HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Add python-potr.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
263ea4eb 3;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
55e51b66 5;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com>
cc6f4912
LC		 6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
5d844fd6 11;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
3c986a7d 12;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
74f01758 16;;; Copyright © 2016, 2017, 2020 Arun Isaac <arunisaac@systemreboot.net>
cc6f4912 17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
93953ec7 22;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
1f15cbc8 23;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org>
f8dcdf2b 24;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
1b11e894 25;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org>
960dafce 26;;; Copyright © 2020 Vinicius Monego <monego@posteo.net>
cc6f4912
LC		 27;;;
28;;; This file is part of GNU Guix.
29;;;
30;;; GNU Guix is free software; you can redistribute it and/or modify it
31;;; under the terms of the GNU General Public License as published by
32;;; the Free Software Foundation; either version 3 of the License, or (at
33;;; your option) any later version.
34;;;
35;;; GNU Guix is distributed in the hope that it will be useful, but
36;;; WITHOUT ANY WARRANTY; without even the implied warranty of
37;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38;;; GNU General Public License for more details.
39;;;
40;;; You should have received a copy of the GNU General Public License
41;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
42
43(define-module (gnu packages python-crypto)
44 #:use-module (guix packages)
45 #:use-module (guix download)
46 #:use-module (guix git-download)
47 #:use-module (guix build-system python)
48 #:use-module (gnu packages)
ac257f12 49 #:use-module (gnu packages check)
b95c17c5 50 #:use-module (gnu packages crypto)
f8dcdf2b 51 #:use-module (gnu packages kerberos)
cc6f4912
LC		 52 #:use-module (gnu packages libffi)
53 #:use-module (gnu packages multiprecision)
08310637 54 #:use-module (gnu packages password-utils)
cc6f4912
LC		 55 #:use-module (gnu packages protobuf)
56 #:use-module (gnu packages python)
6fedf6f2 57 #:use-module (gnu packages python-check)
960dafce 58 #:use-module (gnu packages python-compression)
cb91f6ae 59 #:use-module (gnu packages python-web)
44d10b1f 60 #:use-module (gnu packages python-xyz)
4764e83c 61 #:use-module (gnu packages swig)
33dc54b0 62 #:use-module (gnu packages time)
cc6f4912
LC		 63 #:use-module (gnu packages tls)
64 #:use-module ((guix licenses) #:prefix license:)
65 #:use-module (srfi srfi-1))
66
c6e8d17b
RG		 67(define-public python-potr
68 (package
69 (name "python-potr")
70 (version "1.0.2")
71 (source
72 (origin
73 (method git-fetch)
74 (uri
75 (git-reference
76 (url "https://github.com/python-otr/pure-python-otr.git")
77 (commit version)))
78 (file-name
79 (git-file-name name version))
80 (sha256
81 (base32 "1hzw6h01fm216nmipyylgz0zybd80w1xsk12m7djycnhqrnrvvv1"))))
82 (build-system python-build-system)
83 (propagated-inputs
84 `(("python-pycrypto" ,python-pycrypto)))
85 (synopsis "Python OTR Implementation")
86 (description "Python OTR is an Off-The-Record Protocol Implementation in
87Python. It does not bind to libotr.")
88 (home-page "https://github.com/python-otr/pure-python-otr")
89 (license license:lgpl3+)))
90
cef6dc64
NG		 91(define-public python-base58
92 (package
93 (name "python-base58")
ceb5b11b 94 (version "1.0.3")
cef6dc64
NG		 95 (source
96 (origin
97 (method url-fetch)
98 (uri (pypi-uri "base58" version))
99 (sha256
100 (base32
ceb5b11b 101 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 102 (build-system python-build-system)
103 (native-inputs
104 `(("python-pyhamcrest" ,python-pyhamcrest)))
105 (home-page "https://github.com/keis/base58")
106 (synopsis "Base58 and Base58Check implementation")
107 (description "Base58 and Base58Check implementation compatible
108with what is used by the Bitcoin network.")
109 (license license:expat)))
110
7c16af46
MB		 111(define-public python-bcrypt
112 (package
113 (name "python-bcrypt")
b5cb4624 114 (version "3.1.7")
7c16af46
MB		 115 (source
116 (origin
117 (method url-fetch)
118 (uri (pypi-uri "bcrypt" version))
119 (sha256
b5cb4624 120 (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b"))))
7c16af46
MB		 121 (build-system python-build-system)
122 (native-inputs
123 `(("python-pycparser" ,python-pycparser)
124 ("python-pytest" ,python-pytest)))
125 (propagated-inputs
126 `(("python-cffi" ,python-cffi)
127 ("python-six" ,python-six)))
128 (home-page "https://github.com/pyca/bcrypt/")
129 (synopsis
130 "Modern password hashing library")
131 (description
132 "Bcrypt is a Python module which provides a password hashing method based
133on the Blowfish password hashing algorithm, as described in
134@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
135Password Scheme\"} by Niels Provos and David Mazieres.")
136 (license license:asl2.0)))
137
138(define-public python2-bcrypt
139 (package-with-python2 python-bcrypt))
140
cc6f4912
LC		 141(define-public python-passlib
142 (package
143 (name "python-passlib")
aadd107d 144 (version "1.7.2")
cc6f4912
LC		 145 (source
146 (origin
147 (method url-fetch)
148 (uri (pypi-uri "passlib" version))
149 (sha256
aadd107d 150 (base32 "1a5ngap7kq0b4azq8nlfg6xg5bcl1i0v1sbynhmbr631jgpnqrld"))))
cc6f4912
LC		 151 (build-system python-build-system)
152 (native-inputs
153 `(("python-nose" ,python-nose)))
154 (propagated-inputs
155 `(("python-py-bcrypt" ,python-py-bcrypt)))
156 (arguments
157 `(#:phases
158 (modify-phases %standard-phases
159 (add-before 'check 'set-PYTHON_EGG_CACHE
160 ;; some tests require access to "$HOME/.cython"
161 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
162 (home-page "https://bitbucket.org/ecollins/passlib")
aadd107d 163 (synopsis "Comprehensive password hashing framework")
cc6f4912
LC		 164 (description
165 "Passlib is a password hashing library for Python 2 & 3, which provides
166cross-platform implementations of over 30 password hashing algorithms, as well
167as a framework for managing existing password hashes. It's designed to be
168useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
169to providing full-strength password hashing for multi-user application.")
170 (license license:bsd-3)))
171
172(define-public python2-passlib
173 (package-with-python2 python-passlib))
174
175(define-public python-py-bcrypt
176 (package
177 (name "python-py-bcrypt")
178 (version "0.4")
179 (source
180 (origin
181 (method url-fetch)
27864e7c 182 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 183 (sha256
184 (base32
185 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
186 (build-system python-build-system)
187 (home-page "https://code.google.com/p/py-bcrypt")
188 (synopsis
189 "Bcrypt password hashing and key derivation")
190 (description
191 "A python wrapper of OpenBSD's Blowfish password hashing code. This
192system hashes passwords using a version of Bruce Schneier's Blowfish block
193cipher with modifications designed to raise the cost of off-line password
194cracking and frustrate fast hardware implementation. The computation cost of
3defa90d 195the algorithm is parametrised, so it can be increased as computers get faster.
cc6f4912
LC		 196The intent is to make a compromise of a password database less likely to
197result in an attacker gaining knowledge of the plaintext passwords (e.g. using
198John the Ripper).")
199 ;; "sha2.c" is under BSD-3;
200 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
201 ;; the rest is under ISC.
