HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: Add python-spake2.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
da3e0cd9 3;;; Copyright © 2015, 2016, 2017, 2018, 2019 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
cc6f4912
LC		 5;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
ceb5b11b 11;;; Copyright © 2016, 2017, 2018, 2019 Tobias Geerinckx-Rice <me@tobias.gr>
4a78fd46 12;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912
LC		 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
16;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net>
17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
cc6f4912
LC		 22;;;
23;;; This file is part of GNU Guix.
24;;;
25;;; GNU Guix is free software; you can redistribute it and/or modify it
26;;; under the terms of the GNU General Public License as published by
27;;; the Free Software Foundation; either version 3 of the License, or (at
28;;; your option) any later version.
29;;;
30;;; GNU Guix is distributed in the hope that it will be useful, but
31;;; WITHOUT ANY WARRANTY; without even the implied warranty of
32;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
33;;; GNU General Public License for more details.
34;;;
35;;; You should have received a copy of the GNU General Public License
36;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
37
38(define-module (gnu packages python-crypto)
39 #:use-module (guix packages)
40 #:use-module (guix download)
41 #:use-module (guix git-download)
42 #:use-module (guix build-system python)
43 #:use-module (gnu packages)
ac257f12 44 #:use-module (gnu packages check)
b95c17c5 45 #:use-module (gnu packages crypto)
cc6f4912
LC		 46 #:use-module (gnu packages libffi)
47 #:use-module (gnu packages multiprecision)
48 #:use-module (gnu packages protobuf)
49 #:use-module (gnu packages python)
cb91f6ae 50 #:use-module (gnu packages python-web)
44d10b1f 51 #:use-module (gnu packages python-xyz)
33dc54b0 52 #:use-module (gnu packages time)
cc6f4912
LC		 53 #:use-module (gnu packages tls)
54 #:use-module ((guix licenses) #:prefix license:)
55 #:use-module (srfi srfi-1))
56
cef6dc64
NG		 57(define-public python-base58
58 (package
59 (name "python-base58")
ceb5b11b 60 (version "1.0.3")
cef6dc64
NG		 61 (source
62 (origin
63 (method url-fetch)
64 (uri (pypi-uri "base58" version))
65 (sha256
66 (base32
ceb5b11b 67 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 68 (build-system python-build-system)
69 (native-inputs
70 `(("python-pyhamcrest" ,python-pyhamcrest)))
71 (home-page "https://github.com/keis/base58")
72 (synopsis "Base58 and Base58Check implementation")
73 (description "Base58 and Base58Check implementation compatible
74with what is used by the Bitcoin network.")
75 (license license:expat)))
76
7c16af46
MB		 77(define-public python-bcrypt
78 (package
79 (name "python-bcrypt")
92d9104d 80 (version "3.1.6")
7c16af46
MB		 81 (source
82 (origin
83 (method url-fetch)
84 (uri (pypi-uri "bcrypt" version))
85 (sha256
86 (base32
92d9104d 87 "1sh2xh0iragdq8dhssc1cdd02nppjq7b5kmv0qladfi2s9cnfqs4"))))
7c16af46
MB		 88 (build-system python-build-system)
89 (native-inputs
90 `(("python-pycparser" ,python-pycparser)
91 ("python-pytest" ,python-pytest)))
92 (propagated-inputs
93 `(("python-cffi" ,python-cffi)
94 ("python-six" ,python-six)))
95 (home-page "https://github.com/pyca/bcrypt/")
96 (synopsis
97 "Modern password hashing library")
98 (description
99 "Bcrypt is a Python module which provides a password hashing method based
100on the Blowfish password hashing algorithm, as described in
101@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
102Password Scheme\"} by Niels Provos and David Mazieres.")
103 (license license:asl2.0)))
104
105(define-public python2-bcrypt
106 (package-with-python2 python-bcrypt))
107
cc6f4912
LC		 108(define-public python-passlib
109 (package
110 (name "python-passlib")
111 (version "1.7.1")
112 (source
113 (origin
114 (method url-fetch)
115 (uri (pypi-uri "passlib" version))
116 (sha256
117 (base32
118 "1q2khqpj9rlcgdmkypjdq1kswvhjf72bq0zk2cv669cc2dj8z51x"))))
119 (build-system python-build-system)
120 (native-inputs
121 `(("python-nose" ,python-nose)))
122 (propagated-inputs
123 `(("python-py-bcrypt" ,python-py-bcrypt)))
124 (arguments
125 `(#:phases
126 (modify-phases %standard-phases
127 (add-before 'check 'set-PYTHON_EGG_CACHE
128 ;; some tests require access to "$HOME/.cython"
129 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
130 (home-page "https://bitbucket.org/ecollins/passlib")
131 (synopsis
132 "Comprehensive password hashing framework")
133 (description
134 "Passlib is a password hashing library for Python 2 & 3, which provides
135cross-platform implementations of over 30 password hashing algorithms, as well
136as a framework for managing existing password hashes. It's designed to be
137useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
138to providing full-strength password hashing for multi-user application.")
