HCoop / jackhill / guix / guix.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gnu: calibre: Wrap QTWEBENGINEPROCESS_PATH.
[jackhill/guix/guix.git] / gnu / packages / python-crypto.scm
CommitLineData
cc6f4912
LC		 1;;; GNU Guix --- Functional package management for GNU
2;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
263ea4eb 3;;; Copyright © 2015, 2016, 2017, 2018, 2019, 2020 Efraim Flashner <efraim@flashner.co.il>
0a90c789 4;;; Copyright © 2015, 2016, 2017, 2019 Leo Famulari <leo@famulari.name>
55e51b66 5;;; Copyright © 2016, 2017, 2020 Marius Bakke <mbakke@fastmail.com>
cc6f4912
LC		 6;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
7;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
8;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
9;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
10;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
5d844fd6 11;;; Copyright © 2016, 2017, 2018, 2019, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
3c986a7d 12;;; Copyright © 2016, 2017 Nikita <nikita@n0.is>
cc6f4912 13;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
c6e33df9 14;;; Copyright © 2015, 2016, 2017, 2019 Ricardo Wurmus <rekado@elephly.net>
cc6f4912 15;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
74f01758 16;;; Copyright © 2016, 2017, 2020 Arun Isaac <arunisaac@systemreboot.net>
cc6f4912 17;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
2f691218 18;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org>
cef6dc64 19;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr>
e64088f0 20;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org>
8afe166d 21;;; Copyright © 2018 Nam Nguyen <namn@berkeley.edu>
93953ec7 22;;; Copyright © 2019 Guillaume Le Vaillant <glv@posteo.net>
1f15cbc8 23;;; Copyright © 2019 Clément Lassieur <clement@lassieur.org>
f8dcdf2b 24;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
1b11e894 25;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org>
960dafce 26;;; Copyright © 2020 Vinicius Monego <monego@posteo.net>
cc6f4912
LC		 27;;;
28;;; This file is part of GNU Guix.
29;;;
30;;; GNU Guix is free software; you can redistribute it and/or modify it
31;;; under the terms of the GNU General Public License as published by
32;;; the Free Software Foundation; either version 3 of the License, or (at
33;;; your option) any later version.
34;;;
35;;; GNU Guix is distributed in the hope that it will be useful, but
36;;; WITHOUT ANY WARRANTY; without even the implied warranty of
37;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
38;;; GNU General Public License for more details.
39;;;
40;;; You should have received a copy of the GNU General Public License
41;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
42
43(define-module (gnu packages python-crypto)
44 #:use-module (guix packages)
45 #:use-module (guix download)
46 #:use-module (guix git-download)
47 #:use-module (guix build-system python)
48 #:use-module (gnu packages)
ac257f12 49 #:use-module (gnu packages check)
b95c17c5 50 #:use-module (gnu packages crypto)
f8dcdf2b 51 #:use-module (gnu packages kerberos)
cc6f4912
LC		 52 #:use-module (gnu packages libffi)
53 #:use-module (gnu packages multiprecision)
08310637 54 #:use-module (gnu packages password-utils)
cc6f4912
LC		 55 #:use-module (gnu packages protobuf)
56 #:use-module (gnu packages python)
6fedf6f2 57 #:use-module (gnu packages python-check)
960dafce 58 #:use-module (gnu packages python-compression)
cb91f6ae 59 #:use-module (gnu packages python-web)
44d10b1f 60 #:use-module (gnu packages python-xyz)
4764e83c 61 #:use-module (gnu packages swig)
33dc54b0 62 #:use-module (gnu packages time)
cc6f4912
LC		 63 #:use-module (gnu packages tls)
64 #:use-module ((guix licenses) #:prefix license:)
65 #:use-module (srfi srfi-1))
66
cef6dc64
NG		 67(define-public python-base58
68 (package
69 (name "python-base58")
ceb5b11b 70 (version "1.0.3")
cef6dc64
NG		 71 (source
72 (origin
73 (method url-fetch)
74 (uri (pypi-uri "base58" version))
75 (sha256
76 (base32
ceb5b11b 77 "0q1yr0n5jaf17xq98m7dma6z4rh8p19ch55l1s09gi3rk5ckqycs"))))
cef6dc64
NG		 78 (build-system python-build-system)
79 (native-inputs
80 `(("python-pyhamcrest" ,python-pyhamcrest)))
81 (home-page "https://github.com/keis/base58")
82 (synopsis "Base58 and Base58Check implementation")
83 (description "Base58 and Base58Check implementation compatible
84with what is used by the Bitcoin network.")