202 (license (list license:isc license:bsd-3 license:bsd-4))))
203
204(define-public python2-py-bcrypt
205 (package-with-python2 python-py-bcrypt))
206
e64088f0
VC		 207(define-public python-pyblake2
208 (package
209 (name "python-pyblake2")
210 (version "1.1.2")
211 (source
212 (origin
213 (method url-fetch)
214 (uri (pypi-uri "pyblake2" version))
215 (sha256
216 (base32
217 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
218 (build-system python-build-system)
219 (home-page "https://github.com/dchest/pyblake2")
220 (synopsis "BLAKE2 hash function for Python")
221 (description "BLAKE2 is a cryptographic hash function, which offers
222stronger security while being as fast as MD5 or SHA-1, and comes in two
223flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
224of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
22532-bit platforms and produces digests of any size between 1 and 32 bytes.
226
227This package provides a Python interface for BLAKE2.")
228 ;; The COPYING file declares it as public domain, with the option to
229 ;; alternatively use and redistribute it under a variety of permissive
230 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
231 (license (list license:public-domain license:cc0))))
232
cc6f4912
LC		 233(define-public python-paramiko
234 (package
235 (name "python-paramiko")
c7aee804 236 (version "2.7.2")
cc6f4912
LC		 237 (source
238 (origin
239 (method url-fetch)
240 (uri (pypi-uri "paramiko" version))
241 (sha256
c7aee804 242 (base32 "0dahwq623jnna7gsr9j0mkwr9k2n1pvkapjryhcx508d5jxg8dkz"))))
cc6f4912
LC		 243 (build-system python-build-system)
244 (arguments
8e84eb68
MB		 245 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
246 #:tests? #f))
cc6f4912 247 (propagated-inputs
2fbc38e3
LF		 248 `(("python-bcrypt" ,python-bcrypt)
249 ("python-pyasn1" ,python-pyasn1)
250 ("python-pynacl" ,python-pynacl)
cc6f4912 251 ("python-cryptography" ,python-cryptography)))
101ad242 252 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 253 (synopsis "SSHv2 protocol library")
254 (description "Paramiko is a python implementation of the SSHv2 protocol,
255providing both client and server functionality. While it leverages a Python C
256extension for low level cryptography (PyCrypto), Paramiko itself is a pure
257Python interface around SSH networking concepts.")
258 (license license:lgpl2.1+)))
259
260(define-public python2-paramiko
261 (package-with-python2 python-paramiko))
262
263(define-public python-ecdsa
264 (package
265 (name "python-ecdsa")
c57b8419 266 (version "0.14.1")
cc6f4912
LC		 267 (source
268 (origin
269 (method url-fetch)
86228e56 270 (uri (pypi-uri "ecdsa" version))
cc6f4912 271 (sha256
c57b8419 272 (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4"))))
cc6f4912 273 (build-system python-build-system)
92fe2513
EF		 274 (arguments
275 '(#:phases
276 (modify-phases %standard-phases
277 (replace 'check
278 (lambda _ (invoke "pytest"))))))
c57b8419
EF		 279 (propagated-inputs
280 `(("python-six" ,python-six)))
281 (native-inputs
92fe2513
EF		 282 `(("openssl" ,openssl)
283 ("python-pytest" ,python-pytest)))
9cd100b6
TGR		 284 (home-page "https://github.com/warner/python-ecdsa")
285 (synopsis "ECDSA cryptographic signature library (pure python)")
cc6f4912
LC		 286 (description
287 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
288Curve Digital Signature Algorithm), implemented purely in Python. With this
289library, you can quickly create keypairs (signing key and verifying key), sign
290messages, and verify the signatures. The keys and signatures are very short,
291making them easy to handle and incorporate into other protocols.")
292 (license license:expat)))
293
294(define-public python2-ecdsa
295 (package-with-python2 python-ecdsa))
296
297;;; Pycrypto is abandoned upstream:
298;;;
299;;; https://github.com/dlitz/pycrypto/issues/173
300;;;
301;;; TODO Remove this package from GNU Guix.
302(define-public python-pycrypto
303 (package
304 (name "python-pycrypto")
305 (version "2.6.1")
306 (source
307 (origin
308 (method url-fetch)
309 (uri (pypi-uri "pycrypto" version))
2a2a9878
MB		 310 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"
311 "python-pycrypto-time-clock.patch"))
cc6f4912
LC		 312 (sha256
313 (base32
314 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
315 (build-system python-build-system)
316 (inputs
317 `(("python" ,python)
318 ("gmp" ,gmp)))
319 (arguments
320 `(#:phases
321 (modify-phases %standard-phases
322 (add-before 'build 'set-build-env
323 ;; pycrypto runs an autoconf configure script behind the scenes
324 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
52888f52 325 (home-page "https://www.dlitz.net/software/pycrypto/")
cc6f4912
LC		 326 (synopsis "Cryptographic modules for Python")
327 (description
328 "Pycrypto is a collection of both secure hash functions (such as SHA256
329and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
330etc.). The package is structured to make adding new modules easy.")
331 (license license:public-domain)))
332
333(define-public python2-pycrypto
334 (let ((pycrypto (package-with-python2 python-pycrypto)))
335 (package (inherit pycrypto)
336 (inputs
337 `(("python" ,python-2)
338 ,@(alist-delete
339 "python"
340 (package-inputs pycrypto)))))))
341
f8dcdf2b
AT		 342(define-public python-kerberos
343 (package
344 (name "python-kerberos")
345 (version "1.3.0")
346 (source
347 (origin
348 (method url-fetch)
349 (uri (pypi-uri "kerberos" version))
350 (sha256
351 (base32
352 "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh"))))
353 (build-system python-build-system)
354 (inputs
355 `(("mit-krb5" ,mit-krb5)))
356 (home-page "https://github.com/apple/ccs-pykerberos")
357 (synopsis
358 "Python Kerberos library used by CalendarServer")
359 (description
360 "This Python package is a high-level wrapper for Kerberos (GSSAPI)
361operations. The goal is to avoid having to build a module that wraps the
362entire Kerberos.framework, and instead offer a limited set of functions that
363do what is needed for client/server Kerberos authentication based on
364<http://www.ietf.org/rfc/rfc4559.txt>.")
365 (license license:asl2.0)))
366
cc6f4912
LC		 367(define-public python-keyring
368 (package
369 (name "python-keyring")
6fedf6f2 370 (version "21.0.0")
cc6f4912
LC		 371 (source
372 (origin
373 (method url-fetch)
374 (uri (pypi-uri "keyring" version))
375 (sha256
376 (base32
6fedf6f2
EF		 377 "1k0w3yh3fz0qp0cvkxdiinq9jzbrnc6bd88qpjz34x3cgcr94psz"))
378 (modules '((guix build utils)))
379 (snippet
380 ;; https://github.com/jaraco/keyring/issues/414
381 '(begin (substitute* "tests/test_packaging.py"
382 (("ep, =") "(ep,) =")) #t))))
cc6f4912 383 (build-system python-build-system)
6fedf6f2
EF		 384 (arguments
385 `(#:phases
386 (modify-phases %standard-phases
387 (replace 'check
388 (lambda _
389 ;; Not clear why this test fails.
390 (delete-file "tests/test_packaging.py")
391 (substitute* "pytest.ini"
392 (("--black ") ""))
393 (invoke "pytest"))))))
cc6f4912 394 (native-inputs
770b1d65 395 `(("python-pytest" ,python-pytest)
6fedf6f2
EF		 396 ("python-pytest-checkdocs" ,python-pytest-checkdocs)
397 ("python-pytest-cov" ,python-pytest-cov)
398 ("python-pytest-flake8" ,python-pytest-flake8)
770b1d65 399 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912 400 (propagated-inputs
6fedf6f2
EF		 401 `(("python-importlib-metadata" ,python-importlib-metadata)
402 ("python-secretstorage" ,python-secretstorage)))
cc6f4912
LC		 403 (home-page "https://github.com/jaraco/keyring")
404 (synopsis "Store and access your passwords safely")
405 (description
406 "The Python keyring lib provides a easy way to access the system keyring
407service from python. It can be used in any application that needs safe
408password storage.")