139 (license license:bsd-3)))
140
141(define-public python2-passlib
142 (package-with-python2 python-passlib))
143
144(define-public python-py-bcrypt
145 (package
146 (name "python-py-bcrypt")
147 (version "0.4")
148 (source
149 (origin
150 (method url-fetch)
27864e7c 151 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 152 (sha256
153 (base32
154 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
155 (build-system python-build-system)
156 (home-page "https://code.google.com/p/py-bcrypt")
157 (synopsis
158 "Bcrypt password hashing and key derivation")
159 (description
160 "A python wrapper of OpenBSD's Blowfish password hashing code. This
161system hashes passwords using a version of Bruce Schneier's Blowfish block
162cipher with modifications designed to raise the cost of off-line password
163cracking and frustrate fast hardware implementation. The computation cost of
164the algorithm is parametised, so it can be increased as computers get faster.
165The intent is to make a compromise of a password database less likely to
166result in an attacker gaining knowledge of the plaintext passwords (e.g. using
167John the Ripper).")
168 ;; "sha2.c" is under BSD-3;
169 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
170 ;; the rest is under ISC.
171 (license (list license:isc license:bsd-3 license:bsd-4))))
172
173(define-public python2-py-bcrypt
174 (package-with-python2 python-py-bcrypt))
175
e64088f0
VC		 176(define-public python-pyblake2
177 (package
178 (name "python-pyblake2")
179 (version "1.1.2")
180 (source
181 (origin
182 (method url-fetch)
183 (uri (pypi-uri "pyblake2" version))
184 (sha256
185 (base32
186 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
187 (build-system python-build-system)
188 (home-page "https://github.com/dchest/pyblake2")
189 (synopsis "BLAKE2 hash function for Python")
190 (description "BLAKE2 is a cryptographic hash function, which offers
191stronger security while being as fast as MD5 or SHA-1, and comes in two
192flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
193of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
19432-bit platforms and produces digests of any size between 1 and 32 bytes.
195
196This package provides a Python interface for BLAKE2.")
197 ;; The COPYING file declares it as public domain, with the option to
198 ;; alternatively use and redistribute it under a variety of permissive
199 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
200 (license (list license:public-domain license:cc0))))
201
cc6f4912
LC		 202(define-public python-paramiko
203 (package
204 (name "python-paramiko")
6569549d 205 (version "2.4.2")
cc6f4912
LC		 206 (source
207 (origin
208 (method url-fetch)
209 (uri (pypi-uri "paramiko" version))
210 (sha256
211 (base32
6569549d 212 "1jqgj2gl1pz7bi2aab1r2xq0ml0gskmm9p235cg9y32nydymm5x8"))))
cc6f4912
LC		 213 (build-system python-build-system)
214 (arguments
8e84eb68
MB		 215 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
216 #:tests? #f))
cc6f4912 217 (propagated-inputs
2fbc38e3
LF		 218 `(("python-bcrypt" ,python-bcrypt)
219 ("python-pyasn1" ,python-pyasn1)
220 ("python-pynacl" ,python-pynacl)
cc6f4912 221 ("python-cryptography" ,python-cryptography)))
101ad242 222 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 223 (synopsis "SSHv2 protocol library")
224 (description "Paramiko is a python implementation of the SSHv2 protocol,
225providing both client and server functionality. While it leverages a Python C
226extension for low level cryptography (PyCrypto), Paramiko itself is a pure
227Python interface around SSH networking concepts.")
228 (license license:lgpl2.1+)))
229
230(define-public python2-paramiko
231 (package-with-python2 python-paramiko))
232
233(define-public python-ecdsa
234 (package
235 (name "python-ecdsa")
236 (version "0.13")
237 (source
238 (origin
239 (method url-fetch)
86228e56 240 (uri (pypi-uri "ecdsa" version))
cc6f4912
LC		 241 (sha256
242 (base32
243 "1yj31j0asmrx4an9xvsaj2icdmzy6pw0glfpqrrkrphwdpi1xkv4"))))
244 (build-system python-build-system)
245 (inputs
246 `(("openssl" ,openssl)))
247 (home-page
248 "https://github.com/warner/python-ecdsa")
249 (synopsis
250 "ECDSA cryptographic signature library (pure python)")
251 (description
252 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
253Curve Digital Signature Algorithm), implemented purely in Python. With this
254library, you can quickly create keypairs (signing key and verifying key), sign
255messages, and verify the signatures. The keys and signatures are very short,
256making them easy to handle and incorporate into other protocols.")
