HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: rust-void: Don't include minor version in variable name.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
263ea4eb 3;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
55e51b66 5;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com>
cc6f4912
LC		 6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
ceb5b11b 11;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
3c986a7d 12;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
74f01758 16;;; Copyright © 2016, 2017, 2020 Arun Isaac <arunisaac@systemreboot.net>
cc6f4912 17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
93953ec7 22;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
1f15cbc8 23;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org>
f8dcdf2b 24;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
1b11e894 25;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org>
cc6f4912
LC		 26;;;
27;;; This file is part of GNU Guix.
28;;;
29;;; GNU Guix is free software; you can redistribute it and/or modify it
30;;; under the terms of the GNU General Public License as published by
31;;; the Free Software Foundation; either version 3 of the License, or (at
32;;; your option) any later version.
33;;;
34;;; GNU Guix is distributed in the hope that it will be useful, but
35;;; WITHOUT ANY WARRANTY; without even the implied warranty of
36;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
37;;; GNU General Public License for more details.
38;;;
39;;; You should have received a copy of the GNU General Public License
40;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
41
42(define-module (gnu packages python-crypto)
43 #:use-module (guix packages)
44 #:use-module (guix download)
45 #:use-module (guix git-download)
46 #:use-module (guix build-system python)
47 #:use-module (gnu packages)
ac257f12 48 #:use-module (gnu packages check)
b95c17c5 49 #:use-module (gnu packages crypto)
f8dcdf2b 50 #:use-module (gnu packages kerberos)
cc6f4912
LC		 51 #:use-module (gnu packages libffi)
52 #:use-module (gnu packages multiprecision)
08310637 53 #:use-module (gnu packages password-utils)
cc6f4912
LC		 54 #:use-module (gnu packages protobuf)
55 #:use-module (gnu packages python)
6fedf6f2 56 #:use-module (gnu packages python-check)
cb91f6ae 57 #:use-module (gnu packages python-web)
44d10b1f 58 #:use-module (gnu packages python-xyz)
33dc54b0 59 #:use-module (gnu packages time)
cc6f4912
LC		 60 #:use-module (gnu packages tls)
61 #:use-module ((guix licenses) #:prefix license:)
62 #:use-module (srfi srfi-1))
63
cef6dc64
NG		 64(define-public python-base58
65 (package
66 (name "python-base58")
ceb5b11b 67 (version "1.0.3")
cef6dc64
NG		 68 (source
69 (origin
70 (method url-fetch)
71 (uri (pypi-uri "base58" version))
72 (sha256
73 (base32
ceb5b11b 74 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 75 (build-system python-build-system)
76 (native-inputs
77 `(("python-pyhamcrest" ,python-pyhamcrest)))
78 (home-page "https://github.com/keis/base58")
79 (synopsis "Base58 and Base58Check implementation")
80 (description "Base58 and Base58Check implementation compatible
81with what is used by the Bitcoin network.")
82 (license license:expat)))
83
7c16af46
MB		 84(define-public python-bcrypt
85 (package
86 (name "python-bcrypt")
b5cb4624 87 (version "3.1.7")
7c16af46
MB		 88 (source
89 (origin
90 (method url-fetch)
91 (uri (pypi-uri "bcrypt" version))
92 (sha256
b5cb4624 93 (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b"))))
7c16af46
MB		 94 (build-system python-build-system)
95 (native-inputs
96 `(("python-pycparser" ,python-pycparser)
97 ("python-pytest" ,python-pytest)))
98 (propagated-inputs
99 `(("python-cffi" ,python-cffi)
100 ("python-six" ,python-six)))
101 (home-page "https://github.com/pyca/bcrypt/")
102 (synopsis
103 "Modern password hashing library")
104 (description
105 "Bcrypt is a Python module which provides a password hashing method based
106on the Blowfish password hashing algorithm, as described in
107@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
108Password Scheme\"} by Niels Provos and David Mazieres.")
109 (license license:asl2.0)))
110
111(define-public python2-bcrypt
112 (package-with-python2 python-bcrypt))
113
cc6f4912
LC		 114(define-public python-passlib
115 (package
116 (name "python-passlib")
aadd107d 117 (version "1.7.2")
cc6f4912
LC		 118 (source
119 (origin
120 (method url-fetch)
121 (uri (pypi-uri "passlib" version))
122 (sha256
aadd107d 123 (base32 "1a5ngap7kq0b4azq8nlfg6xg5bcl1i0v1sbynhmbr631jgpnqrld"))))
cc6f4912
LC		 124 (build-system python-build-system)
125 (native-inputs
126 `(("python-nose" ,python-nose)))
127 (propagated-inputs
128 `(("python-py-bcrypt" ,python-py-bcrypt)))
129 (arguments
130 `(#:phases
131 (modify-phases %standard-phases
132 (add-before 'check 'set-PYTHON_EGG_CACHE
133 ;; some tests require access to "$HOME/.cython"
134 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
135 (home-page "https://bitbucket.org/ecollins/passlib")
aadd107d 136 (synopsis "Comprehensive password hashing framework")
cc6f4912
LC		 137 (description
138 "Passlib is a password hashing library for Python 2 & 3, which provides
139cross-platform implementations of over 30 password hashing algorithms, as well
140as a framework for managing existing password hashes. It's designed to be
141useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
142to providing full-strength password hashing for multi-user application.")
143 (license license:bsd-3)))
144
145(define-public python2-passlib
146 (package-with-python2 python-passlib))
147
148(define-public python-py-bcrypt
149 (package
150 (name "python-py-bcrypt")
151 (version "0.4")
152 (source
153 (origin
154 (method url-fetch)
27864e7c 155 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 156 (sha256
157 (base32
158 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
159 (build-system python-build-system)
160 (home-page "https://code.google.com/p/py-bcrypt")
161 (synopsis
162 "Bcrypt password hashing and key derivation")
163 (description
164 "A python wrapper of OpenBSD's Blowfish password hashing code. This
165system hashes passwords using a version of Bruce Schneier's Blowfish block
166cipher with modifications designed to raise the cost of off-line password
167cracking and frustrate fast hardware implementation. The computation cost of
3defa90d 168the algorithm is parametrised, so it can be increased as computers get faster.
cc6f4912
LC		 169The intent is to make a compromise of a password database less likely to
170result in an attacker gaining knowledge of the plaintext passwords (e.g. using
171John the Ripper).")
172 ;; "sha2.c" is under BSD-3;
173 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
174 ;; the rest is under ISC.
175 (license (list license:isc license:bsd-3 license:bsd-4))))
176
177(define-public python2-py-bcrypt
178 (package-with-python2 python-py-bcrypt))
179
e64088f0
VC		 180(define-public python-pyblake2
181 (package
182 (name "python-pyblake2")
183 (version "1.1.2")
184 (source
185 (origin
186 (method url-fetch)
187 (uri (pypi-uri "pyblake2" version))
188 (sha256
189 (base32
190 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
191 (build-system python-build-system)
192 (home-page "https://github.com/dchest/pyblake2")
193 (synopsis "BLAKE2 hash function for Python")
194 (description "BLAKE2 is a cryptographic hash function, which offers
195stronger security while being as fast as MD5 or SHA-1, and comes in two
196flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
197of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
19832-bit platforms and produces digests of any size between 1 and 32 bytes.