409 ;; "MIT" and PSF dual license
6fedf6f2 410 (properties `((python2-variant . ,(delay python2-keyring))))
cc6f4912
LC		 411 (license license:x11)))
412
413(define-public python2-keyring
6fedf6f2
EF		 414 (let ((keyring (package-with-python2
415 (strip-python2-variant python-keyring))))
416 (package
417 (inherit keyring)
418 (name "python2-keyring")
419 (version "8.7")
420 (source
421 (origin
422 (method url-fetch)
423 (uri (pypi-uri "keyring" version))
424 (sha256
425 (base32
426 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
427 (arguments
428 `(#:python ,python-2))
429 (native-inputs
430 `(("python2-pytest" ,python2-pytest)
431 ("python2-pytest-runner" ,python2-pytest-runner)
432 ("python2-setuptools-scm" ,python2-setuptools-scm)))
433 (propagated-inputs
434 `(("python2-pycrypto" ,python2-pycrypto))))))
cc6f4912 435
9a684b40
EF		 436(define-public python-keyrings.alt
437 (package
438 (name "python-keyrings.alt")
439 (version "3.4.0")
440 (source
441 (origin
442 (method url-fetch)
443 (uri (pypi-uri "keyrings.alt" version))
444 (sha256
445 (base32
446 "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli"))
447 (modules '((guix build utils)))
448 (snippet
449 '(begin
450 (delete-file "keyrings/alt/_win_crypto.py")
451 ;; Rely on python-keyring>20:
452 ;; https://github.com/jaraco/keyrings.alt/issues/33
453 (substitute* '("keyrings/alt/tests/test_Gnome.py"
454 "keyrings/alt/tests/test_Google.py"
455 "keyrings/alt/tests/test_Windows.py"
456 "keyrings/alt/tests/test_file.py"
457 "keyrings/alt/tests/test_pyfs.py")
458 (("keyring.tests.test_backend") "keyring.testing.backend")
459 (("keyring.tests.util") "keyring.testing.util"))
460 #t))))
461 (build-system python-build-system)
462 (native-inputs
463 `(("python-keyring" ,python-keyring)
464 ("python-pytest" ,python-pytest)
465 ("python-setuptools-scm" ,python-setuptools-scm)))
466 (home-page "https://github.com/jaraco/keyrings.alt")
467 (synopsis "Alternate keyring implementations")
468 (description "Keyrings in this package may have security risks or other
469implications. These backends were extracted from the main keyring project to
470make them available for those who wish to employ them, but are discouraged for
471general production use. Include this module and use its backends at your own
472risk.")
473 (license license:expat)))
474
cc6f4912
LC		 475(define-public python-certifi
476 (package
477 (name "python-certifi")
ee3a5e07 478 (version "2020.4.5.1")
cc6f4912
LC		 479 (source (origin
480 (method url-fetch)
481 (uri (pypi-uri "certifi" version))
482 (sha256
483 (base32
ee3a5e07 484 "06b5gfs7wmmipln8f3z928d2mmx2j4b3x7pnqmj6cvmyfh8v7z2i"))))
cc6f4912 485 (build-system python-build-system)
ee3a5e07 486 (arguments '(#:tests? #f)) ;no tests
cc6f4912
LC		 487 (home-page "https://certifi.io/")
488 (synopsis "Python CA certificate bundle")
489 (description
490 "Certifi is a Python library that contains a CA certificate bundle, which
491is used by the Requests library to verify HTTPS requests.")
492 (license license:asl2.0)))
493
494(define-public python2-certifi
495 (package-with-python2 python-certifi))
496
497(define-public python-cryptography-vectors
498 (package
499 (name "python-cryptography-vectors")
6144e2d7 500 (version "2.9.2")
cc6f4912
LC		 501 (source
502 (origin
503 (method url-fetch)
504 (uri (pypi-uri "cryptography_vectors" version))
505 (sha256
506 (base32
6144e2d7 507 "1d4iykcv7cn9j399hczlxm5pzxmqy6d80h3j16dkjwlmv3293b4r"))))
cc6f4912
LC		 508 (build-system python-build-system)
509 (home-page "https://github.com/pyca/cryptography")
510 (synopsis "Test vectors for the cryptography package")
511 (description
512 "This package contains test vectors for the cryptography package.")
513 ;; Distributed under either BSD-3 or ASL2.0
514 (license (list license:bsd-3 license:asl2.0))))
515
516(define-public python2-cryptography-vectors
517 (package-with-python2 python-cryptography-vectors))
518
519(define-public python-cryptography
520 (package
521 (name "python-cryptography")
6144e2d7 522 (version "2.9.2")
cc6f4912
LC		 523 (source
524 (origin
525 (method url-fetch)
526 (uri (pypi-uri "cryptography" version))
527 (sha256
528 (base32
6144e2d7 529 "0af25w5mkd6vwns3r6ai1w5ip9xp0ms9s261zzssbpadzdr05hx0"))))
cc6f4912
LC		 530 (build-system python-build-system)
531 (inputs
532 `(("openssl" ,openssl)))
533 (propagated-inputs
534 `(("python-asn1crypto" ,python-asn1crypto)
535 ("python-cffi" ,python-cffi)
536 ("python-six" ,python-six)
537 ("python-idna" ,python-idna)
538 ("python-iso8601" ,python-iso8601)))
539 (native-inputs
540 `(("python-cryptography-vectors" ,python-cryptography-vectors)
541 ("python-hypothesis" ,python-hypothesis)
542 ("python-pretend" ,python-pretend)
543 ("python-pytz" ,python-pytz)
2dd12924 544 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 545 (home-page "https://github.com/pyca/cryptography")
546 (synopsis "Cryptographic recipes and primitives for Python")
547 (description
548 "cryptography is a package which provides cryptographic recipes and
549primitives to Python developers. It aims to be the “cryptographic standard
550library” for Python. The package includes both high level recipes, and low
551level interfaces to common cryptographic algorithms such as symmetric ciphers,
552message digests and key derivation functions.")
553 ;; Distributed under either BSD-3 or ASL2.0
554 (license (list license:bsd-3 license:asl2.0))
555 (properties `((python2-variant . ,(delay python2-cryptography))))))
556
557(define-public python2-cryptography
558 (let ((crypto (package-with-python2
559 (strip-python2-variant python-cryptography))))
560 (package (inherit crypto)
561 (propagated-inputs
562 `(("python2-ipaddress" ,python2-ipaddress)
563 ("python2-backport-ssl-match-hostname"
564 ,python2-backport-ssl-match-hostname)
565 ("python2-enum34" ,python2-enum34)
566 ,@(package-propagated-inputs crypto))))))
567
568(define-public python-pyopenssl
569 (package
570 (name "python-pyopenssl")
da1eb6db 571 (version "19.1.0")
cc6f4912
LC		 572 (source
573 (origin
574 (method url-fetch)
575 (uri (pypi-uri "pyOpenSSL" version))
576 (sha256
577 (base32
da1eb6db 578 "01wmsq6w0frzbr3zps4ga9kmqjidp2h317jwpq1g9ah24r5lj94s"))))
cc6f4912
LC		 579 (build-system python-build-system)
580 (arguments
581 '(#:phases
582 (modify-phases %standard-phases
583 (delete 'check)
584 (add-after 'install 'check
585 (lambda* (#:key inputs outputs #:allow-other-keys)
586 (add-installed-pythonpath inputs outputs)
55e51b66
MB		 587 ;; PyOpenSSL runs tests against a certificate with a fixed
588 ;; expiry time. To ensure successful builds in the future,
589 ;; set the time to roughly the release date.