85 (license license:expat)))
86
7c16af46
MB		 87(define-public python-bcrypt
88 (package
89 (name "python-bcrypt")
b5cb4624 90 (version "3.1.7")
7c16af46
MB		 91 (source
92 (origin
93 (method url-fetch)
94 (uri (pypi-uri "bcrypt" version))
95 (sha256
b5cb4624 96 (base32 "0hhywhxx301cxivgxrpslrangbfpccc8y83qbwn1f57cab3nj00b"))))
7c16af46
MB		 97 (build-system python-build-system)
98 (native-inputs
99 `(("python-pycparser" ,python-pycparser)
100 ("python-pytest" ,python-pytest)))
101 (propagated-inputs
102 `(("python-cffi" ,python-cffi)
103 ("python-six" ,python-six)))
104 (home-page "https://github.com/pyca/bcrypt/")
105 (synopsis
106 "Modern password hashing library")
107 (description
108 "Bcrypt is a Python module which provides a password hashing method based
109on the Blowfish password hashing algorithm, as described in
110@url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable
111Password Scheme\"} by Niels Provos and David Mazieres.")
112 (license license:asl2.0)))
113
114(define-public python2-bcrypt
115 (package-with-python2 python-bcrypt))
116
cc6f4912
LC		 117(define-public python-passlib
118 (package
119 (name "python-passlib")
aadd107d 120 (version "1.7.2")
cc6f4912
LC		 121 (source
122 (origin
123 (method url-fetch)
124 (uri (pypi-uri "passlib" version))
125 (sha256
aadd107d 126 (base32 "1a5ngap7kq0b4azq8nlfg6xg5bcl1i0v1sbynhmbr631jgpnqrld"))))
cc6f4912
LC		 127 (build-system python-build-system)
128 (native-inputs
129 `(("python-nose" ,python-nose)))
130 (propagated-inputs
131 `(("python-py-bcrypt" ,python-py-bcrypt)))
132 (arguments
133 `(#:phases
134 (modify-phases %standard-phases
135 (add-before 'check 'set-PYTHON_EGG_CACHE
136 ;; some tests require access to "$HOME/.cython"
137 (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
138 (home-page "https://bitbucket.org/ecollins/passlib")
aadd107d 139 (synopsis "Comprehensive password hashing framework")
cc6f4912
LC		 140 (description
141 "Passlib is a password hashing library for Python 2 & 3, which provides
142cross-platform implementations of over 30 password hashing algorithms, as well
143as a framework for managing existing password hashes. It's designed to be
144useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
145to providing full-strength password hashing for multi-user application.")
146 (license license:bsd-3)))
147
148(define-public python2-passlib
149 (package-with-python2 python-passlib))
150
151(define-public python-py-bcrypt
152 (package
153 (name "python-py-bcrypt")
154 (version "0.4")
155 (source
156 (origin
157 (method url-fetch)
27864e7c 158 (uri (pypi-uri "py-bcrypt" version))
cc6f4912
LC		 159 (sha256
160 (base32
161 "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
162 (build-system python-build-system)
163 (home-page "https://code.google.com/p/py-bcrypt")
164 (synopsis
165 "Bcrypt password hashing and key derivation")
166 (description
167 "A python wrapper of OpenBSD's Blowfish password hashing code. This
168system hashes passwords using a version of Bruce Schneier's Blowfish block
169cipher with modifications designed to raise the cost of off-line password
170cracking and frustrate fast hardware implementation. The computation cost of
3defa90d 171the algorithm is parametrised, so it can be increased as computers get faster.
cc6f4912
LC		 172The intent is to make a compromise of a password database less likely to
173result in an attacker gaining knowledge of the plaintext passwords (e.g. using
174John the Ripper).")