199
200This package provides a Python interface for BLAKE2.")
201 ;; The COPYING file declares it as public domain, with the option to
202 ;; alternatively use and redistribute it under a variety of permissive
203 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
204 (license (list license:public-domain license:cc0))))
205
cc6f4912
LC		 206(define-public python-paramiko
207 (package
208 (name "python-paramiko")
784dadc0 209 (version "2.7.1")
cc6f4912
LC		 210 (source
211 (origin
212 (method url-fetch)
213 (uri (pypi-uri "paramiko" version))
214 (sha256
215 (base32
784dadc0 216 "17wx8lkhqxmddfdq7z7x45xqq2w3gwa974hpq1n3y0dqbn4r414j"))))
cc6f4912
LC		 217 (build-system python-build-system)
218 (arguments
8e84eb68
MB		 219 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
220 #:tests? #f))
cc6f4912 221 (propagated-inputs
2fbc38e3
LF		 222 `(("python-bcrypt" ,python-bcrypt)
223 ("python-pyasn1" ,python-pyasn1)
224 ("python-pynacl" ,python-pynacl)
cc6f4912 225 ("python-cryptography" ,python-cryptography)))
101ad242 226 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 227 (synopsis "SSHv2 protocol library")
228 (description "Paramiko is a python implementation of the SSHv2 protocol,
229providing both client and server functionality. While it leverages a Python C
230extension for low level cryptography (PyCrypto), Paramiko itself is a pure
231Python interface around SSH networking concepts.")
232 (license license:lgpl2.1+)))
233
234(define-public python2-paramiko
235 (package-with-python2 python-paramiko))
236
237(define-public python-ecdsa
238 (package
239 (name "python-ecdsa")
c57b8419 240 (version "0.14.1")
cc6f4912
LC		 241 (source
242 (origin
243 (method url-fetch)
86228e56 244 (uri (pypi-uri "ecdsa" version))
cc6f4912 245 (sha256
c57b8419 246 (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4"))))
cc6f4912 247 (build-system python-build-system)
92fe2513
EF		 248 (arguments
249 '(#:phases
250 (modify-phases %standard-phases
251 (replace 'check
252 (lambda _ (invoke "pytest"))))))
c57b8419
EF		 253 (propagated-inputs
254 `(("python-six" ,python-six)))
255 (native-inputs
92fe2513
EF		 256 `(("openssl" ,openssl)
257 ("python-pytest" ,python-pytest)))
9cd100b6
TGR		 258 (home-page "https://github.com/warner/python-ecdsa")
259 (synopsis "ECDSA cryptographic signature library (pure python)")
cc6f4912
LC		 260 (description
261 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
262Curve Digital Signature Algorithm), implemented purely in Python. With this
263library, you can quickly create keypairs (signing key and verifying key), sign
264messages, and verify the signatures. The keys and signatures are very short,
265making them easy to handle and incorporate into other protocols.")
266 (license license:expat)))
267
268(define-public python2-ecdsa
269 (package-with-python2 python-ecdsa))
270
271;;; Pycrypto is abandoned upstream:
272;;;
273;;; https://github.com/dlitz/pycrypto/issues/173
274;;;
275;;; TODO Remove this package from GNU Guix.
276(define-public python-pycrypto
277 (package
278 (name "python-pycrypto")
279 (version "2.6.1")
280 (source
281 (origin
282 (method url-fetch)
283 (uri (pypi-uri "pycrypto" version))
2a2a9878
MB		 284 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"
285 "python-pycrypto-time-clock.patch"))
cc6f4912
LC		 286 (sha256
287 (base32
288 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
289 (build-system python-build-system)
290 (inputs
291 `(("python" ,python)
292 ("gmp" ,gmp)))
293 (arguments
294 `(#:phases
295 (modify-phases %standard-phases
296 (add-before 'build 'set-build-env
297 ;; pycrypto runs an autoconf configure script behind the scenes
298 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
52888f52 299 (home-page "https://www.dlitz.net/software/pycrypto/")
cc6f4912
LC		 300 (synopsis "Cryptographic modules for Python")
301 (description
302 "Pycrypto is a collection of both secure hash functions (such as SHA256
303and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
304etc.). The package is structured to make adding new modules easy.")
305 (license license:public-domain)))
306
307(define-public python2-pycrypto
308 (let ((pycrypto (package-with-python2 python-pycrypto)))
309 (package (inherit pycrypto)
310 (inputs
311 `(("python" ,python-2)
312 ,@(alist-delete
313 "python"
314 (package-inputs pycrypto)))))))
315
f8dcdf2b
AT		 316(define-public python-kerberos
317 (package
318 (name "python-kerberos")
319 (version "1.3.0")
320 (source
321 (origin
322 (method url-fetch)
323 (uri (pypi-uri "kerberos" version))
324 (sha256
325 (base32
326 "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh"))))
327 (build-system python-build-system)
328 (inputs
329 `(("mit-krb5" ,mit-krb5)))
330 (home-page "https://github.com/apple/ccs-pykerberos")
331 (synopsis
332 "Python Kerberos library used by CalendarServer")
333 (description
334 "This Python package is a high-level wrapper for Kerberos (GSSAPI)
335operations. The goal is to avoid having to build a module that wraps the
336entire Kerberos.framework, and instead offer a limited set of functions that
337do what is needed for client/server Kerberos authentication based on
338<http://www.ietf.org/rfc/rfc4559.txt>.")
339 (license license:asl2.0)))
340
cc6f4912
LC		 341(define-public python-keyring
342 (package
343 (name "python-keyring")
6fedf6f2 344 (version "21.0.0")
cc6f4912
LC		 345 (source
346 (origin
347 (method url-fetch)
348 (uri (pypi-uri "keyring" version))
349 (sha256
350 (base32
6fedf6f2
EF		 351 "1k0w3yh3fz0qp0cvkxdiinq9jzbrnc6bd88qpjz34x3cgcr94psz"))
352 (modules '((guix build utils)))
353 (snippet
354 ;; https://github.com/jaraco/keyring/issues/414
355 '(begin (substitute* "tests/test_packaging.py"
356 (("ep, =") "(ep,) =")) #t))))
cc6f4912 357 (build-system python-build-system)
6fedf6f2
EF		 358 (arguments
359 `(#:phases
360 (modify-phases %standard-phases
361 (replace 'check
362 (lambda _
363 ;; Not clear why this test fails.
364 (delete-file "tests/test_packaging.py")
365 (substitute* "pytest.ini"
366 (("--black ") ""))
367 (invoke "pytest"))))))
cc6f4912 368 (native-inputs
770b1d65 369 `(("python-pytest" ,python-pytest)
6fedf6f2
EF		 370 ("python-pytest-checkdocs" ,python-pytest-checkdocs)
371 ("python-pytest-cov" ,python-pytest-cov)
372 ("python-pytest-flake8" ,python-pytest-flake8)
770b1d65 373 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912 374 (propagated-inputs
6fedf6f2
EF		 375 `(("python-importlib-metadata" ,python-importlib-metadata)
376 ("python-secretstorage" ,python-secretstorage)))
cc6f4912
LC		 377 (home-page "https://github.com/jaraco/keyring")
378 (synopsis "Store and access your passwords safely")
379 (description
380 "The Python keyring lib provides a easy way to access the system keyring
381service from python. It can be used in any application that needs safe
382password storage.")