590 (invoke "faketime" "2019-01-01" "py.test" "-v" "-k"
c6e33df9
RW		 591 (string-append
592 ;; This test tries to look up certificates from
593 ;; the compiled-in default path in OpenSSL, which
594 ;; does not exist in the build environment.
595 "not test_fallback_default_verify_paths "
596 ;; This test attempts to make a connection to
597 ;; an external web service.
598 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 599 (propagated-inputs
600 `(("python-cryptography" ,python-cryptography)
601 ("python-six" ,python-six)))
602 (inputs
603 `(("openssl" ,openssl)))
604 (native-inputs
55e51b66
MB		 605 `(("libfaketime" ,libfaketime)
606 ("python-flaky" ,python-flaky)
cc6f4912 607 ("python-pretend" ,python-pretend)
2dd12924 608 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 609 (home-page "https://github.com/pyca/pyopenssl")
610 (synopsis "Python wrapper module around the OpenSSL library")
611 (description
612 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
613library.")
614 (license license:asl2.0)))
615
616(define-public python2-pyopenssl
617 (package-with-python2 python-pyopenssl))
618
579b4362
DM		 619(define-public python-ed25519
620 (package
621 (name "python-ed25519")
622 (version "1.4")
623 (source
624 (origin
625 (method url-fetch)
626 (uri (pypi-uri "ed25519" version))
627 (sha256
628 (base32
629 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
630 (build-system python-build-system)
631 (home-page "https://github.com/warner/python-ed25519")
632 (synopsis "Ed25519 public-key signatures")
633 (description "Ed25519 public-key signatures")
634 (license license:expat)))
635
636(define-public python2-ed25519
637 (package-with-python2 python-ed25519))
638
cc6f4912
LC		 639(define-public python-axolotl-curve25519
640 (package
641 (name "python-axolotl-curve25519")
74f01758 642 (version "0.4.1.post2")
cc6f4912
LC		 643 (source
644 (origin
74f01758
AI		 645 (method url-fetch)
646 (uri (pypi-uri "python-axolotl-curve25519" version))
cc6f4912
LC		 647 (sha256
648 (base32
74f01758 649 "18v3rfyv7xi26fb97nw1xc0l6x8wi0i4xj8dlq4gblpbjxiac187"))))
cc6f4912 650 (build-system python-build-system)
cc6f4912
LC		 651 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
652 (synopsis "Python wrapper for curve25519 library")
653 (description "This is a python wrapper for the curve25519 library
654with ed25519 signatures. The C code was pulled from
655libaxolotl-android. At the moment this wrapper is meant for use by
656python-axolotl.")
657 (license (list license:gpl3 ; Most files
658 license:bsd-3)))) ; curve/curve25519-donna.c
659
660(define-public python2-axolotl-curve25519
661 (package-with-python2 python-axolotl-curve25519))
662
663(define-public python-axolotl
664 (package
665 (name "python-axolotl")
b578168f 666 (version "0.2.3")
cc6f4912
LC		 667 (source
668 (origin
b578168f
AI		 669 (method url-fetch)
670 (uri (pypi-uri "python-axolotl" version))
cc6f4912 671 (sha256
b578168f
AI		 672 (base32
673 "1bwdp24fmriffwx91aigs9k162albb51iskp23nc939z893q23py"))))
cc6f4912
LC		 674 (build-system python-build-system)
675 (arguments
676 `(#:phases
677 (modify-phases %standard-phases
678 ;; Don't install tests
679 (add-before 'install 'remove-tests
680 (lambda _
681 (for-each delete-file-recursively
682 '("axolotl/tests" "build/lib/axolotl/tests"))
683 #t)))))
684 (propagated-inputs
685 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
b578168f
AI		 686 ("python-cryptography" ,python-cryptography)
687 ("python-protobuf" ,python-protobuf)))
cc6f4912
LC		 688 (home-page "https://github.com/tgalal/python-axolotl")
689 (synopsis "Python port of libaxolotl-android")
690 (description "This is a python port of libaxolotl-android. This
691is a ratcheting forward secrecy protocol that works in synchronous and
692asynchronous messaging environments.")
693 (license license:gpl3)))
694
695(define-public python2-axolotl
696 (package-with-python2 python-axolotl))
697
698;; SlowAES isn't compatible with Python 3.
699(define-public python2-slowaes
700 (package
701 (name "python2-slowaes")
702 (version "0.1a1")
703 (source
704 (origin
705 (method url-fetch)
706 (uri (pypi-uri "slowaes" version))
707 (sha256
708 (base32
709 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
710 (build-system python-build-system)
711 (arguments `(#:python ,python-2))
712 (home-page "http://code.google.com/p/slowaes/")
713 (synopsis "Implementation of AES in Python")
714 (description "This package contains an implementation of AES in Python.
715This implementation is slow (hence the project name) but still useful when
716faster ones are not available.")
717 (license license:asl2.0)))
718
719(define-public python-pyaes
720 (package
721 (name "python-pyaes")
6de86fd5 722 (version "1.6.1")
cc6f4912
LC		 723 (source
724 (origin
725 (method url-fetch)
726 (uri (pypi-uri "pyaes" version))
727 (sha256
728 (base32
6de86fd5 729 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 730 (build-system python-build-system)
731 (home-page "https://github.com/ricmoo/pyaes")
732 (synopsis "Implementation of AES in Python")
733 (description "This package contains a pure-Python implementation of the
734AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
735ECB and OFB).")
736 (license license:expat)))
737
738(define-public python2-pyaes
739 (package-with-python2 python-pyaes))
b95c17c5
LC		 740
741(define-public python-asn1crypto
742 (package
743 (name "python-asn1crypto")
19f2a526 744 (version "0.24.0")
b95c17c5
LC		 745 (source
746 (origin
d3b7feb7
EF		 747 (method git-fetch)
748 (uri (git-reference
b0e7b699 749 (url "https://github.com/wbond/asn1crypto")
d3b7feb7
EF		 750 (commit version)))
751 (file-name (git-file-name name version))
b95c17c5
LC		 752 (sha256
753 (base32
19f2a526 754 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 755 (build-system python-build-system)
756 (home-page "https://github.com/wbond/asn1crypto")
757 (synopsis "ASN.1 parser and serializer in Python")
758 (description "asn1crypto is an ASN.1 parser and serializer with definitions
759for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
760PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
761 (license license:expat)))
762
763(define-public python2-asn1crypto
764 (package-with-python2 python-asn1crypto))
765
766(define-public python-pynacl
767 (package
768 (name "python-pynacl")
f5e3f02f 769 (version "1.4.0")
b95c17c5
LC		 770 (source
771 (origin
772 (method url-fetch)
773 (uri (pypi-uri "PyNaCl" version))
774 (modules '((guix build utils)))
f5e3f02f
MB		 775 (snippet
776 '(begin
777 ;; Remove spurious dependency on python-wheel, can be removed
778 ;; for 1.5.
779 (substitute* "setup.py"
780 (("\"wheel\"") ""))
781 ;; Remove bundled libsodium.