257 (license license:expat)))
258
259(define-public python2-ecdsa
260 (package-with-python2 python-ecdsa))
261
262;;; Pycrypto is abandoned upstream:
263;;;
264;;; https://github.com/dlitz/pycrypto/issues/173
265;;;
266;;; TODO Remove this package from GNU Guix.
267(define-public python-pycrypto
268 (package
269 (name "python-pycrypto")
270 (version "2.6.1")
271 (source
272 (origin
273 (method url-fetch)
274 (uri (pypi-uri "pycrypto" version))
275 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"))
276 (sha256
277 (base32
278 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
279 (build-system python-build-system)
280 (inputs
281 `(("python" ,python)
282 ("gmp" ,gmp)))
283 (arguments
284 `(#:phases
285 (modify-phases %standard-phases
286 (add-before 'build 'set-build-env
287 ;; pycrypto runs an autoconf configure script behind the scenes
288 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
289 (home-page "http://www.pycrypto.org/")
290 (synopsis "Cryptographic modules for Python")
291 (description
292 "Pycrypto is a collection of both secure hash functions (such as SHA256
293and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
294etc.). The package is structured to make adding new modules easy.")
295 (license license:public-domain)))
296
297(define-public python2-pycrypto
298 (let ((pycrypto (package-with-python2 python-pycrypto)))
299 (package (inherit pycrypto)
300 (inputs
301 `(("python" ,python-2)
302 ,@(alist-delete
303 "python"
304 (package-inputs pycrypto)))))))
305
306(define-public python-keyring
307 (package
308 (name "python-keyring")
309 (version "8.7")
310 (source
311 (origin
312 (method url-fetch)
313 (uri (pypi-uri "keyring" version))
314 (sha256
315 (base32
316 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
317 (build-system python-build-system)
318 (native-inputs
770b1d65
EF		 319 `(("python-pytest" ,python-pytest)
320 ("python-pytest-runner" ,python-pytest-runner)
321 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912
LC		 322 (propagated-inputs
323 `(("python-pycrypto" ,python-pycrypto)))
cc6f4912
LC		 324 (home-page "https://github.com/jaraco/keyring")
325 (synopsis "Store and access your passwords safely")
326 (description
327 "The Python keyring lib provides a easy way to access the system keyring
328service from python. It can be used in any application that needs safe
329password storage.")
330 ;; "MIT" and PSF dual license
331 (license license:x11)))
332
333(define-public python2-keyring
334 (package-with-python2 python-keyring))
335
336(define-public python-certifi
337 (package
338 (name "python-certifi")
da3e0cd9 339 (version "2018.11.29")
cc6f4912
LC		 340 (source (origin
341 (method url-fetch)
342 (uri (pypi-uri "certifi" version))
343 (sha256
344 (base32
da3e0cd9 345 "1dvccavd2fzq4j37w0sznylp92ps14zi6gvlxzm23in0yhzciya7"))))
cc6f4912
LC		 346 (build-system python-build-system)
347 (home-page "https://certifi.io/")
348 (synopsis "Python CA certificate bundle")
349 (description
350 "Certifi is a Python library that contains a CA certificate bundle, which
351is used by the Requests library to verify HTTPS requests.")
352 (license license:asl2.0)))
353
354(define-public python2-certifi
355 (package-with-python2 python-certifi))
356
357(define-public python-cryptography-vectors
358 (package
359 (name "python-cryptography-vectors")
20669750 360 (version "2.5")
cc6f4912
LC		 361 (source
362 (origin
363 (method url-fetch)
364 (uri (pypi-uri "cryptography_vectors" version))
365 (sha256
366 (base32
20669750 367 "15qfl3pnw2f11r0z0zhwl56f6pb60ysav8fxmpnz5p80cfwljdik"))))
cc6f4912
LC		 368 (build-system python-build-system)
369 (home-page "https://github.com/pyca/cryptography")
370 (synopsis "Test vectors for the cryptography package")
371 (description
372 "This package contains test vectors for the cryptography package.")