383 ;; "MIT" and PSF dual license
6fedf6f2 384 (properties `((python2-variant . ,(delay python2-keyring))))
cc6f4912
LC		 385 (license license:x11)))
386
387(define-public python2-keyring
6fedf6f2
EF		 388 (let ((keyring (package-with-python2
389 (strip-python2-variant python-keyring))))
390 (package
391 (inherit keyring)
392 (name "python2-keyring")
393 (version "8.7")
394 (source
395 (origin
396 (method url-fetch)
397 (uri (pypi-uri "keyring" version))
398 (sha256
399 (base32
400 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
401 (arguments
402 `(#:python ,python-2))
403 (native-inputs
404 `(("python2-pytest" ,python2-pytest)
405 ("python2-pytest-runner" ,python2-pytest-runner)
406 ("python2-setuptools-scm" ,python2-setuptools-scm)))
407 (propagated-inputs
408 `(("python2-pycrypto" ,python2-pycrypto))))))
cc6f4912 409
9a684b40
EF		 410(define-public python-keyrings.alt
411 (package
412 (name "python-keyrings.alt")
413 (version "3.4.0")
414 (source
415 (origin
416 (method url-fetch)
417 (uri (pypi-uri "keyrings.alt" version))
418 (sha256
419 (base32
420 "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli"))
421 (modules '((guix build utils)))
422 (snippet
423 '(begin
424 (delete-file "keyrings/alt/_win_crypto.py")
425 ;; Rely on python-keyring>20:
426 ;; https://github.com/jaraco/keyrings.alt/issues/33
427 (substitute* '("keyrings/alt/tests/test_Gnome.py"
428 "keyrings/alt/tests/test_Google.py"
429 "keyrings/alt/tests/test_Windows.py"
430 "keyrings/alt/tests/test_file.py"
431 "keyrings/alt/tests/test_pyfs.py")
432 (("keyring.tests.test_backend") "keyring.testing.backend")
433 (("keyring.tests.util") "keyring.testing.util"))
434 #t))))
435 (build-system python-build-system)
436 (native-inputs
437 `(("python-keyring" ,python-keyring)
438 ("python-pytest" ,python-pytest)
439 ("python-setuptools-scm" ,python-setuptools-scm)))
440 (home-page "https://github.com/jaraco/keyrings.alt")
441 (synopsis "Alternate keyring implementations")
442 (description "Keyrings in this package may have security risks or other
443implications. These backends were extracted from the main keyring project to
444make them available for those who wish to employ them, but are discouraged for
445general production use. Include this module and use its backends at your own
446risk.")
447 (license license:expat)))
448
cc6f4912
LC		 449(define-public python-certifi
450 (package
451 (name "python-certifi")
ee3a5e07 452 (version "2020.4.5.1")
cc6f4912
LC		 453 (source (origin
454 (method url-fetch)
455 (uri (pypi-uri "certifi" version))
456 (sha256
457 (base32
ee3a5e07 458 "06b5gfs7wmmipln8f3z928d2mmx2j4b3x7pnqmj6cvmyfh8v7z2i"))))
cc6f4912 459 (build-system python-build-system)
ee3a5e07 460 (arguments '(#:tests? #f)) ;no tests
cc6f4912
LC		 461 (home-page "https://certifi.io/")
462 (synopsis "Python CA certificate bundle")
463 (description
464 "Certifi is a Python library that contains a CA certificate bundle, which
465is used by the Requests library to verify HTTPS requests.")
466 (license license:asl2.0)))
467
468(define-public python2-certifi
469 (package-with-python2 python-certifi))
470
471(define-public python-cryptography-vectors
472 (package
473 (name "python-cryptography-vectors")
6144e2d7 474 (version "2.9.2")
cc6f4912
LC		 475 (source
476 (origin
477 (method url-fetch)
478 (uri (pypi-uri "cryptography_vectors" version))
479 (sha256
480 (base32
6144e2d7 481 "1d4iykcv7cn9j399hczlxm5pzxmqy6d80h3j16dkjwlmv3293b4r"))))
cc6f4912
LC		 482 (build-system python-build-system)
483 (home-page "https://github.com/pyca/cryptography")
484 (synopsis "Test vectors for the cryptography package")
485 (description
486 "This package contains test vectors for the cryptography package.")
487 ;; Distributed under either BSD-3 or ASL2.0
488 (license (list license:bsd-3 license:asl2.0))))
489
490(define-public python2-cryptography-vectors
491 (package-with-python2 python-cryptography-vectors))
492
493(define-public python-cryptography
494 (package
495 (name "python-cryptography")
6144e2d7 496 (version "2.9.2")
cc6f4912
LC		 497 (source
498 (origin
499 (method url-fetch)
500 (uri (pypi-uri "cryptography" version))
501 (sha256
502 (base32
6144e2d7 503 "0af25w5mkd6vwns3r6ai1w5ip9xp0ms9s261zzssbpadzdr05hx0"))))
cc6f4912
LC		 504 (build-system python-build-system)
505 (inputs
506 `(("openssl" ,openssl)))
507 (propagated-inputs
508 `(("python-asn1crypto" ,python-asn1crypto)
509 ("python-cffi" ,python-cffi)
510 ("python-six" ,python-six)
511 ("python-idna" ,python-idna)
512 ("python-iso8601" ,python-iso8601)))
513 (native-inputs
514 `(("python-cryptography-vectors" ,python-cryptography-vectors)
515 ("python-hypothesis" ,python-hypothesis)
516 ("python-pretend" ,python-pretend)
517 ("python-pytz" ,python-pytz)
2dd12924 518 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 519 (home-page "https://github.com/pyca/cryptography")
520 (synopsis "Cryptographic recipes and primitives for Python")
521 (description
522 "cryptography is a package which provides cryptographic recipes and
523primitives to Python developers. It aims to be the “cryptographic standard
524library” for Python. The package includes both high level recipes, and low
525level interfaces to common cryptographic algorithms such as symmetric ciphers,
526message digests and key derivation functions.")
527 ;; Distributed under either BSD-3 or ASL2.0
528 (license (list license:bsd-3 license:asl2.0))
529 (properties `((python2-variant . ,(delay python2-cryptography))))))
530
531(define-public python2-cryptography
532 (let ((crypto (package-with-python2
533 (strip-python2-variant python-cryptography))))
534 (package (inherit crypto)
535 (propagated-inputs
536 `(("python2-ipaddress" ,python2-ipaddress)
537 ("python2-backport-ssl-match-hostname"
538 ,python2-backport-ssl-match-hostname)
539 ("python2-enum34" ,python2-enum34)
540 ,@(package-propagated-inputs crypto))))))
541
542(define-public python-pyopenssl
543 (package
544 (name "python-pyopenssl")
da1eb6db 545 (version "19.1.0")
cc6f4912
LC		 546 (source
547 (origin
548 (method url-fetch)
549 (uri (pypi-uri "pyOpenSSL" version))
550 (sha256
551 (base32
da1eb6db 552 "01wmsq6w0frzbr3zps4ga9kmqjidp2h317jwpq1g9ah24r5lj94s"))))
cc6f4912
LC		 553 (build-system python-build-system)
554 (arguments
555 '(#:phases
556 (modify-phases %standard-phases
557 (delete 'check)
558 (add-after 'install 'check
559 (lambda* (#:key inputs outputs #:allow-other-keys)
560 (add-installed-pythonpath inputs outputs)
55e51b66
MB		 561 ;; PyOpenSSL runs tests against a certificate with a fixed
562 ;; expiry time. To ensure successful builds in the future,
563 ;; set the time to roughly the release date.
