (home-page "https://www.dropbox.com/developers")
1436 (synopsis "Library to password-protect your data")
1437 (description
1438 "Privy is a small and fast utility for password-protecting secret
1439data such as API keys, cryptocurrency wallets, or seeds for digital
1440signatures.")
1441 (license (list license:expat license:asl2.0)))) ; dual licensed
jackhill's copy of GNU Guix: https://guix.gnu.org/