373 ;; Distributed under either BSD-3 or ASL2.0
374 (license (list license:bsd-3 license:asl2.0))))
375
376(define-public python2-cryptography-vectors
377 (package-with-python2 python-cryptography-vectors))
378
379(define-public python-cryptography
380 (package
381 (name "python-cryptography")
20669750 382 (version "2.5")
cc6f4912
LC		 383 (source
384 (origin
385 (method url-fetch)
386 (uri (pypi-uri "cryptography" version))
387 (sha256
388 (base32
20669750 389 "00c4d7gvsymlaw0r13zrm32dcnarmpayjyrh65yymlmr6mrbcij9"))))
cc6f4912
LC		 390 (build-system python-build-system)
391 (inputs
392 `(("openssl" ,openssl)))
393 (propagated-inputs
394 `(("python-asn1crypto" ,python-asn1crypto)
395 ("python-cffi" ,python-cffi)
396 ("python-six" ,python-six)
397 ("python-idna" ,python-idna)
398 ("python-iso8601" ,python-iso8601)))
399 (native-inputs
400 `(("python-cryptography-vectors" ,python-cryptography-vectors)
401 ("python-hypothesis" ,python-hypothesis)
402 ("python-pretend" ,python-pretend)
403 ("python-pytz" ,python-pytz)
2dd12924 404 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 405 (home-page "https://github.com/pyca/cryptography")
406 (synopsis "Cryptographic recipes and primitives for Python")
407 (description
408 "cryptography is a package which provides cryptographic recipes and
409primitives to Python developers. It aims to be the “cryptographic standard
410library” for Python. The package includes both high level recipes, and low
411level interfaces to common cryptographic algorithms such as symmetric ciphers,
412message digests and key derivation functions.")
413 ;; Distributed under either BSD-3 or ASL2.0
414 (license (list license:bsd-3 license:asl2.0))
415 (properties `((python2-variant . ,(delay python2-cryptography))))))
416
417(define-public python2-cryptography
418 (let ((crypto (package-with-python2
419 (strip-python2-variant python-cryptography))))
420 (package (inherit crypto)
421 (propagated-inputs
422 `(("python2-ipaddress" ,python2-ipaddress)
423 ("python2-backport-ssl-match-hostname"
424 ,python2-backport-ssl-match-hostname)
425 ("python2-enum34" ,python2-enum34)
426 ,@(package-propagated-inputs crypto))))))
427
428(define-public python-pyopenssl
429 (package
430 (name "python-pyopenssl")
c6e33df9 431 (version "19.0.0")
cc6f4912
LC		 432 (source
433 (origin
434 (method url-fetch)
435 (uri (pypi-uri "pyOpenSSL" version))
436 (sha256
437 (base32
c6e33df9 438 "007j40y7x3k8xj54dy2qnij9lldfp71k9mkflhd9vqbdiwrndjmf"))))
cc6f4912
LC		 439 (build-system python-build-system)
440 (arguments
441 '(#:phases
442 (modify-phases %standard-phases
443 (delete 'check)
444 (add-after 'install 'check
445 (lambda* (#:key inputs outputs #:allow-other-keys)
446 (add-installed-pythonpath inputs outputs)
c6e33df9
RW		 447 (invoke "py.test" "-v" "-k"
448 (string-append
449 ;; This test tries to look up certificates from
450 ;; the compiled-in default path in OpenSSL, which
451 ;; does not exist in the build environment.
452 "not test_fallback_default_verify_paths "
453 ;; This test attempts to make a connection to
454 ;; an external web service.
455 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 456 (propagated-inputs
457 `(("python-cryptography" ,python-cryptography)
458 ("python-six" ,python-six)))
459 (inputs
460 `(("openssl" ,openssl)))
461 (native-inputs
462 `(("python-flaky" ,python-flaky)
463 ("python-pretend" ,python-pretend)
2dd12924 464 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 465 (home-page "https://github.com/pyca/pyopenssl")
466 (synopsis "Python wrapper module around the OpenSSL library")
467 (description
468 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
469library.")
470 (license license:asl2.0)))
471
472(define-public python2-pyopenssl
473 (package-with-python2 python-pyopenssl))
474
579b4362
DM		 475(define-public python-ed25519
476 (package
477 (name "python-ed25519")
478 (version "1.4")
479 (source
480 (origin
481 (method url-fetch)
482 (uri (pypi-uri "ed25519" version))
483 (sha256
484 (base32
485 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
486 (build-system python-build-system)
487 (home-page "https://github.com/warner/python-ed25519")
488 (synopsis "Ed25519 public-key signatures")
489 (description "Ed25519 public-key signatures")
490 (license license:expat)))
491
492(define-public python2-ed25519
493 (package-with-python2 python-ed25519))
494
cc6f4912
LC		 495(define-public python-axolotl-curve25519
496 (package
497 (name "python-axolotl-curve25519")
498 (version "0.1")
499 (source
500 (origin
501 (method git-fetch)
502 (uri (git-reference
503 (url "https://github.com/tgalal/python-axolotl-curve25519")
504 (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2")))
505 (file-name (string-append name "-" version "-checkout"))
506 (sha256
507 (base32
508 "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra"))))
509 (build-system python-build-system)
510 (arguments
511 `(;; Prevent creation of the egg. This works around
512 ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765
513 #:configure-flags '("--root=/")))
514 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
515 (synopsis "Python wrapper for curve25519 library")
516 (description "This is a python wrapper for the curve25519 library
517with ed25519 signatures. The C code was pulled from
518libaxolotl-android. At the moment this wrapper is meant for use by
519python-axolotl.")