564 (invoke "faketime" "2019-01-01" "py.test" "-v" "-k"
c6e33df9
RW		 565 (string-append
566 ;; This test tries to look up certificates from
567 ;; the compiled-in default path in OpenSSL, which
568 ;; does not exist in the build environment.
569 "not test_fallback_default_verify_paths "
570 ;; This test attempts to make a connection to
571 ;; an external web service.
572 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 573 (propagated-inputs
574 `(("python-cryptography" ,python-cryptography)
575 ("python-six" ,python-six)))
576 (inputs
577 `(("openssl" ,openssl)))
578 (native-inputs
55e51b66
MB		 579 `(("libfaketime" ,libfaketime)
580 ("python-flaky" ,python-flaky)
cc6f4912 581 ("python-pretend" ,python-pretend)
2dd12924 582 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 583 (home-page "https://github.com/pyca/pyopenssl")
584 (synopsis "Python wrapper module around the OpenSSL library")
585 (description
586 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
587library.")
588 (license license:asl2.0)))
589
590(define-public python2-pyopenssl
591 (package-with-python2 python-pyopenssl))
592
579b4362
DM		 593(define-public python-ed25519
594 (package
595 (name "python-ed25519")
596 (version "1.4")
597 (source
598 (origin
599 (method url-fetch)
600 (uri (pypi-uri "ed25519" version))
601 (sha256
602 (base32
603 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
604 (build-system python-build-system)
605 (home-page "https://github.com/warner/python-ed25519")
606 (synopsis "Ed25519 public-key signatures")
607 (description "Ed25519 public-key signatures")
608 (license license:expat)))
609
610(define-public python2-ed25519
611 (package-with-python2 python-ed25519))
612
cc6f4912
LC		 613(define-public python-axolotl-curve25519
614 (package
615 (name "python-axolotl-curve25519")
74f01758 616 (version "0.4.1.post2")
cc6f4912
LC		 617 (source
618 (origin
74f01758
AI		 619 (method url-fetch)
620 (uri (pypi-uri "python-axolotl-curve25519" version))
cc6f4912
LC		 621 (sha256
622 (base32
74f01758 623 "18v3rfyv7xi26fb97nw1xc0l6x8wi0i4xj8dlq4gblpbjxiac187"))))
cc6f4912 624 (build-system python-build-system)
cc6f4912
LC		 625 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
626 (synopsis "Python wrapper for curve25519 library")
627 (description "This is a python wrapper for the curve25519 library
628with ed25519 signatures. The C code was pulled from
629libaxolotl-android. At the moment this wrapper is meant for use by
630python-axolotl.")
631 (license (list license:gpl3 ; Most files
632 license:bsd-3)))) ; curve/curve25519-donna.c
633
634(define-public python2-axolotl-curve25519
635 (package-with-python2 python-axolotl-curve25519))
636
637(define-public python-axolotl
638 (package
639 (name "python-axolotl")
b578168f 640 (version "0.2.3")
cc6f4912
LC		 641 (source
642 (origin
b578168f
AI		 643 (method url-fetch)
644 (uri (pypi-uri "python-axolotl" version))
cc6f4912 645 (sha256
b578168f
AI		 646 (base32
647 "1bwdp24fmriffwx91aigs9k162albb51iskp23nc939z893q23py"))))
cc6f4912
LC		 648 (build-system python-build-system)
649 (arguments
650 `(#:phases
651 (modify-phases %standard-phases
652 ;; Don't install tests
653 (add-before 'install 'remove-tests
654 (lambda _
655 (for-each delete-file-recursively
656 '("axolotl/tests" "build/lib/axolotl/tests"))
657 #t)))))
658 (propagated-inputs
659 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
b578168f
AI		 660 ("python-cryptography" ,python-cryptography)
661 ("python-protobuf" ,python-protobuf)))
cc6f4912
LC		 662 (home-page "https://github.com/tgalal/python-axolotl")
663 (synopsis "Python port of libaxolotl-android")
664 (description "This is a python port of libaxolotl-android. This
665is a ratcheting forward secrecy protocol that works in synchronous and
666asynchronous messaging environments.")
667 (license license:gpl3)))
668
669(define-public python2-axolotl
670 (package-with-python2 python-axolotl))
671
672;; SlowAES isn't compatible with Python 3.
673(define-public python2-slowaes
674 (package
675 (name "python2-slowaes")
676 (version "0.1a1")
677 (source
678 (origin
679 (method url-fetch)
680 (uri (pypi-uri "slowaes" version))
681 (sha256
682 (base32
683 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
684 (build-system python-build-system)
685 (arguments `(#:python ,python-2))
686 (home-page "http://code.google.com/p/slowaes/")
687 (synopsis "Implementation of AES in Python")
688 (description "This package contains an implementation of AES in Python.
689This implementation is slow (hence the project name) but still useful when
690faster ones are not available.")
691 (license license:asl2.0)))
692
693(define-public python-pyaes
694 (package
695 (name "python-pyaes")
6de86fd5 696 (version "1.6.1")
cc6f4912
LC		 697 (source
698 (origin
699 (method url-fetch)
700 (uri (pypi-uri "pyaes" version))
701 (sha256
702 (base32
6de86fd5 703 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 704 (build-system python-build-system)
705 (home-page "https://github.com/ricmoo/pyaes")
706 (synopsis "Implementation of AES in Python")
707 (description "This package contains a pure-Python implementation of the
708AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
709ECB and OFB).")
710 (license license:expat)))
711
712(define-public python2-pyaes
713 (package-with-python2 python-pyaes))
b95c17c5
LC		 714
715(define-public python-asn1crypto
716 (package
717 (name "python-asn1crypto")
19f2a526 718 (version "0.24.0")
b95c17c5
LC		 719 (source
720 (origin
d3b7feb7
EF		 721 (method git-fetch)
722 (uri (git-reference
b0e7b699 723 (url "https://github.com/wbond/asn1crypto")
d3b7feb7
EF		 724 (commit version)))
725 (file-name (git-file-name name version))
b95c17c5
LC		 726 (sha256
727 (base32
19f2a526 728 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 729 (build-system python-build-system)
730 (home-page "https://github.com/wbond/asn1crypto")
731 (synopsis "ASN.1 parser and serializer in Python")
732 (description "asn1crypto is an ASN.1 parser and serializer with definitions
733for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
734PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
735 (license license:expat)))
736
737(define-public python2-asn1crypto
738 (package-with-python2 python-asn1crypto))
739
740(define-public python-pynacl
741 (package
742 (name "python-pynacl")
f5e3f02f 743 (version "1.4.0")
b95c17c5
LC		 744 (source
745 (origin
746 (method url-fetch)
747 (uri (pypi-uri "PyNaCl" version))
748 (modules '((guix build utils)))
f5e3f02f
MB		 749 (snippet
750 '(begin
751 ;; Remove spurious dependency on python-wheel, can be removed
752 ;; for 1.5.