175 ;; "sha2.c" is under BSD-3;
176 ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
177 ;; the rest is under ISC.
178 (license (list license:isc license:bsd-3 license:bsd-4))))
179
180(define-public python2-py-bcrypt
181 (package-with-python2 python-py-bcrypt))
182
e64088f0
VC		 183(define-public python-pyblake2
184 (package
185 (name "python-pyblake2")
186 (version "1.1.2")
187 (source
188 (origin
189 (method url-fetch)
190 (uri (pypi-uri "pyblake2" version))
191 (sha256
192 (base32
193 "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w"))))
194 (build-system python-build-system)
195 (home-page "https://github.com/dchest/pyblake2")
196 (synopsis "BLAKE2 hash function for Python")
197 (description "BLAKE2 is a cryptographic hash function, which offers
198stronger security while being as fast as MD5 or SHA-1, and comes in two
199flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests
200of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to
20132-bit platforms and produces digests of any size between 1 and 32 bytes.
202
203This package provides a Python interface for BLAKE2.")
204 ;; The COPYING file declares it as public domain, with the option to
205 ;; alternatively use and redistribute it under a variety of permissive
206 ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c.
207 (license (list license:public-domain license:cc0))))
208
cc6f4912
LC		 209(define-public python-paramiko
210 (package
211 (name "python-paramiko")
c7aee804 212 (version "2.7.2")
cc6f4912
LC		 213 (source
214 (origin
215 (method url-fetch)
216 (uri (pypi-uri "paramiko" version))
217 (sha256
c7aee804 218 (base32 "0dahwq623jnna7gsr9j0mkwr9k2n1pvkapjryhcx508d5jxg8dkz"))))
cc6f4912
LC		 219 (build-system python-build-system)
220 (arguments
8e84eb68
MB		 221 `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt.
222 #:tests? #f))
cc6f4912 223 (propagated-inputs
2fbc38e3
LF		 224 `(("python-bcrypt" ,python-bcrypt)
225 ("python-pyasn1" ,python-pyasn1)
226 ("python-pynacl" ,python-pynacl)
cc6f4912 227 ("python-cryptography" ,python-cryptography)))
101ad242 228 (home-page "https://www.paramiko.org/")
cc6f4912
LC		 229 (synopsis "SSHv2 protocol library")
230 (description "Paramiko is a python implementation of the SSHv2 protocol,
231providing both client and server functionality. While it leverages a Python C
232extension for low level cryptography (PyCrypto), Paramiko itself is a pure
233Python interface around SSH networking concepts.")
234 (license license:lgpl2.1+)))
235
236(define-public python2-paramiko
237 (package-with-python2 python-paramiko))
238
239(define-public python-ecdsa
240 (package
241 (name "python-ecdsa")
c57b8419 242 (version "0.14.1")
cc6f4912
LC		 243 (source
244 (origin
245 (method url-fetch)
86228e56 246 (uri (pypi-uri "ecdsa" version))
cc6f4912 247 (sha256
c57b8419 248 (base32 "13nx5cbfxc0gnax5zwdmp9xc40qd1llk62mv85jyrvqkbw017ik4"))))
cc6f4912 249 (build-system python-build-system)
92fe2513
EF		 250 (arguments
251 '(#:phases
252 (modify-phases %standard-phases
253 (replace 'check
254 (lambda _ (invoke "pytest"))))))
c57b8419
EF		 255 (propagated-inputs
256 `(("python-six" ,python-six)))
257 (native-inputs
92fe2513
EF		 258 `(("openssl" ,openssl)
259 ("python-pytest" ,python-pytest)))
9cd100b6
TGR		 260 (home-page "https://github.com/warner/python-ecdsa")
261 (synopsis "ECDSA cryptographic signature library (pure python)")
cc6f4912
LC		 262 (description
263 "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
264Curve Digital Signature Algorithm), implemented purely in Python. With this
265library, you can quickly create keypairs (signing key and verifying key), sign
266messages, and verify the signatures. The keys and signatures are very short,
267making them easy to handle and incorporate into other protocols.")