782 (delete-file-recursively "src/libsodium")
783 #t))
b95c17c5
LC		 784 (sha256
785 (base32
f5e3f02f 786 "01b56hxrbif3hx8l6rwz5kljrgvlbj7shmmd2rjh0hn7974a5sal"))))
b95c17c5
LC		 787 (build-system python-build-system)
788 (arguments
f5e3f02f
MB		 789 `(#:modules (,@%python-build-system-modules
790 (guix build utils)
791 (ice-9 ftw)
792 (srfi srfi-26))
793 #:phases
794 (modify-phases (@ (guix build python-build-system) %standard-phases)
b95c17c5
LC		 795 (add-before 'build 'use-system-sodium
796 (lambda _
797 (setenv "SODIUM_INSTALL" "system")
f5e3f02f
MB		 798 #t))
799 (replace 'check
800 (lambda _
801 (let ((build-directory
802 (car (scandir "build" (cut string-prefix? "lib" <>)))))
803 (setenv "PYTHONPATH"
804 (string-append "./build/" build-directory ":"
805 (getenv "PYTHONPATH")))
806 (invoke "pytest" "-vv")))))))
b95c17c5 807 (native-inputs
6969ad0e
LF		 808 `(("python-hypothesis" ,python-hypothesis)
809 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 810 (propagated-inputs
811 `(("python-cffi" ,python-cffi)
812 ("python-six" ,python-six)
813 ("libsodium" ,libsodium)))
814 (home-page "https://github.com/pyca/pynacl/")
815 (synopsis "Python bindings to libsodium")
816 (description
817 "PyNaCl is a Python binding to libsodium, which is a fork of the
818Networking and Cryptography library. These libraries have a stated goal
819of improving usability, security and speed.")
820 (license license:asl2.0)))
821
acc6e695
JL		 822(define-public python2-pynacl
823 (package-with-python2 python-pynacl))
824
b95c17c5
LC		 825(define-public python2-pgpdump
826 (package
827 (name "python2-pgpdump")
828 (version "1.5")
829 (source
830 (origin
831 (method url-fetch)
832 (uri (pypi-uri "pgpdump" version))
833 (sha256
834 (base32
835 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
836 (build-system python-build-system)
837
838 ;; Currently fails to build with Python 3.
839 (arguments `(#:python ,python-2))
840
841 (home-page "https://github.com/toofishes/python-pgpdump")
842 (synopsis "Python library for parsing PGP packets")
843 (description
844 "Python-pgpdump is an OpenPGP packet parser based on
845@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
846
847@itemize
848@item signature packets;
849@item public key packets;
850@item secret key packets;
851@item trust, user ID, and user attribute packets;
852@item ASCII-armor decoding and CRC check.
853@end itemize\n")
854 (license license:bsd-3)))
855
856(define-public python2-roca-detect
857 (package
858 (name "python2-roca-detect")
859 (version "1.0.8")
860 (source
861 (origin
862 (method url-fetch)
863 (uri (pypi-uri "roca-detect" version))
864 (sha256
865 (base32
866 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
867 (build-system python-build-system)
868 (native-inputs
869 ;; TODO: apk_parse_ph4, pyjks
870 `(("python2-dateutil" ,python2-dateutil)
871 ("python2-six" ,python2-six)
872 ("python2-cryptography" ,python2-cryptography)
873 ("python2-future" ,python2-future)
874 ("python2-coloredlogs" ,python2-coloredlogs)
875 ("python2-pgpdump" ,python2-pgpdump)))
876 (arguments
877 `(;; Basic testing routine is quite simple and works with Py3
878 ;; but the rest of the code that processes the different
879 ;; key formats and extracts the modulus for inspection is
880 ;; not yet fully py3 ready.
881 #:python ,python-2))
882 (home-page "https://github.com/crocs-muni/roca")
883 (synopsis "ROCA detection tool")
884 (description
885 "This tool is related to the paper entitled @i{Return of the
886Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
887enables you to test public RSA keys for a presence of the described
888vulnerability. Currently the tool supports the following key formats: X.509
889Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
890key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
891file, and more.")
892 (license license:gpl3)))
d0d5f726 893
3eca7ff9
EF		 894(define-public python-blurhash
895 (package
896 (name "python-blurhash")
897 (version "1.1.4")
898 (source
899 (origin
900 ;; Tests not included in pypi release and releases not tagged in git repo.
901 (method git-fetch)
902 (uri (git-reference
903 (url "https://github.com/halcy/blurhash-python")
904 (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8")))
905 (file-name (git-file-name name version))
906 (sha256
907 (base32
908 "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf"))))
909 (build-system python-build-system)
910 (arguments
911 '(#:phases
912 (modify-phases %standard-phases
913 (replace 'check
914 (lambda _
915 (delete-file "setup.cfg")
916 (invoke "pytest"))))))
917 (native-inputs
918 `(("python-numpy" ,python-numpy)
919 ("python-pillow" ,python-pillow)
920 ("python-pytest" ,python-pytest)))
921 (home-page "https://github.com/halcy/blurhash-python")
922 (synopsis
923 "Pure-Python implementation of the blurhash algorithm")
924 (description
925 "Pure-Python implementation of the blurhash algorithm.")
926 (license license:expat)))
927
d0d5f726
DM		 928(define-public python-ecpy
929 (package
930 (name "python-ecpy")
37da5813 931 (version "0.10.0")
d0d5f726
DM		 932 (source
933 (origin
934 (method url-fetch)
935 (uri (pypi-uri "ECPy" version))
936 (sha256
937 (base32
37da5813 938 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 939 (build-system python-build-system)
940 (propagated-inputs
941 `(("python-future" ,python-future)))
942 (home-page "https://github.com/ubinity/ECPy")
943 (synopsis "Pure Python Elliptic Curve Library")
944 (description "This package provides a Elliptic Curve Library in pure
945Python.")
946 (license license:asl2.0)))
947
948(define-public python2-ecpy
949 (package-with-python2 python-ecpy))
c1927129
LF		 950
951(define-public python-josepy
952 (package
953 (name "python-josepy")
205044b9 954 (version "1.1.0")
c1927129
LF		 955 (source (origin
956 (method url-fetch)
957 (uri (pypi-uri "josepy" version))
958 (sha256
959 (base32
205044b9 960 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 961 (build-system python-build-system)
962 (arguments
205044b9 963 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 964 '(#:tests? #f))
965 (propagated-inputs
966 `(("python-cryptography" ,python-cryptography)
967 ("python-pyopenssl" ,python-pyopenssl)
968 ("python-six" ,python-six)))
205044b9 969;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 970; (native-inputs
971; `(("python-coverage" ,python-coverage)
972; ("python-flake8" ,python-flake8)
973; ("python-isort" ,python-isort)
974; ("python-mock" ,python-mock)
205044b9 975; ("python-pytest" ,python-pytest)
c1927129
LF		 976; ("python-pytest-cov" ,python-pytest-cov)
977; ("python-pytest-cache" ,python-pytest-cache)
978; ("python-pytest-flake8" ,python-pytest-flake8)))
979 (home-page "https://github.com/certbot/josepy")
980 (synopsis "JOSE protocol implementation in Python")
981 (description "This package provides a Python implementation of the JOSE
982protocol (Javascript Object Signing and Encryption).")
983 (license license:asl2.0)))
984
985(define-public python2-josepy
986 (package-with-python2 python-josepy))
d32456d5
OP		 987
988(define-public python-pycryptodome
989 (package
990 (name "python-pycryptodome")
a62887d3 991 (version "3.7.3")
d32456d5
OP		 992 (source
993 (origin
994 (method url-fetch)
995 (uri (pypi-uri "pycryptodome" version))
996 (sha256
997 (base32
a62887d3 998 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 999 (build-system python-build-system)
1000 (home-page "https://www.pycryptodome.org")
1001 (synopsis "Cryptographic library for Python")
1002 (description "This package provides a cryptographic library for Python.