753 (substitute* "setup.py"
754 (("\"wheel\"") ""))
755 ;; Remove bundled libsodium.
756 (delete-file-recursively "src/libsodium")
757 #t))
b95c17c5
LC		 758 (sha256
759 (base32
f5e3f02f 760 "01b56hxrbif3hx8l6rwz5kljrgvlbj7shmmd2rjh0hn7974a5sal"))))
b95c17c5
LC		 761 (build-system python-build-system)
762 (arguments
f5e3f02f
MB		 763 `(#:modules (,@%python-build-system-modules
764 (guix build utils)
765 (ice-9 ftw)
766 (srfi srfi-26))
767 #:phases
768 (modify-phases (@ (guix build python-build-system) %standard-phases)
b95c17c5
LC		 769 (add-before 'build 'use-system-sodium
770 (lambda _
771 (setenv "SODIUM_INSTALL" "system")
f5e3f02f
MB		 772 #t))
773 (replace 'check
774 (lambda _
775 (let ((build-directory
776 (car (scandir "build" (cut string-prefix? "lib" <>)))))
777 (setenv "PYTHONPATH"
778 (string-append "./build/" build-directory ":"
779 (getenv "PYTHONPATH")))
780 (invoke "pytest" "-vv")))))))
b95c17c5 781 (native-inputs
6969ad0e
LF		 782 `(("python-hypothesis" ,python-hypothesis)
783 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 784 (propagated-inputs
785 `(("python-cffi" ,python-cffi)
786 ("python-six" ,python-six)
787 ("libsodium" ,libsodium)))
788 (home-page "https://github.com/pyca/pynacl/")
789 (synopsis "Python bindings to libsodium")
790 (description
791 "PyNaCl is a Python binding to libsodium, which is a fork of the
792Networking and Cryptography library. These libraries have a stated goal
793of improving usability, security and speed.")
794 (license license:asl2.0)))
795
acc6e695
JL		 796(define-public python2-pynacl
797 (package-with-python2 python-pynacl))
798
b95c17c5
LC		 799(define-public python2-pgpdump
800 (package
801 (name "python2-pgpdump")
802 (version "1.5")
803 (source
804 (origin
805 (method url-fetch)
806 (uri (pypi-uri "pgpdump" version))
807 (sha256
808 (base32
809 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
810 (build-system python-build-system)
811
812 ;; Currently fails to build with Python 3.
813 (arguments `(#:python ,python-2))
814
815 (home-page "https://github.com/toofishes/python-pgpdump")
816 (synopsis "Python library for parsing PGP packets")
817 (description
818 "Python-pgpdump is an OpenPGP packet parser based on
819@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
820
821@itemize
822@item signature packets;
823@item public key packets;
824@item secret key packets;
825@item trust, user ID, and user attribute packets;
826@item ASCII-armor decoding and CRC check.
827@end itemize\n")
828 (license license:bsd-3)))
829
830(define-public python2-roca-detect
831 (package
832 (name "python2-roca-detect")
833 (version "1.0.8")
834 (source
835 (origin
836 (method url-fetch)
837 (uri (pypi-uri "roca-detect" version))
838 (sha256
839 (base32
840 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
841 (build-system python-build-system)
842 (native-inputs
843 ;; TODO: apk_parse_ph4, pyjks
844 `(("python2-dateutil" ,python2-dateutil)
845 ("python2-six" ,python2-six)
846 ("python2-cryptography" ,python2-cryptography)
847 ("python2-future" ,python2-future)
848 ("python2-coloredlogs" ,python2-coloredlogs)
849 ("python2-pgpdump" ,python2-pgpdump)))
850 (arguments
851 `(;; Basic testing routine is quite simple and works with Py3
852 ;; but the rest of the code that processes the different
853 ;; key formats and extracts the modulus for inspection is
854 ;; not yet fully py3 ready.
855 #:python ,python-2))
856 (home-page "https://github.com/crocs-muni/roca")
857 (synopsis "ROCA detection tool")
858 (description
859 "This tool is related to the paper entitled @i{Return of the
860Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
861enables you to test public RSA keys for a presence of the described
862vulnerability. Currently the tool supports the following key formats: X.509
863Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
864key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
865file, and more.")
866 (license license:gpl3)))
d0d5f726 867
3eca7ff9
EF		 868(define-public python-blurhash
869 (package
870 (name "python-blurhash")
871 (version "1.1.4")
872 (source
873 (origin
874 ;; Tests not included in pypi release and releases not tagged in git repo.
875 (method git-fetch)
876 (uri (git-reference
877 (url "https://github.com/halcy/blurhash-python")
878 (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8")))
879 (file-name (git-file-name name version))
880 (sha256
881 (base32
882 "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf"))))
883 (build-system python-build-system)
884 (arguments
885 '(#:phases
886 (modify-phases %standard-phases
887 (replace 'check
888 (lambda _
889 (delete-file "setup.cfg")
890 (invoke "pytest"))))))
891 (native-inputs
892 `(("python-numpy" ,python-numpy)
893 ("python-pillow" ,python-pillow)
894 ("python-pytest" ,python-pytest)))
895 (home-page "https://github.com/halcy/blurhash-python")
896 (synopsis
897 "Pure-Python implementation of the blurhash algorithm")
898 (description
899 "Pure-Python implementation of the blurhash algorithm.")
900 (license license:expat)))
901
d0d5f726
DM		 902(define-public python-ecpy
903 (package
904 (name "python-ecpy")
37da5813 905 (version "0.10.0")
d0d5f726
DM		 906 (source
907 (origin
908 (method url-fetch)
909 (uri (pypi-uri "ECPy" version))
910 (sha256
911 (base32
37da5813 912 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 913 (build-system python-build-system)
914 (propagated-inputs
915 `(("python-future" ,python-future)))
916 (home-page "https://github.com/ubinity/ECPy")
917 (synopsis "Pure Python Elliptic Curve Library")
918 (description "This package provides a Elliptic Curve Library in pure
919Python.")
920 (license license:asl2.0)))
921
922(define-public python2-ecpy
923 (package-with-python2 python-ecpy))
c1927129
LF		 924
925(define-public python-josepy
926 (package
927 (name "python-josepy")
205044b9 928 (version "1.1.0")
c1927129
LF		 929 (source (origin
930 (method url-fetch)
931 (uri (pypi-uri "josepy" version))
932 (sha256
933 (base32
205044b9 934 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 935 (build-system python-build-system)
936 (arguments
205044b9 937 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 938 '(#:tests? #f))
939 (propagated-inputs
940 `(("python-cryptography" ,python-cryptography)
941 ("python-pyopenssl" ,python-pyopenssl)
942 ("python-six" ,python-six)))
205044b9 943;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 944; (native-inputs
945; `(("python-coverage" ,python-coverage)
946; ("python-flake8" ,python-flake8)
947; ("python-isort" ,python-isort)
948; ("python-mock" ,python-mock)
205044b9 949; ("python-pytest" ,python-pytest)
c1927129
LF		 950; ("python-pytest-cov" ,python-pytest-cov)
951; ("python-pytest-cache" ,python-pytest-cache)
952; ("python-pytest-flake8" ,python-pytest-flake8)))
953 (home-page "https://github.com/certbot/josepy")
954 (synopsis "JOSE protocol implementation in Python")
955 (description "This package provides a Python implementation of the JOSE
956protocol (Javascript Object Signing and Encryption).")