268 (license license:expat)))
269
270(define-public python2-ecdsa
271 (package-with-python2 python-ecdsa))
272
273;;; Pycrypto is abandoned upstream:
274;;;
275;;; https://github.com/dlitz/pycrypto/issues/173
276;;;
277;;; TODO Remove this package from GNU Guix.
278(define-public python-pycrypto
279 (package
280 (name "python-pycrypto")
281 (version "2.6.1")
282 (source
283 (origin
284 (method url-fetch)
285 (uri (pypi-uri "pycrypto" version))
2a2a9878
MB		 286 (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"
287 "python-pycrypto-time-clock.patch"))
cc6f4912
LC		 288 (sha256
289 (base32
290 "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
291 (build-system python-build-system)
292 (inputs
293 `(("python" ,python)
294 ("gmp" ,gmp)))
295 (arguments
296 `(#:phases
297 (modify-phases %standard-phases
298 (add-before 'build 'set-build-env
299 ;; pycrypto runs an autoconf configure script behind the scenes
300 (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
52888f52 301 (home-page "https://www.dlitz.net/software/pycrypto/")
cc6f4912
LC		 302 (synopsis "Cryptographic modules for Python")
303 (description
304 "Pycrypto is a collection of both secure hash functions (such as SHA256
305and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
306etc.). The package is structured to make adding new modules easy.")
307 (license license:public-domain)))
308
309(define-public python2-pycrypto
310 (let ((pycrypto (package-with-python2 python-pycrypto)))
311 (package (inherit pycrypto)
312 (inputs
313 `(("python" ,python-2)
314 ,@(alist-delete
315 "python"
316 (package-inputs pycrypto)))))))
317
f8dcdf2b
AT		 318(define-public python-kerberos
319 (package
320 (name "python-kerberos")
321 (version "1.3.0")
322 (source
323 (origin
324 (method url-fetch)
325 (uri (pypi-uri "kerberos" version))
326 (sha256
327 (base32
328 "19663qxmma0i8bfbjc2iwy5hgq0g4pfb75r023v5dps68zfvffgh"))))
329 (build-system python-build-system)
330 (inputs
331 `(("mit-krb5" ,mit-krb5)))
332 (home-page "https://github.com/apple/ccs-pykerberos")
333 (synopsis
334 "Python Kerberos library used by CalendarServer")
335 (description
336 "This Python package is a high-level wrapper for Kerberos (GSSAPI)
337operations. The goal is to avoid having to build a module that wraps the
338entire Kerberos.framework, and instead offer a limited set of functions that
339do what is needed for client/server Kerberos authentication based on
340<http://www.ietf.org/rfc/rfc4559.txt>.")
341 (license license:asl2.0)))
342
cc6f4912
LC		 343(define-public python-keyring
344 (package
345 (name "python-keyring")
6fedf6f2 346 (version "21.0.0")
cc6f4912
LC		 347 (source
348 (origin
349 (method url-fetch)
350 (uri (pypi-uri "keyring" version))
351 (sha256
352 (base32
6fedf6f2
EF		 353 "1k0w3yh3fz0qp0cvkxdiinq9jzbrnc6bd88qpjz34x3cgcr94psz"))
354 (modules '((guix build utils)))
355 (snippet
356 ;; https://github.com/jaraco/keyring/issues/414
357 '(begin (substitute* "tests/test_packaging.py"
358 (("ep, =") "(ep,) =")) #t))))
cc6f4912 359 (build-system python-build-system)
6fedf6f2
EF		 360 (arguments
361 `(#:phases
362 (modify-phases %standard-phases
363 (replace 'check
364 (lambda _
365 ;; Not clear why this test fails.