1003
1004It brings the following enhancements with respect to the last official version
1005of PyCrypto:
1006
1007@itemize
1008@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
1009@item Accelerated AES on Intel platforms via AES-NI
1010@item First class support for PyPy
1011@item Elliptic curves cryptography (NIST P-256 curve only)
1012@item Better and more compact API (nonce and iv attributes for ciphers,
1013automatic generation of random nonces and IVs, simplified CTR cipher mode, and
1014more)
1015@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
1016@item Salsa20 and ChaCha20 stream ciphers
1017@item scrypt and HKDF
1018@item Deterministic (EC)DSA
1019@item Password-protected PKCS#8 key containers
1020@item Shamir’s Secret Sharing scheme
1021@item Random numbers get sourced directly from the OS (and not from a CSPRNG
1022in userspace)
1023@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
1024@item Major clean ups and simplification of the code base
1025@end itemize\n")
1026 (license license:bsd-2)))
1027
1028(define-public python2-pycryptodome
1029 (package-with-python2 python-pycryptodome))
2f691218
 1030
1031(define-public python-m2crypto
1032 (package
1033 (name "python-m2crypto")
3b4cc5cb 1034 (version "0.35.2")
2f691218
 1035 (source
1036 (origin
1037 (method url-fetch)
1038 (uri (pypi-uri "M2Crypto" version))
1039 (sha256
3b4cc5cb 1040 (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc"))))
2f691218
 1041 (build-system python-build-system)
1042 (inputs `(("openssl" ,openssl)))
4764e83c 1043 (native-inputs `(("swig" ,swig)))
2f691218
 1044 (home-page "https://gitlab.com/m2crypto/m2crypto")
1045 (synopsis "Python crypto and TLS toolkit")
1046 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
1047featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
1048(including AES); TLS functionality to implement clients and servers; HTTPS
1049extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
1050AuthCookies for web session management; FTP/TLS client and server; S/MIME;
1051M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
1052through the Engine interface.")
e810de3e 1053 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 1054 (license license:expat)))
1055
1056(define-public python2-m2crypto
e810de3e
MB		 1057 (let ((m2crypto (package-with-python2
1058 (strip-python2-variant python-m2crypto))))
1059 (package (inherit m2crypto)
1060 (propagated-inputs
1061 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 1062
1063(define-public python-pylibscrypt
1064 (package
1065 (name "python-pylibscrypt")
1066 (version "1.7.1")
1067 (source
1068 (origin
1069 (method url-fetch)
1070 (uri (pypi-uri "pylibscrypt" version))
1071 (sha256
1072 (base32
1073 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
1074 (build-system python-build-system)
1075 (arguments
929d4d2f
NG		 1076 `(#:phases
1077 (modify-phases %standard-phases
1078 (add-before 'build 'hard-code-path-to-libscrypt
1079 (lambda* (#:key inputs #:allow-other-keys)
1080 (let ((libscrypt (assoc-ref inputs "libscrypt")))
1081 (substitute* "pylibscrypt/pylibscrypt.py"
1082 (("find_library\\('scrypt'\\)")
1083 (string-append "'" libscrypt "/lib/libscrypt.so'")))
1084 #t))))
1085 ;; The library can use various scrypt implementations and tests all of
1086 ;; them. Since we only provide a single implementation, most tests
1087 ;; fail. Simply skip them.
1088 #:tests? #f))
1089 ;; FIXME: Using "libscrypt" is the second best choice. The best one
1090 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
1091 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 1092 (inputs
929d4d2f 1093 `(("libscrypt" ,libscrypt)))
c158d476
NG		 1094 (home-page "https://github.com/jvarho/pylibscrypt")
1095 (synopsis "Scrypt for Python")
1096 (description "There are a lot of different scrypt modules for Python, but
1097none of them have everything that I'd like, so here's one more. It uses
929d4d2f 1098@code{libscrypt}.")
c158d476 1099 (license license:isc)))
40c6e454
NG		 1100
1101(define-public python-libnacl
1102 (package
1103 (name "python-libnacl")
1104 (version "1.6.1")
1105 (source
1106 (origin
1107 (method url-fetch)
1108 (uri (pypi-uri "libnacl" version))
1109 (sha256
1110 (base32
1111 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
1112 (build-system python-build-system)
1113 (arguments
1114 `(#:phases
1115 (modify-phases %standard-phases
1116 (add-after 'unpack 'locate-libsodium
1117 (lambda* (#:key inputs #:allow-other-keys)
1118 (substitute* "libnacl/__init__.py"
1119 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
1120 _ pre post)
1121 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
1122 "/lib/libsodium.so")))
1123 (string-append pre libsodium post)))))))))
1124 (native-inputs
1125 `(("python-pyhamcrest" ,python-pyhamcrest)))
1126 (inputs
1127 `(("libsodium" ,libsodium)))
1128 (home-page "https://libnacl.readthedocs.org/")
1129 (synopsis "Python bindings for libsodium based on ctypes")
1130 (description "@code{libnacl} is used to gain direct access to the
1131functions exposed by @code{NaCl} library via @code{libsodium}. It has
1132been constructed to maintain extensive documentation on how to use
1133@code{NaCl} as well as being completely portable.")
1134 (license license:asl2.0)))
cb91f6ae 1135
1fa1d822
NG		 1136(define-public python-scrypt
1137 (package
1138 (name "python-scrypt")
cc314e90 1139 (version "0.8.7")
1fa1d822
NG		 1140 (source
1141 (origin
1142 (method url-fetch)
1143 (uri (pypi-uri "scrypt" version))
1144 (sha256
1145 (base32
cc314e90 1146 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 1147 (build-system python-build-system)
1148 (inputs
1149 `(("openssl" ,openssl)))
20c604c5 1150 (home-page "https://bitbucket.org/mhallin/py-scrypt")
1fa1d822
NG		 1151 (synopsis "Bindings for the scrypt key derivation function library")
1152 (description "This is a set of Python bindings for the scrypt key
1153derivation function.")
1154 (license license:bsd-2)))
8afe166d
NN		 1155
1156(define-public python-service-identity
1157 (package
1158 (name "python-service-identity")
c105e509 1159 (version "18.1.0")
8afe166d
NN		 1160 (source
1161 (origin
1162 (method url-fetch)
1163 (uri (pypi-uri "service_identity" version))
1164 (sha256
1165 (base32
c105e509 1166 "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
8afe166d
NN		 1167 (build-system python-build-system)
1168 (propagated-inputs
1169 `(("python-attrs" ,python-attrs)
1170 ("python-pyasn1" ,python-pyasn1)
1171 ("python-pyasn1-modules" ,python-pyasn1-modules)
1172 ("python-pyopenssl" ,python-pyopenssl)))
1173 (home-page "https://service-identity.readthedocs.io/")
1174 (synopsis "Service identity verification for PyOpenSSL")
1175 (description
1176 "@code{service_identity} aspires to give you all the tools you need
1177for verifying whether a certificate is valid for the intended purposes.
1178In the simplest case, this means host name verification. However,
1179service_identity implements RFC 6125 fully and plans to add other
1180relevant RFCs too.")
1181 (license license:expat)))
1182
1183(define-public python2-service-identity
1184 (package-with-python2 python-service-identity))
0a90c789
LF		 1185
1186(define-public python-hkdf
1187 (package
1188 (name "python-hkdf")
1189 (version "0.0.3")
1190 (source
1191 (origin
1192 (method url-fetch)
1193 (uri (pypi-uri "hkdf" version))
1194 (sha256
1195 (base32
1196 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1197 (build-system python-build-system)
1198 (native-inputs
1199 `(("python-nose" ,python-nose)))
1200 (home-page "https://github.com/casebeer/python-hkdf")
1201 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1202 (description "This package provides a Python implementation of the HMAC Key
1203Derivation function (HKDF) defined in RFC 5869.")
1204 (license license:bsd-2)))
fc681a18
LF		 1205
1206(define-public python-spake2
1207 (package
1208 (name "python-spake2")
1209 (version "0.8")
1210 (source
1211 (origin
1212 (method url-fetch)
1213 (uri (pypi-uri "spake2" version))
1214 (sha256
1215 (base32
1216 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1217 (build-system python-build-system)
1218 (propagated-inputs
1219 `(("python-hkdf" ,python-hkdf)))
1220 (home-page "https://github.com/warner/python-spake2")
1221 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1222 (description "This package provides a Python implementation of the SPAKE2
1223Password-Authenticated Key Exchange algorithm.")