957 (license license:asl2.0)))
958
959(define-public python2-josepy
960 (package-with-python2 python-josepy))
d32456d5
OP		 961
962(define-public python-pycryptodome
963 (package
964 (name "python-pycryptodome")
a62887d3 965 (version "3.7.3")
d32456d5
OP		 966 (source
967 (origin
968 (method url-fetch)
969 (uri (pypi-uri "pycryptodome" version))
970 (sha256
971 (base32
a62887d3 972 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 973 (build-system python-build-system)
974 (home-page "https://www.pycryptodome.org")
975 (synopsis "Cryptographic library for Python")
976 (description "This package provides a cryptographic library for Python.
977
978It brings the following enhancements with respect to the last official version
979of PyCrypto:
980
981@itemize
982@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
983@item Accelerated AES on Intel platforms via AES-NI
984@item First class support for PyPy
985@item Elliptic curves cryptography (NIST P-256 curve only)
986@item Better and more compact API (nonce and iv attributes for ciphers,
987automatic generation of random nonces and IVs, simplified CTR cipher mode, and
988more)
989@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
990@item Salsa20 and ChaCha20 stream ciphers
991@item scrypt and HKDF
992@item Deterministic (EC)DSA
993@item Password-protected PKCS#8 key containers
994@item Shamir’s Secret Sharing scheme
995@item Random numbers get sourced directly from the OS (and not from a CSPRNG
996in userspace)
997@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
998@item Major clean ups and simplification of the code base
999@end itemize\n")
1000 (license license:bsd-2)))
1001
1002(define-public python2-pycryptodome
1003 (package-with-python2 python-pycryptodome))
2f691218
 1004
1005(define-public python-m2crypto
1006 (package
1007 (name "python-m2crypto")
3b4cc5cb 1008 (version "0.35.2")
2f691218
 1009 (source
1010 (origin
1011 (method url-fetch)
1012 (uri (pypi-uri "M2Crypto" version))
1013 (sha256
3b4cc5cb 1014 (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc"))))
2f691218
 1015 (build-system python-build-system)
1016 (inputs `(("openssl" ,openssl)))
2f691218
 1017 (home-page "https://gitlab.com/m2crypto/m2crypto")
1018 (synopsis "Python crypto and TLS toolkit")
1019 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
1020featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
1021(including AES); TLS functionality to implement clients and servers; HTTPS
1022extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
1023AuthCookies for web session management; FTP/TLS client and server; S/MIME;
1024M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
1025through the Engine interface.")
e810de3e 1026 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 1027 (license license:expat)))
1028
1029(define-public python2-m2crypto
e810de3e
MB		 1030 (let ((m2crypto (package-with-python2
1031 (strip-python2-variant python-m2crypto))))
1032 (package (inherit m2crypto)
1033 (propagated-inputs
1034 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 1035
1036(define-public python-pylibscrypt
1037 (package
1038 (name "python-pylibscrypt")
1039 (version "1.7.1")
1040 (source
1041 (origin
1042 (method url-fetch)
1043 (uri (pypi-uri "pylibscrypt" version))
1044 (sha256
1045 (base32
1046 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
1047 (build-system python-build-system)
1048 (arguments
929d4d2f
NG		 1049 `(#:phases
1050 (modify-phases %standard-phases
1051 (add-before 'build 'hard-code-path-to-libscrypt
1052 (lambda* (#:key inputs #:allow-other-keys)
1053 (let ((libscrypt (assoc-ref inputs "libscrypt")))
1054 (substitute* "pylibscrypt/pylibscrypt.py"
1055 (("find_library\\('scrypt'\\)")
1056 (string-append "'" libscrypt "/lib/libscrypt.so'")))
1057 #t))))
1058 ;; The library can use various scrypt implementations and tests all of
1059 ;; them. Since we only provide a single implementation, most tests
1060 ;; fail. Simply skip them.
1061 #:tests? #f))
1062 ;; FIXME: Using "libscrypt" is the second best choice. The best one
1063 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
1064 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 1065 (inputs
929d4d2f 1066 `(("libscrypt" ,libscrypt)))
c158d476
NG		 1067 (home-page "https://github.com/jvarho/pylibscrypt")
1068 (synopsis "Scrypt for Python")
1069 (description "There are a lot of different scrypt modules for Python, but
1070none of them have everything that I'd like, so here's one more. It uses
929d4d2f 1071@code{libscrypt}.")
c158d476 1072 (license license:isc)))
40c6e454
NG		 1073
1074(define-public python-libnacl
1075 (package
1076 (name "python-libnacl")
1077 (version "1.6.1")
1078 (source
1079 (origin
1080 (method url-fetch)
1081 (uri (pypi-uri "libnacl" version))
1082 (sha256
1083 (base32
1084 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
1085 (build-system python-build-system)
1086 (arguments
1087 `(#:phases
1088 (modify-phases %standard-phases
1089 (add-after 'unpack 'locate-libsodium
1090 (lambda* (#:key inputs #:allow-other-keys)
1091 (substitute* "libnacl/__init__.py"
1092 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
1093 _ pre post)
1094 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
1095 "/lib/libsodium.so")))
1096 (string-append pre libsodium post)))))))))
1097 (native-inputs
1098 `(("python-pyhamcrest" ,python-pyhamcrest)))
1099 (inputs
1100 `(("libsodium" ,libsodium)))
1101 (home-page "https://libnacl.readthedocs.org/")
1102 (synopsis "Python bindings for libsodium based on ctypes")
1103 (description "@code{libnacl} is used to gain direct access to the
1104functions exposed by @code{NaCl} library via @code{libsodium}. It has
1105been constructed to maintain extensive documentation on how to use
1106@code{NaCl} as well as being completely portable.")
1107 (license license:asl2.0)))
cb91f6ae 1108
1fa1d822
NG		 1109(define-public python-scrypt
1110 (package
1111 (name "python-scrypt")
cc314e90 1112 (version "0.8.7")
1fa1d822
NG		 1113 (source
1114 (origin
1115 (method url-fetch)
1116 (uri (pypi-uri "scrypt" version))
1117 (sha256
1118 (base32
cc314e90 1119 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 1120 (build-system python-build-system)
1121 (inputs
1122 `(("openssl" ,openssl)))
20c604c5 1123 (home-page "https://bitbucket.org/mhallin/py-scrypt")
1fa1d822
NG		 1124 (synopsis "Bindings for the scrypt key derivation function library")
1125 (description "This is a set of Python bindings for the scrypt key
1126derivation function.")
1127 (license license:bsd-2)))
8afe166d
NN		 1128
1129(define-public python-service-identity
1130 (package
1131 (name "python-service-identity")
c105e509 1132 (version "18.1.0")
8afe166d
NN		 1133 (source
1134 (origin
1135 (method url-fetch)
1136 (uri (pypi-uri "service_identity" version))
1137 (sha256
1138 (base32
c105e509 1139 "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
8afe166d
NN		 1140 (build-system python-build-system)
1141 (propagated-inputs
1142 `(("python-attrs" ,python-attrs)
1143 ("python-pyasn1" ,python-pyasn1)
1144 ("python-pyasn1-modules" ,python-pyasn1-modules)
1145 ("python-pyopenssl" ,python-pyopenssl)))
1146 (home-page "https://service-identity.readthedocs.io/")
1147 (synopsis "Service identity verification for PyOpenSSL")
1148 (description
1149 "@code{service_identity} aspires to give you all the tools you need
1150for verifying whether a certificate is valid for the intended purposes.