366 (delete-file "tests/test_packaging.py")
367 (substitute* "pytest.ini"
368 (("--black ") ""))
369 (invoke "pytest"))))))
cc6f4912 370 (native-inputs
770b1d65 371 `(("python-pytest" ,python-pytest)
6fedf6f2
EF		 372 ("python-pytest-checkdocs" ,python-pytest-checkdocs)
373 ("python-pytest-cov" ,python-pytest-cov)
374 ("python-pytest-flake8" ,python-pytest-flake8)
770b1d65 375 ("python-setuptools-scm" ,python-setuptools-scm)))
cc6f4912 376 (propagated-inputs
6fedf6f2
EF		 377 `(("python-importlib-metadata" ,python-importlib-metadata)
378 ("python-secretstorage" ,python-secretstorage)))
cc6f4912
LC		 379 (home-page "https://github.com/jaraco/keyring")
380 (synopsis "Store and access your passwords safely")
381 (description
382 "The Python keyring lib provides a easy way to access the system keyring
383service from python. It can be used in any application that needs safe
384password storage.")
385 ;; "MIT" and PSF dual license
6fedf6f2 386 (properties `((python2-variant . ,(delay python2-keyring))))
cc6f4912
LC		 387 (license license:x11)))
388
389(define-public python2-keyring
6fedf6f2
EF		 390 (let ((keyring (package-with-python2
391 (strip-python2-variant python-keyring))))
392 (package
393 (inherit keyring)
394 (name "python2-keyring")
395 (version "8.7")
396 (source
397 (origin
398 (method url-fetch)
399 (uri (pypi-uri "keyring" version))
400 (sha256
401 (base32
402 "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
403 (arguments
404 `(#:python ,python-2))
405 (native-inputs
406 `(("python2-pytest" ,python2-pytest)
407 ("python2-pytest-runner" ,python2-pytest-runner)
408 ("python2-setuptools-scm" ,python2-setuptools-scm)))
409 (propagated-inputs
410 `(("python2-pycrypto" ,python2-pycrypto))))))
cc6f4912 411
9a684b40
EF		 412(define-public python-keyrings.alt
413 (package
414 (name "python-keyrings.alt")
415 (version "3.4.0")
416 (source
417 (origin
418 (method url-fetch)
419 (uri (pypi-uri "keyrings.alt" version))
420 (sha256
421 (base32
422 "0gdjdqpq2hf770p6iwi891mil0vbsdhvy88x0v8b2w4y4b28lcli"))
423 (modules '((guix build utils)))
424 (snippet
425 '(begin
426 (delete-file "keyrings/alt/_win_crypto.py")
427 ;; Rely on python-keyring>20:
428 ;; https://github.com/jaraco/keyrings.alt/issues/33
429 (substitute* '("keyrings/alt/tests/test_Gnome.py"
430 "keyrings/alt/tests/test_Google.py"
431 "keyrings/alt/tests/test_Windows.py"
432 "keyrings/alt/tests/test_file.py"
433 "keyrings/alt/tests/test_pyfs.py")
434 (("keyring.tests.test_backend") "keyring.testing.backend")
435 (("keyring.tests.util") "keyring.testing.util"))
436 #t))))
437 (build-system python-build-system)
438 (native-inputs
439 `(("python-keyring" ,python-keyring)
440 ("python-pytest" ,python-pytest)
441 ("python-setuptools-scm" ,python-setuptools-scm)))
442 (home-page "https://github.com/jaraco/keyrings.alt")
443 (synopsis "Alternate keyring implementations")
444 (description "Keyrings in this package may have security risks or other
445implications. These backends were extracted from the main keyring project to
446make them available for those who wish to employ them, but are discouraged for
447general production use. Include this module and use its backends at your own
448risk.")