1224 (license license:expat)))
215f3db0
LF		 1225
1226(define-public python-txtorcon
1227 (package
1228 (name "python-txtorcon")
1229 (version "19.0.0")
1230 (source
1231 (origin
1232 (method url-fetch)
1233 (uri (pypi-uri "txtorcon" version))
1234 (sha256
1235 (base32
1236 "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p"))))
1237 (build-system python-build-system)
1238 (arguments
1239 ;; The tests fail immediately due to a missing file. Reported upstream:
1240 ;; <https://github.com/meejah/txtorcon/issues/330>
1241 `(#:tests? #f))
1242 (propagated-inputs
1243 `(("python-automat" ,python-automat)
1244 ("python-idna" ,python-idna)
1245 ("python-incremental" ,python-incremental)
215f3db0
LF		 1246 ("python-service-identity" ,python-service-identity)
1247 ("python-twisted" ,python-twisted)
1248 ("python-zope-interface" ,python-zope-interface)))
1249 (home-page "https://github.com/meejah/txtorcon")
1250 (synopsis "Twisted-based Tor controller client")
1251 (description "This package provides a Twisted-based Tor controller client,
1252with state-tracking and configuration abstractions.")
1253 (license license:expat)))
93953ec7
GLV		 1254
1255(define-public python-keyutils
1256 (package
1257 (name "python-keyutils")
1258 (version "0.6")
1259 (source
1260 (origin
1261 (method url-fetch)
1262 (uri (pypi-uri "keyutils" version))
1263 (sha256
1264 (base32
1265 "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9"))))
1266 (build-system python-build-system)
1267 (native-inputs
1268 `(("python-pytest" ,python-pytest)
1269 ("python-pytest-runner" ,python-pytest-runner)))
1270 (inputs
1271 `(("keyutils" ,keyutils)))
1272 (arguments
1273 '(#:tests? #f))
1274 (home-page "https://github.com/sassoftware/python-keyutils")
1275 (synopsis "Python bindings for keyutils")
1276 (description
1277 "This is a set of python bindings for keyutils, a key management suite
1278that leverages the infrastructure provided by the Linux kernel for safely
a806b0b0 1279storing and retrieving sensitive information in your programs.")
93953ec7 1280 (license license:asl2.0)))
1f15cbc8
CL		 1281
1282(define-public python-mcuboot-imgtool
1283 (package
1284 (name "python-mcuboot-imgtool")
1285 (version "1.4.0")
1286 (source
1287 (origin
1288 (method git-fetch)
1289 (uri (git-reference
1290 (url "https://github.com/JuulLabs-OSS/mcuboot")
1291 (commit (string-append "v" version))))
1292 (file-name (git-file-name name version))
1293 (sha256
1294 (base32
1295 "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q"))))
1296 (build-system python-build-system)
1297 (arguments
1298 `(#:phases
1299 (modify-phases %standard-phases
1300 (add-after 'unpack 'fix-broken-test
1301 (lambda _
1302 (substitute* "scripts/imgtool/keys/ed25519_test.py"
1303 (("raw_sign") "sign_digest"))
1304 #t))
1305 (add-before 'build 'change-directory
1306 (lambda _
1307 (chdir "scripts")
1308 #t)))))
1309 (propagated-inputs
1310 `(("python-click" ,python-click)
1311 ("python-intelhex" ,python-intelhex)
1312 ("python-cryptography" ,python-cryptography)))
1313 (home-page "https://mcuboot.com")
1314 (synopsis "Tool to securely sign firmware images for booting by MCUboot")
1315 (description "MCUboot is a secure bootloader for 32-bit MCUs. This
1316package provides a tool to securely sign firmware images for booting by
1317MCUboot.")
1318 (license license:expat)))
83feb3d0 1319
163997c9
AT		 1320(define-public python-ntlm-auth
1321 (package
1322 (name "python-ntlm-auth")
1323 (version "1.4.0")
1324 (source
1325 (origin
1326 (method url-fetch)
1327 (uri (pypi-uri "ntlm-auth" version))
1328 (sha256
1329 (base32
1330 "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm"))))
1331 (build-system python-build-system)
1332 (propagated-inputs
1333 `(("python-cryptography" ,python-cryptography)))
1334 (home-page "https://github.com/jborean93/ntlm-auth")
1335 (synopsis
1336 "Calculates NTLM Authentication codes")
1337 (description
1338 "This library handles the low-level details of NTLM authentication for
1339use in authenticating with a service that uses NTLM. It will create and parse
1340the 3 different message types in the order required and produce a base64
1341encoded value that can be attached to the HTTP header.
1342
1343The goal of this library is to offer full NTLM support including signing and
1344sealing of messages as well as supporting MIC for message integrity and the
1345ability to customise and set limits on the messages sent. Please see Features
1346and Backlog for a list of what is and is not currently supported.")
1347 (license license:expat)))
1348
4ee1ea76
EF		 1349(define-public python-secretstorage
1350 (package
1351 (name "python-secretstorage")
1352 (version "3.1.2")
1353 (source
1354 (origin
1355 (method url-fetch)
1356 (uri (pypi-uri "SecretStorage" version))
1357 (sha256
1358 (base32
1359 "1xmzr0j3066s220bss4nkgqbiwb5k4kkp2rkpqlqwjb5kfc8mnhm"))))
1360 (build-system python-build-system)
1361 (arguments
1362 '(#:tests? #f)) ; Tests require a running dbus service.
1363 (propagated-inputs
1364 `(("python-cryptography" ,python-cryptography)
1365 ("python-jeepney" ,python-jeepney)))
1366 (home-page "https://github.com/mitya57/secretstorage")
1367 (synopsis "Python bindings to FreeDesktop.org Secret Service API")
1368 (description
1369 "@code{python-secretstorage} provides a way for securely storing passwords
1370and other secrets. It uses D-Bus Secret Service API that is supported by GNOME
1371Keyring (since version 2.30) and KSecretsService. SecretStorage supports most
1372of the functions provided by Secret Service, including creating and deleting
1373items and collections, editing items, locking and unlocking collections
1374(asynchronous unlocking is also supported).")
1375 (license license:bsd-3)))
1376
960dafce
VM		 1377(define-public python-trustme
1378 (package
1379 (name "python-trustme")
1380 (version "0.6.0")
1381 (source
1382 (origin
1383 (method url-fetch)
1384 (uri (pypi-uri "trustme" version))
1385 (sha256
1386 (base32 "0v3vr5z6apnfmklf07m45kv5kaqvm6hxrkaqywch57bjd2siiywx"))))
1387 (build-system python-build-system)
1388 (arguments
1389 `(#:phases
1390 (modify-phases %standard-phases
1391 (replace 'check
1392 (lambda* (#:key inputs outputs #:allow-other-keys)
1393 (add-installed-pythonpath inputs outputs)
1394 (invoke "pytest" "-vv"))))))
1395 (native-inputs
1396 `(("python-more-itertools" ,python-more-itertools)
1397 ("python-pyopenssl" ,python-pyopenssl)
1398 ("python-pytest" ,python-pytest)
1399 ("python-pytest-cov" ,python-pytest-cov)
1400 ("python-service-identity" ,python-service-identity)
1401 ("python-zipp" ,python-zipp)))
1402 (propagated-inputs
1403 `(("python-cryptography" ,python-cryptography)))
1404 (home-page "https://github.com/python-trio/trustme")
1405 (synopsis "Fake a certificate authority for tests")
1406 (description
1407 "@code{trustme} is a tiny Python package that does one thing: it gives you
1408a fake certificate authority (CA) that you can use to generate fake TLS certs to
1409use in your tests.")