520 (license (list license:gpl3 ; Most files
521 license:bsd-3)))) ; curve/curve25519-donna.c
522
523(define-public python2-axolotl-curve25519
524 (package-with-python2 python-axolotl-curve25519))
525
526(define-public python-axolotl
527 (package
528 (name "python-axolotl")
51f887f3 529 (version "0.1.39")
cc6f4912
LC		 530 (source
531 (origin
532 (method url-fetch)
533 (uri (string-append
534 "https://github.com/tgalal/python-axolotl/archive/"
535 version ".tar.gz"))
536 (file-name (string-append name "-" version ".tar.gz"))
51f887f3 537 (patches (search-patches "python-axolotl-AES-fix.patch"))
cc6f4912 538 (sha256
51f887f3 539 (base32 "0badsgkgz0ir3hqynxzsfjgacppi874syvvmgccc6j164053x6zm"))))
cc6f4912
LC		 540 (build-system python-build-system)
541 (arguments
542 `(#:phases
543 (modify-phases %standard-phases
544 ;; Don't install tests
545 (add-before 'install 'remove-tests
546 (lambda _
547 (for-each delete-file-recursively
548 '("axolotl/tests" "build/lib/axolotl/tests"))
549 #t)))))
550 (propagated-inputs
551 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
552 ("python-dateutil" ,python-dateutil)
553 ("python-protobuf" ,python-protobuf)
554 ("python-pycrypto" ,python-pycrypto)))
555 (home-page "https://github.com/tgalal/python-axolotl")
556 (synopsis "Python port of libaxolotl-android")
557 (description "This is a python port of libaxolotl-android. This
558is a ratcheting forward secrecy protocol that works in synchronous and
559asynchronous messaging environments.")
560 (license license:gpl3)))
561
562(define-public python2-axolotl
563 (package-with-python2 python-axolotl))
564
565;; SlowAES isn't compatible with Python 3.
566(define-public python2-slowaes
567 (package
568 (name "python2-slowaes")
569 (version "0.1a1")
570 (source
571 (origin
572 (method url-fetch)
573 (uri (pypi-uri "slowaes" version))
574 (sha256
575 (base32
576 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
577 (build-system python-build-system)
578 (arguments `(#:python ,python-2))
579 (home-page "http://code.google.com/p/slowaes/")
580 (synopsis "Implementation of AES in Python")
581 (description "This package contains an implementation of AES in Python.
582This implementation is slow (hence the project name) but still useful when
583faster ones are not available.")
584 (license license:asl2.0)))
585
586(define-public python-pyaes
587 (package
588 (name "python-pyaes")
6de86fd5 589 (version "1.6.1")
cc6f4912
LC		 590 (source
591 (origin
592 (method url-fetch)
593 (uri (pypi-uri "pyaes" version))
594 (sha256
595 (base32
6de86fd5 596 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 597 (build-system python-build-system)
598 (home-page "https://github.com/ricmoo/pyaes")
599 (synopsis "Implementation of AES in Python")
600 (description "This package contains a pure-Python implementation of the
601AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
602ECB and OFB).")
603 (license license:expat)))
604
605(define-public python2-pyaes
606 (package-with-python2 python-pyaes))
b95c17c5
LC		 607
608(define-public python-asn1crypto
609 (package
610 (name "python-asn1crypto")
19f2a526 611 (version "0.24.0")
b95c17c5
LC		 612 (source
613 (origin
d3b7feb7
EF		 614 (method git-fetch)
615 (uri (git-reference
616 (url "https://github.com/wbond/asn1crypto.git")
617 (commit version)))
618 (file-name (git-file-name name version))
b95c17c5
LC		 619 (sha256
620 (base32
19f2a526 621 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 622 (build-system python-build-system)
623 (home-page "https://github.com/wbond/asn1crypto")
624 (synopsis "ASN.1 parser and serializer in Python")
625 (description "asn1crypto is an ASN.1 parser and serializer with definitions
626for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
627PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
628 (license license:expat)))
629
630(define-public python2-asn1crypto
631 (package-with-python2 python-asn1crypto))
632
633(define-public python-pynacl
634 (package
635 (name "python-pynacl")
60ed8787 636 (version "1.3.0")
b95c17c5
LC		 637 (source
638 (origin
639 (method url-fetch)
640 (uri (pypi-uri "PyNaCl" version))
641 (modules '((guix build utils)))
3a844a98 642 ;; Remove bundled libsodium.