449 (license license:expat)))
450
cc6f4912
LC		 451(define-public python-certifi
452 (package
453 (name "python-certifi")
ee3a5e07 454 (version "2020.4.5.1")
cc6f4912
LC		 455 (source (origin
456 (method url-fetch)
457 (uri (pypi-uri "certifi" version))
458 (sha256
459 (base32
ee3a5e07 460 "06b5gfs7wmmipln8f3z928d2mmx2j4b3x7pnqmj6cvmyfh8v7z2i"))))
cc6f4912 461 (build-system python-build-system)
ee3a5e07 462 (arguments '(#:tests? #f)) ;no tests
cc6f4912
LC		 463 (home-page "https://certifi.io/")
464 (synopsis "Python CA certificate bundle")
465 (description
466 "Certifi is a Python library that contains a CA certificate bundle, which
467is used by the Requests library to verify HTTPS requests.")
468 (license license:asl2.0)))
469
470(define-public python2-certifi
471 (package-with-python2 python-certifi))
472
473(define-public python-cryptography-vectors
474 (package
475 (name "python-cryptography-vectors")
6144e2d7 476 (version "2.9.2")
cc6f4912
LC		 477 (source
478 (origin
479 (method url-fetch)
480 (uri (pypi-uri "cryptography_vectors" version))
481 (sha256
482 (base32
6144e2d7 483 "1d4iykcv7cn9j399hczlxm5pzxmqy6d80h3j16dkjwlmv3293b4r"))))
cc6f4912
LC		 484 (build-system python-build-system)
485 (home-page "https://github.com/pyca/cryptography")
486 (synopsis "Test vectors for the cryptography package")
487 (description
488 "This package contains test vectors for the cryptography package.")
489 ;; Distributed under either BSD-3 or ASL2.0
490 (license (list license:bsd-3 license:asl2.0))))
491
492(define-public python2-cryptography-vectors
493 (package-with-python2 python-cryptography-vectors))
494
495(define-public python-cryptography
496 (package
497 (name "python-cryptography")
6144e2d7 498 (version "2.9.2")
cc6f4912
LC		 499 (source
500 (origin
501 (method url-fetch)
502 (uri (pypi-uri "cryptography" version))
503 (sha256
504 (base32
6144e2d7 505 "0af25w5mkd6vwns3r6ai1w5ip9xp0ms9s261zzssbpadzdr05hx0"))))
cc6f4912
LC		 506 (build-system python-build-system)
507 (inputs
508 `(("openssl" ,openssl)))
509 (propagated-inputs
510 `(("python-asn1crypto" ,python-asn1crypto)
511 ("python-cffi" ,python-cffi)
512 ("python-six" ,python-six)
513 ("python-idna" ,python-idna)
514 ("python-iso8601" ,python-iso8601)))
515 (native-inputs
516 `(("python-cryptography-vectors" ,python-cryptography-vectors)
517 ("python-hypothesis" ,python-hypothesis)
518 ("python-pretend" ,python-pretend)
519 ("python-pytz" ,python-pytz)
2dd12924 520 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 521 (home-page "https://github.com/pyca/cryptography")
522 (synopsis "Cryptographic recipes and primitives for Python")
523 (description
524 "cryptography is a package which provides cryptographic recipes and
525primitives to Python developers. It aims to be the “cryptographic standard
526library” for Python. The package includes both high level recipes, and low
527level interfaces to common cryptographic algorithms such as symmetric ciphers,
528message digests and key derivation functions.")