1410 ;; Either license applies.
1411 (license (list license:expat license:asl2.0))))
1412
5e5c695d
EF		 1413(define-public python-certipy
1414 (package
1415 (name "python-certipy")
1416 (version "0.1.3")
1417 (source
1418 (origin
1419 (method url-fetch)
1420 (uri (pypi-uri "certipy" version))
1421 (sha256
1422 (base32
1423 "0n980gqpzh0fm58h3i4mi2i10wgj606lscm1r5sk60vbf6vh8mv9"))))
1424 (build-system python-build-system)
1425 (propagated-inputs
1426 `(("python-pyopenssl" ,python-pyopenssl)))
1427 (native-inputs
1428 `(("python-pytest" ,python-pytest)))
1429 (home-page "https://github.com/LLNL/certipy")
1430 (synopsis "Utility to create and sign CAs and certificates")
1431 (description
1432 "Certipy was made to simplify the certificate creation process. To that
1433end, certipy exposes methods for creating and managing certificate authorities,
1434certificates, signing and building trust bundles.")
1435 (license license:bsd-3)))
1436
83feb3d0
EF		 1437(define-public python-jeepney
1438 (package
1439 (name "python-jeepney")
5d844fd6 1440 (version "0.4.3")
83feb3d0
EF		 1441 (source
1442 (origin
1443 (method url-fetch)
1444 (uri (pypi-uri "jeepney" version))
1445 (sha256
5d844fd6 1446 (base32 "0vp3p1lqhqk2kd3254q5sxr50znmm2hmysc8a7g0fr1brihvhy9l"))))
83feb3d0
EF		 1447 (build-system python-build-system)
1448 (native-inputs
1449 `(("python-testpath" ,python-testpath)
1450 ("python-tornado" ,python-tornado)
1451 ("python-pytest" ,python-pytest)))
1452 (home-page "https://gitlab.com/takluyver/jeepney")
1453 (synopsis "Low-level, pure Python DBus protocol wrapper")
1454 (description
1455 "This is a low-level, pure Python DBus protocol client. It has an
1456I/O-free core, and integration modules for different event loops.")
1457 (license license:expat)))
08310637
EF		 1458
1459(define-public python-argon2-cffi
1460 (package
1461 (name "python-argon2-cffi")
9813805b 1462 (version "20.1.0")
08310637
EF		 1463 (source
1464 (origin
1465 (method url-fetch)
1466 (uri (pypi-uri "argon2-cffi" version))
1467 (sha256
1468 (base32
9813805b 1469 "0zgr4mnnm0p4i99023safb0qb8cgvl202nly1rvylk2b7qnrn0nq"))
08310637
EF		 1470 (modules '((guix build utils)))
1471 (snippet '(begin (delete-file-recursively "extras") #t))))
1472 (build-system python-build-system)
1473 (arguments
1474 '(#:phases
1475 (modify-phases %standard-phases
1476 (replace 'build
1477 (lambda _
1478 (setenv "ARGON2_CFFI_USE_SYSTEM" "1")
1479 (invoke "python" "setup.py" "build")))
1480 (replace 'check
1481 (lambda* (#:key inputs outputs #:allow-other-keys)
1482 (add-installed-pythonpath inputs outputs)
1483 (invoke "pytest")
1484 (invoke "python" "-m" "argon2" "--help")
1485 ;; see tox.ini
1486 (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1"))))))
1487 (propagated-inputs
1488 `(("python-cffi" ,python-cffi)
1489 ("python-six" ,python-six)))
1490 (inputs `(("argon2" ,argon2)))
1491 (native-inputs
1492 `(("python-hypothesis" ,python-hypothesis)
1493 ("python-pytest" ,python-pytest)))
1494 (home-page "https://argon2-cffi.readthedocs.io/")
1495 (synopsis "Secure Password Hashes for Python")
1496 (description
1497 "Argon2 is a secure password hashing algorithm. It is designed to have
1498both a configurable runtime as well as memory consumption. This means that you
1499can decide how long it takes to hash a password and how much memory is required.")
1500 (license license:expat)))
0a124c46
EF		 1501
1502(define-public python-privy
1503 (package
1504 (name "python-privy")
1505 (version "6.0.0")
1506 (source
1507 (origin
1508 (method git-fetch)
1509 (uri (git-reference
1510 ;; Releases are untagged
1511 (url "https://github.com/ofek/privy")
1512 (commit "2838db3df239797c71bddacc48a4c49a83f35747")))
1513 (file-name (git-file-name name version))
1514 (sha256
1515 (base32
1516 "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9"))))
1517 (build-system python-build-system)
1518 (arguments
1519 '(#:phases
1520 (modify-phases %standard-phases
1521 (replace 'check
1522 (lambda _
1523 (invoke "python" "-m" "pytest"))))))
1524 (native-inputs
1525 `(("python-pytest" ,python-pytest)))
1526 (propagated-inputs
1527 `(("python-argon2-cffi" ,python-argon2-cffi)
1528 ("python-cryptography" ,python-cryptography)))
1529 (home-page "https://www.dropbox.com/developers")
1530 (synopsis "Library to password-protect your data")
1531 (description
1532 "Privy is a small and fast utility for password-protecting secret
1533data such as API keys, cryptocurrency wallets, or seeds for digital
1534signatures.")
1535 (license (list license:expat license:asl2.0)))) ; dual licensed
1b11e894
JW		 1536
1537(define-public python-pgpy
1538 (package
1539 (name "python-pgpy")
1540 (version "0.5.2")
1541 (source
1542 (origin
1543 (method url-fetch)
1544 (uri (pypi-uri "PGPy" version))
1545 (sha256
1546 (base32
1547 "0i4lqhzdwkjkim3wab0kqadx28z3r5ixlh6qxj4lif4gif56c0m7"))))
1548 (build-system python-build-system)
1549 (native-inputs
1550 `(("python-cryptography" ,python-cryptography)
1551 ("python-pyasn1" ,python-pyasn1)
1552 ("python-singledispatch" ,python-singledispatch)
1553 ("python-six" ,python-six)))
1554 (home-page "https://github.com/SecurityInnovation/PGPy")
1555 (synopsis "Python implementation of OpenPGP")
1556 (description
1557 "Currently, PGPy can load keys and signatures of all kinds in both ASCII
1558armored and binary formats.
1559
1560It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It
1561can also encrypt and decrypt messages using RSA and ECDH.")
1562 (license license:bsd-3)))
df6fb956
JW		 1563
1564(define-public python-sop
1565 (package
1566 (name "python-sop")
1567 (version "0.2.0")
1568 (source
1569 (origin
1570 (method url-fetch)
1571 (uri (pypi-uri "sop" version))
1572 (sha256
1573 (base32
1574 "0gljyjsdn6hdmwlwwb5g5s0c031p6izamvfxp0d39x60af8k5jyf"))))
1575 (build-system python-build-system)
1576 (arguments
1577 '(#:tests? #f)) ; There are no tests, and unittest throws an error trying
1578 ; to find some:
1579 ; TypeError: don't know how to make test from: 0.2.0
1580 (home-page "https://gitlab.com/dkg/python-sop")
1581 (synopsis "Stateless OpenPGP Command-Line Interface")
1582 (description
1583 "The Stateless OpenPGP Command-Line Interface (or sop) is a
1584specification that encourages OpenPGP implementors to provide a common,
1585relatively simple command-line API for purposes of object security.
1586
1587This Python module helps implementers build such a CLI from any implementation
1588accessible to the Python interpreter.
1589
1590It does not provide such an implementation itself -- this is just the
1591scaffolding for the command line, which should make it relatively easy to
1592supply a handful of python functions as methods to a class.")
1593 (license license:expat))) ; MIT license
jackhill's copy of GNU Guix: https://guix.gnu.org/