1151In the simplest case, this means host name verification. However,
1152service_identity implements RFC 6125 fully and plans to add other
1153relevant RFCs too.")
1154 (license license:expat)))
1155
1156(define-public python2-service-identity
1157 (package-with-python2 python-service-identity))
0a90c789
LF		 1158
1159(define-public python-hkdf
1160 (package
1161 (name "python-hkdf")
1162 (version "0.0.3")
1163 (source
1164 (origin
1165 (method url-fetch)
1166 (uri (pypi-uri "hkdf" version))
1167 (sha256
1168 (base32
1169 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1170 (build-system python-build-system)
1171 (native-inputs
1172 `(("python-nose" ,python-nose)))
1173 (home-page "https://github.com/casebeer/python-hkdf")
1174 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1175 (description "This package provides a Python implementation of the HMAC Key
1176Derivation function (HKDF) defined in RFC 5869.")
1177 (license license:bsd-2)))
fc681a18
LF		 1178
1179(define-public python-spake2
1180 (package
1181 (name "python-spake2")
1182 (version "0.8")
1183 (source
1184 (origin
1185 (method url-fetch)
1186 (uri (pypi-uri "spake2" version))
1187 (sha256
1188 (base32
1189 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1190 (build-system python-build-system)
1191 (propagated-inputs
1192 `(("python-hkdf" ,python-hkdf)))
1193 (home-page "https://github.com/warner/python-spake2")
1194 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1195 (description "This package provides a Python implementation of the SPAKE2
1196Password-Authenticated Key Exchange algorithm.")
1197 (license license:expat)))
215f3db0
LF		 1198
1199(define-public python-txtorcon
1200 (package
1201 (name "python-txtorcon")
1202 (version "19.0.0")
1203 (source
1204 (origin
1205 (method url-fetch)
1206 (uri (pypi-uri "txtorcon" version))
1207 (sha256
1208 (base32
1209 "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p"))))
1210 (build-system python-build-system)
1211 (arguments
1212 ;; The tests fail immediately due to a missing file. Reported upstream:
1213 ;; <https://github.com/meejah/txtorcon/issues/330>
1214 `(#:tests? #f))
1215 (propagated-inputs
1216 `(("python-automat" ,python-automat)
1217 ("python-idna" ,python-idna)
1218 ("python-incremental" ,python-incremental)
215f3db0
LF		 1219 ("python-service-identity" ,python-service-identity)
1220 ("python-twisted" ,python-twisted)
1221 ("python-zope-interface" ,python-zope-interface)))
1222 (home-page "https://github.com/meejah/txtorcon")
1223 (synopsis "Twisted-based Tor controller client")
1224 (description "This package provides a Twisted-based Tor controller client,
1225with state-tracking and configuration abstractions.")
1226 (license license:expat)))
93953ec7
GLV		 1227
1228(define-public python-keyutils
1229 (package
1230 (name "python-keyutils")
1231 (version "0.6")
1232 (source
1233 (origin
1234 (method url-fetch)
1235 (uri (pypi-uri "keyutils" version))
1236 (sha256
1237 (base32
1238 "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9"))))
1239 (build-system python-build-system)
1240 (native-inputs
1241 `(("python-pytest" ,python-pytest)
1242 ("python-pytest-runner" ,python-pytest-runner)))
1243 (inputs
1244 `(("keyutils" ,keyutils)))
1245 (arguments
1246 '(#:tests? #f))
1247 (home-page "https://github.com/sassoftware/python-keyutils")
1248 (synopsis "Python bindings for keyutils")
1249 (description
1250 "This is a set of python bindings for keyutils, a key management suite
1251that leverages the infrastructure provided by the Linux kernel for safely
a806b0b0 1252storing and retrieving sensitive information in your programs.")
93953ec7 1253 (license license:asl2.0)))
1f15cbc8
CL		 1254
1255(define-public python-mcuboot-imgtool
1256 (package
1257 (name "python-mcuboot-imgtool")
1258 (version "1.4.0")
1259 (source
1260 (origin
1261 (method git-fetch)
1262 (uri (git-reference
1263 (url "https://github.com/JuulLabs-OSS/mcuboot")
1264 (commit (string-append "v" version))))
1265 (file-name (git-file-name name version))
1266 (sha256
1267 (base32
1268 "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q"))))
1269 (build-system python-build-system)
1270 (arguments
1271 `(#:phases
1272 (modify-phases %standard-phases
1273 (add-after 'unpack 'fix-broken-test
1274 (lambda _
1275 (substitute* "scripts/imgtool/keys/ed25519_test.py"
1276 (("raw_sign") "sign_digest"))
1277 #t))
1278 (add-before 'build 'change-directory
1279 (lambda _
1280 (chdir "scripts")
1281 #t)))))
1282 (propagated-inputs
1283 `(("python-click" ,python-click)
1284 ("python-intelhex" ,python-intelhex)
1285 ("python-cryptography" ,python-cryptography)))
1286 (home-page "https://mcuboot.com")
1287 (synopsis "Tool to securely sign firmware images for booting by MCUboot")
1288 (description "MCUboot is a secure bootloader for 32-bit MCUs. This
1289package provides a tool to securely sign firmware images for booting by
1290MCUboot.")
1291 (license license:expat)))
83feb3d0 1292
163997c9
AT		 1293(define-public python-ntlm-auth
1294 (package
1295 (name "python-ntlm-auth")
1296 (version "1.4.0")
1297 (source
1298 (origin
1299 (method url-fetch)
1300 (uri (pypi-uri "ntlm-auth" version))
1301 (sha256
1302 (base32
1303 "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm"))))
1304 (build-system python-build-system)
1305 (propagated-inputs
1306 `(("python-cryptography" ,python-cryptography)))
1307 (home-page "https://github.com/jborean93/ntlm-auth")
1308 (synopsis
1309 "Calculates NTLM Authentication codes")
1310 (description
1311 "This library handles the low-level details of NTLM authentication for
1312use in authenticating with a service that uses NTLM. It will create and parse
1313the 3 different message types in the order required and produce a base64
1314encoded value that can be attached to the HTTP header.
1315
1316The goal of this library is to offer full NTLM support including signing and
1317sealing of messages as well as supporting MIC for message integrity and the
1318ability to customise and set limits on the messages sent. Please see Features
1319and Backlog for a list of what is and is not currently supported.")
1320 (license license:expat)))
1321
4ee1ea76
EF		 1322(define-public python-secretstorage
1323 (package
1324 (name "python-secretstorage")
1325 (version "3.1.2")
1326 (source
1327 (origin
1328 (method url-fetch)
1329 (uri (pypi-uri "SecretStorage" version))
1330 (sha256
1331 (base32
1332 "1xmzr0j3066s220bss4nkgqbiwb5k4kkp2rkpqlqwjb5kfc8mnhm"))))
1333 (build-system python-build-system)
1334 (arguments
1335 '(#:tests? #f)) ; Tests require a running dbus service.