6cbee49d
MW		 643 (snippet '(begin (delete-file-recursively "src/libsodium")
644 #t))
b95c17c5
LC		 645 (sha256
646 (base32
60ed8787 647 "0330wyvggm19xhmwmz9rrr97lzbv3siwfy50gmax3vvgs7nh0q8c"))))
b95c17c5
LC		 648 (build-system python-build-system)
649 (arguments
650 `(#:phases
651 (modify-phases %standard-phases
652 (add-before 'build 'use-system-sodium
653 (lambda _
654 (setenv "SODIUM_INSTALL" "system")
655 #t)))))
656 (native-inputs
6969ad0e
LF		 657 `(("python-hypothesis" ,python-hypothesis)
658 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 659 (propagated-inputs
660 `(("python-cffi" ,python-cffi)
661 ("python-six" ,python-six)
662 ("libsodium" ,libsodium)))
663 (home-page "https://github.com/pyca/pynacl/")
664 (synopsis "Python bindings to libsodium")
665 (description
666 "PyNaCl is a Python binding to libsodium, which is a fork of the
667Networking and Cryptography library. These libraries have a stated goal
668of improving usability, security and speed.")
669 (license license:asl2.0)))
670
acc6e695
JL		 671(define-public python2-pynacl
672 (package-with-python2 python-pynacl))
673
b95c17c5
LC		 674(define-public python2-pgpdump
675 (package
676 (name "python2-pgpdump")
677 (version "1.5")
678 (source
679 (origin
680 (method url-fetch)
681 (uri (pypi-uri "pgpdump" version))
682 (sha256
683 (base32
684 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
685 (build-system python-build-system)
686
687 ;; Currently fails to build with Python 3.
688 (arguments `(#:python ,python-2))
689
690 (home-page "https://github.com/toofishes/python-pgpdump")
691 (synopsis "Python library for parsing PGP packets")
692 (description
693 "Python-pgpdump is an OpenPGP packet parser based on
694@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
695
696@itemize
697@item signature packets;
698@item public key packets;
699@item secret key packets;
700@item trust, user ID, and user attribute packets;
701@item ASCII-armor decoding and CRC check.
702@end itemize\n")
703 (license license:bsd-3)))
704
705(define-public python2-roca-detect
706 (package
707 (name "python2-roca-detect")
708 (version "1.0.8")
709 (source
710 (origin
711 (method url-fetch)
712 (uri (pypi-uri "roca-detect" version))
713 (sha256
714 (base32
715 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
716 (build-system python-build-system)
717 (native-inputs
718 ;; TODO: apk_parse_ph4, pyjks
719 `(("python2-dateutil" ,python2-dateutil)
720 ("python2-six" ,python2-six)
721 ("python2-cryptography" ,python2-cryptography)
722 ("python2-future" ,python2-future)
723 ("python2-coloredlogs" ,python2-coloredlogs)
724 ("python2-pgpdump" ,python2-pgpdump)))
725 (arguments
726 `(;; Basic testing routine is quite simple and works with Py3
727 ;; but the rest of the code that processes the different
728 ;; key formats and extracts the modulus for inspection is
729 ;; not yet fully py3 ready.
730 #:python ,python-2))
731 (home-page "https://github.com/crocs-muni/roca")
732 (synopsis "ROCA detection tool")
733 (description
734 "This tool is related to the paper entitled @i{Return of the
735Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
736enables you to test public RSA keys for a presence of the described
737vulnerability. Currently the tool supports the following key formats: X.509
738Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
739key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
740file, and more.")
741 (license license:gpl3)))
d0d5f726
DM		 742
743(define-public python-ecpy
744 (package
745 (name "python-ecpy")
37da5813 746 (version "0.10.0")
d0d5f726
DM		 747 (source
748 (origin
749 (method url-fetch)
750 (uri (pypi-uri "ECPy" version))
751 (sha256
752 (base32
37da5813 753 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 754 (build-system python-build-system)
755 (propagated-inputs
756 `(("python-future" ,python-future)))
757 (home-page "https://github.com/ubinity/ECPy")
758 (synopsis "Pure Python Elliptic Curve Library")
759 (description "This package provides a Elliptic Curve Library in pure
760Python.")
761 (license license:asl2.0)))
762
763(define-public python2-ecpy
764 (package-with-python2 python-ecpy))
c1927129
LF		 765
766(define-public python-josepy
767 (package
768 (name "python-josepy")
205044b9 769 (version "1.1.0")
c1927129
LF		 770 (source (origin
771 (method url-fetch)
772 (uri (pypi-uri "josepy" version))
773 (sha256
774 (base32
205044b9 775 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 776 (build-system python-build-system)
777 (arguments
205044b9 778 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 779 '(#:tests? #f))
780 (propagated-inputs
781 `(("python-cryptography" ,python-cryptography)
782 ("python-pyopenssl" ,python-pyopenssl)
783 ("python-six" ,python-six)))
205044b9 784;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 785; (native-inputs
786; `(("python-coverage" ,python-coverage)
787; ("python-flake8" ,python-flake8)
788; ("python-isort" ,python-isort)
789; ("python-mock" ,python-mock)
205044b9 790; ("python-pytest" ,python-pytest)
c1927129
LF		 791; ("python-pytest-cov" ,python-pytest-cov)
792; ("python-pytest-cache" ,python-pytest-cache)
793; ("python-pytest-flake8" ,python-pytest-flake8)))
794 (home-page "https://github.com/certbot/josepy")
795 (synopsis "JOSE protocol implementation in Python")
796 (description "This package provides a Python implementation of the JOSE
797protocol (Javascript Object Signing and Encryption).")
798 (license license:asl2.0)))
799
800(define-public python2-josepy
801 (package-with-python2 python-josepy))
d32456d5
OP		 802
803(define-public python-pycryptodome
804 (package
805 (name "python-pycryptodome")
a62887d3 806 (version "3.7.3")
d32456d5
OP		 807 (source
808 (origin
809 (method url-fetch)
810 (uri (pypi-uri "pycryptodome" version))
811 (sha256
812 (base32
a62887d3 813 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 814 (build-system python-build-system)
815 (home-page "https://www.pycryptodome.org")
816 (synopsis "Cryptographic library for Python")
817 (description "This package provides a cryptographic library for Python.
818
819It brings the following enhancements with respect to the last official version
820of PyCrypto:
821
822@itemize
823@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
824@item Accelerated AES on Intel platforms via AES-NI
825@item First class support for PyPy
826@item Elliptic curves cryptography (NIST P-256 curve only)
827@item Better and more compact API (nonce and iv attributes for ciphers,
828automatic generation of random nonces and IVs, simplified CTR cipher mode, and
829more)
830@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
831@item Salsa20 and ChaCha20 stream ciphers
832@item scrypt and HKDF
833@item Deterministic (EC)DSA
834@item Password-protected PKCS#8 key containers
835@item Shamir’s Secret Sharing scheme
836@item Random numbers get sourced directly from the OS (and not from a CSPRNG
837in userspace)
838@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
839@item Major clean ups and simplification of the code base
840@end itemize\n")
841 (license license:bsd-2)))
842
843(define-public python2-pycryptodome
844 (package-with-python2 python-pycryptodome))
2f691218
 845
846(define-public python-m2crypto
847 (package
848 (name "python-m2crypto")
cb61baf0 849 (version "0.30.1")
2f691218
 850 (source
851 (origin
852 (method url-fetch)
853 (uri (pypi-uri "M2Crypto" version))
854 (sha256
cb61baf0 855 (base32 "1iizrpkn4c2n70nvcjqlmnk6fz3vddkrjmwavz1zlsnwv8f7bcm1"))))
2f691218
 856 (build-system python-build-system)
857 (inputs `(("openssl" ,openssl)))
2f691218
 858 (home-page "https://gitlab.com/m2crypto/m2crypto")
859 (synopsis "Python crypto and TLS toolkit")
860 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
861featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
862(including AES); TLS functionality to implement clients and servers; HTTPS
863extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
864AuthCookies for web session management; FTP/TLS client and server; S/MIME;
865M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
866through the Engine interface.")
e810de3e 867 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 868 (license license:expat)))
869
870(define-public python2-m2crypto
e810de3e
MB		 871 (let ((m2crypto (package-with-python2
872 (strip-python2-variant python-m2crypto))))
873 (package (inherit m2crypto)
874 (propagated-inputs
875 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 876
877(define-public python-pylibscrypt
878 (package
879 (name "python-pylibscrypt")
880 (version "1.7.1")
881 (source
882 (origin
883 (method url-fetch)
884 (uri (pypi-uri "pylibscrypt" version))
885 (sha256
886 (base32
887 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
888 (build-system python-build-system)
889 (arguments
929d4d2f
NG		 890 `(#:phases
891 (modify-phases %standard-phases
892 (add-before 'build 'hard-code-path-to-libscrypt
893 (lambda* (#:key inputs #:allow-other-keys)
894 (let ((libscrypt (assoc-ref inputs "libscrypt")))
895 (substitute* "pylibscrypt/pylibscrypt.py"
896 (("find_library\\('scrypt'\\)")
897 (string-append "'" libscrypt "/lib/libscrypt.so'")))
898 #t))))
899 ;; The library can use various scrypt implementations and tests all of
900 ;; them. Since we only provide a single implementation, most tests
901 ;; fail. Simply skip them.