1336 (propagated-inputs
1337 `(("python-cryptography" ,python-cryptography)
1338 ("python-jeepney" ,python-jeepney)))
1339 (home-page "https://github.com/mitya57/secretstorage")
1340 (synopsis "Python bindings to FreeDesktop.org Secret Service API")
1341 (description
1342 "@code{python-secretstorage} provides a way for securely storing passwords
1343and other secrets. It uses D-Bus Secret Service API that is supported by GNOME
1344Keyring (since version 2.30) and KSecretsService. SecretStorage supports most
1345of the functions provided by Secret Service, including creating and deleting
1346items and collections, editing items, locking and unlocking collections
1347(asynchronous unlocking is also supported).")
1348 (license license:bsd-3)))
1349
83feb3d0
EF		 1350(define-public python-jeepney
1351 (package
1352 (name "python-jeepney")
1353 (version "0.4.2")
1354 (source
1355 (origin
1356 (method url-fetch)
1357 (uri (pypi-uri "jeepney" version))
1358 (sha256
1359 (base32
1360 "1fz9lb5fl831sijg2j0sbki698j2z6awbblas7mz3gp9jz2xi9hb"))))
1361 (build-system python-build-system)
1362 (native-inputs
1363 `(("python-testpath" ,python-testpath)
1364 ("python-tornado" ,python-tornado)
1365 ("python-pytest" ,python-pytest)))
1366 (home-page "https://gitlab.com/takluyver/jeepney")
1367 (synopsis "Low-level, pure Python DBus protocol wrapper")
1368 (description
1369 "This is a low-level, pure Python DBus protocol client. It has an
1370I/O-free core, and integration modules for different event loops.")
1371 (license license:expat)))
08310637
EF		 1372
1373(define-public python-argon2-cffi
1374 (package
1375 (name "python-argon2-cffi")
9813805b 1376 (version "20.1.0")
08310637
EF		 1377 (source
1378 (origin
1379 (method url-fetch)
1380 (uri (pypi-uri "argon2-cffi" version))
1381 (sha256
1382 (base32
9813805b 1383 "0zgr4mnnm0p4i99023safb0qb8cgvl202nly1rvylk2b7qnrn0nq"))
08310637
EF		 1384 (modules '((guix build utils)))
1385 (snippet '(begin (delete-file-recursively "extras") #t))))
1386 (build-system python-build-system)
1387 (arguments
1388 '(#:phases
1389 (modify-phases %standard-phases
1390 (replace 'build
1391 (lambda _
1392 (setenv "ARGON2_CFFI_USE_SYSTEM" "1")
1393 (invoke "python" "setup.py" "build")))
1394 (replace 'check
1395 (lambda* (#:key inputs outputs #:allow-other-keys)
1396 (add-installed-pythonpath inputs outputs)
1397 (invoke "pytest")
1398 (invoke "python" "-m" "argon2" "--help")
1399 ;; see tox.ini
1400 (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1"))))))
1401 (propagated-inputs
1402 `(("python-cffi" ,python-cffi)
1403 ("python-six" ,python-six)))
1404 (inputs `(("argon2" ,argon2)))
1405 (native-inputs
1406 `(("python-hypothesis" ,python-hypothesis)
1407 ("python-pytest" ,python-pytest)))
1408 (home-page "https://argon2-cffi.readthedocs.io/")
1409 (synopsis "Secure Password Hashes for Python")
1410 (description
1411 "Argon2 is a secure password hashing algorithm. It is designed to have
1412both a configurable runtime as well as memory consumption. This means that you
1413can decide how long it takes to hash a password and how much memory is required.")
1414 (license license:expat)))
0a124c46
EF		 1415
1416(define-public python-privy
1417 (package
1418 (name "python-privy")
1419 (version "6.0.0")
1420 (source
1421 (origin
1422 (method git-fetch)
1423 (uri (git-reference
1424 ;; Releases are untagged
1425 (url "https://github.com/ofek/privy")
1426 (commit "2838db3df239797c71bddacc48a4c49a83f35747")))
1427 (file-name (git-file-name name version))
1428 (sha256
1429 (base32
1430 "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9"))))
1431 (build-system python-build-system)
1432 (arguments
1433 '(#:phases
1434 (modify-phases %standard-phases
1435 (replace 'check
1436 (lambda _
1437 (invoke "python" "-m" "pytest"))))))
1438 (native-inputs
1439 `(("python-pytest" ,python-pytest)))
1440 (propagated-inputs
1441 `(("python-argon2-cffi" ,python-argon2-cffi)
1442 ("python-cryptography" ,python-cryptography)))
1443 (home-page "https://www.dropbox.com/developers")
1444 (synopsis "Library to password-protect your data")
1445 (description
1446 "Privy is a small and fast utility for password-protecting secret
1447data such as API keys, cryptocurrency wallets, or seeds for digital
1448signatures.")
1449 (license (list license:expat license:asl2.0)))) ; dual licensed
1b11e894
JW		 1450
1451(define-public python-pgpy
1452 (package
1453 (name "python-pgpy")
1454 (version "0.5.2")
1455 (source
1456 (origin
1457 (method url-fetch)
1458 (uri (pypi-uri "PGPy" version))
1459 (sha256
1460 (base32
1461 "0i4lqhzdwkjkim3wab0kqadx28z3r5ixlh6qxj4lif4gif56c0m7"))))
1462 (build-system python-build-system)
1463 (native-inputs
1464 `(("python-cryptography" ,python-cryptography)
1465 ("python-pyasn1" ,python-pyasn1)
1466 ("python-singledispatch" ,python-singledispatch)
1467 ("python-six" ,python-six)))
1468 (home-page "https://github.com/SecurityInnovation/PGPy")
1469 (synopsis "Python implementation of OpenPGP")
1470 (description
1471 "Currently, PGPy can load keys and signatures of all kinds in both ASCII
1472armored and binary formats.
1473
1474It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It
1475can also encrypt and decrypt messages using RSA and ECDH.")
1476 (license license:bsd-3)))
df6fb956
JW		 1477
1478(define-public python-sop
1479 (package
1480 (name "python-sop")
1481 (version "0.2.0")
1482 (source
1483 (origin
1484 (method url-fetch)
1485 (uri (pypi-uri "sop" version))
1486 (sha256
1487 (base32
1488 "0gljyjsdn6hdmwlwwb5g5s0c031p6izamvfxp0d39x60af8k5jyf"))))
1489 (build-system python-build-system)
1490 (arguments
1491 '(#:tests? #f)) ; There are no tests, and unittest throws an error trying
1492 ; to find some:
1493 ; TypeError: don't know how to make test from: 0.2.0
1494 (home-page "https://gitlab.com/dkg/python-sop")
1495 (synopsis "Stateless OpenPGP Command-Line Interface")
1496 (description
1497 "The Stateless OpenPGP Command-Line Interface (or sop) is a
1498specification that encourages OpenPGP implementors to provide a common,
1499relatively simple command-line API for purposes of object security.
1500
1501This Python module helps implementers build such a CLI from any implementation
1502accessible to the Python interpreter.
1503
1504It does not provide such an implementation itself -- this is just the
1505scaffolding for the command line, which should make it relatively easy to
1506supply a handful of python functions as methods to a class.")
1507 (license license:expat))) ; MIT license
jackhill's copy of GNU Guix: https://guix.gnu.org/