902 #:tests? #f))
903 ;; FIXME: Using "libscrypt" is the second best choice. The best one
904 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
905 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 906 (inputs
929d4d2f 907 `(("libscrypt" ,libscrypt)))
c158d476
NG		 908 (home-page "https://github.com/jvarho/pylibscrypt")
909 (synopsis "Scrypt for Python")
910 (description "There are a lot of different scrypt modules for Python, but
911none of them have everything that I'd like, so here's one more. It uses
929d4d2f 912@code{libscrypt}.")
c158d476 913 (license license:isc)))
40c6e454
NG		 914
915(define-public python-libnacl
916 (package
917 (name "python-libnacl")
918 (version "1.6.1")
919 (source
920 (origin
921 (method url-fetch)
922 (uri (pypi-uri "libnacl" version))
923 (sha256
924 (base32
925 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
926 (build-system python-build-system)
927 (arguments
928 `(#:phases
929 (modify-phases %standard-phases
930 (add-after 'unpack 'locate-libsodium
931 (lambda* (#:key inputs #:allow-other-keys)
932 (substitute* "libnacl/__init__.py"
933 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
934 _ pre post)
935 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
936 "/lib/libsodium.so")))
937 (string-append pre libsodium post)))))))))
938 (native-inputs
939 `(("python-pyhamcrest" ,python-pyhamcrest)))
940 (inputs
941 `(("libsodium" ,libsodium)))
942 (home-page "https://libnacl.readthedocs.org/")
943 (synopsis "Python bindings for libsodium based on ctypes")
944 (description "@code{libnacl} is used to gain direct access to the
945functions exposed by @code{NaCl} library via @code{libsodium}. It has
946been constructed to maintain extensive documentation on how to use
947@code{NaCl} as well as being completely portable.")
948 (license license:asl2.0)))
cb91f6ae 949
1fa1d822
NG		 950(define-public python-scrypt
951 (package
952 (name "python-scrypt")
cc314e90 953 (version "0.8.7")
1fa1d822
NG		 954 (source
955 (origin
956 (method url-fetch)
957 (uri (pypi-uri "scrypt" version))
958 (sha256
959 (base32
cc314e90 960 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 961 (build-system python-build-system)
962 (inputs
963 `(("openssl" ,openssl)))
964 (home-page "http://bitbucket.org/mhallin/py-scrypt")
965 (synopsis "Bindings for the scrypt key derivation function library")
966 (description "This is a set of Python bindings for the scrypt key
967derivation function.")
968 (license license:bsd-2)))
8afe166d
NN		 969
970(define-public python-service-identity
971 (package
972 (name "python-service-identity")
973 (version "17.0.0")
974 (source
975 (origin
976 (method url-fetch)
977 (uri (pypi-uri "service_identity" version))
978 (sha256
979 (base32
980 "1aq24cn3nnsjr9g797dayhx4g653h6bd41ksqhidzq0rvarzn0a0"))))
981 (build-system python-build-system)
982 (propagated-inputs
983 `(("python-attrs" ,python-attrs)
984 ("python-pyasn1" ,python-pyasn1)
985 ("python-pyasn1-modules" ,python-pyasn1-modules)
986 ("python-pyopenssl" ,python-pyopenssl)))
987 (home-page "https://service-identity.readthedocs.io/")
988 (synopsis "Service identity verification for PyOpenSSL")
989 (description
990 "@code{service_identity} aspires to give you all the tools you need
991for verifying whether a certificate is valid for the intended purposes.
992In the simplest case, this means host name verification. However,
993service_identity implements RFC 6125 fully and plans to add other
994relevant RFCs too.")
995 (license license:expat)))
996
997(define-public python2-service-identity
998 (package-with-python2 python-service-identity))
0a90c789
LF		 999
1000(define-public python-hkdf
1001 (package
1002 (name "python-hkdf")
1003 (version "0.0.3")
1004 (source
1005 (origin
1006 (method url-fetch)
1007 (uri (pypi-uri "hkdf" version))
1008 (sha256
1009 (base32
1010 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1011 (build-system python-build-system)
1012 (native-inputs
1013 `(("python-nose" ,python-nose)))
1014 (home-page "https://github.com/casebeer/python-hkdf")
1015 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1016 (description "This package provides a Python implementation of the HMAC Key
1017Derivation function (HKDF) defined in RFC 5869.")
1018 (license license:bsd-2)))
fc681a18
LF		 1019
1020(define-public python-spake2
1021 (package
1022 (name "python-spake2")
1023 (version "0.8")
1024 (source
1025 (origin
1026 (method url-fetch)
1027 (uri (pypi-uri "spake2" version))
1028 (sha256
1029 (base32
1030 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1031 (build-system python-build-system)
1032 (propagated-inputs
1033 `(("python-hkdf" ,python-hkdf)))
1034 (home-page "https://github.com/warner/python-spake2")
1035 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1036 (description "This package provides a Python implementation of the SPAKE2
1037Password-Authenticated Key Exchange algorithm.")
1038 (license license:expat)))
jackhill's copy of GNU Guix: https://guix.gnu.org/