529 ;; Distributed under either BSD-3 or ASL2.0
530 (license (list license:bsd-3 license:asl2.0))
531 (properties `((python2-variant . ,(delay python2-cryptography))))))
532
533(define-public python2-cryptography
534 (let ((crypto (package-with-python2
535 (strip-python2-variant python-cryptography))))
536 (package (inherit crypto)
537 (propagated-inputs
538 `(("python2-ipaddress" ,python2-ipaddress)
539 ("python2-backport-ssl-match-hostname"
540 ,python2-backport-ssl-match-hostname)
541 ("python2-enum34" ,python2-enum34)
542 ,@(package-propagated-inputs crypto))))))
543
544(define-public python-pyopenssl
545 (package
546 (name "python-pyopenssl")
da1eb6db 547 (version "19.1.0")
cc6f4912
LC		 548 (source
549 (origin
550 (method url-fetch)
551 (uri (pypi-uri "pyOpenSSL" version))
552 (sha256
553 (base32
da1eb6db 554 "01wmsq6w0frzbr3zps4ga9kmqjidp2h317jwpq1g9ah24r5lj94s"))))
cc6f4912
LC		 555 (build-system python-build-system)
556 (arguments
557 '(#:phases
558 (modify-phases %standard-phases
559 (delete 'check)
560 (add-after 'install 'check
561 (lambda* (#:key inputs outputs #:allow-other-keys)
562 (add-installed-pythonpath inputs outputs)
55e51b66
MB		 563 ;; PyOpenSSL runs tests against a certificate with a fixed
564 ;; expiry time. To ensure successful builds in the future,
565 ;; set the time to roughly the release date.
566 (invoke "faketime" "2019-01-01" "py.test" "-v" "-k"
c6e33df9
RW		 567 (string-append
568 ;; This test tries to look up certificates from
569 ;; the compiled-in default path in OpenSSL, which
570 ;; does not exist in the build environment.
571 "not test_fallback_default_verify_paths "
572 ;; This test attempts to make a connection to
573 ;; an external web service.
574 "and not test_set_default_verify_paths")))))))
cc6f4912
LC		 575 (propagated-inputs
576 `(("python-cryptography" ,python-cryptography)
577 ("python-six" ,python-six)))
578 (inputs
579 `(("openssl" ,openssl)))
580 (native-inputs
55e51b66
MB		 581 `(("libfaketime" ,libfaketime)
582 ("python-flaky" ,python-flaky)
cc6f4912 583 ("python-pretend" ,python-pretend)
2dd12924 584 ("python-pytest" ,python-pytest)))
cc6f4912
LC		 585 (home-page "https://github.com/pyca/pyopenssl")
586 (synopsis "Python wrapper module around the OpenSSL library")
587 (description
588 "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
589library.")
590 (license license:asl2.0)))
591
592(define-public python2-pyopenssl
593 (package-with-python2 python-pyopenssl))
594
579b4362
DM		 595(define-public python-ed25519
596 (package
597 (name "python-ed25519")
598 (version "1.4")
599 (source
600 (origin
601 (method url-fetch)
602 (uri (pypi-uri "ed25519" version))
603 (sha256
604 (base32
605 "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499"))))
606 (build-system python-build-system)
607 (home-page "https://github.com/warner/python-ed25519")
608 (synopsis "Ed25519 public-key signatures")
609 (description "Ed25519 public-key signatures")
610 (license license:expat)))
611
612(define-public python2-ed25519
613 (package-with-python2 python-ed25519))
614
cc6f4912
LC		 615(define-public python-axolotl-curve25519
616 (package
617 (name "python-axolotl-curve25519")
74f01758 618 (version "0.4.1.post2")
cc6f4912
LC		 619 (source
620 (origin
74f01758
AI		 621 (method url-fetch)
622 (uri (pypi-uri "python-axolotl-curve25519" version))
cc6f4912
LC		 623 (sha256
624 (base32
74f01758 625 "18v3rfyv7xi26fb97nw1xc0l6x8wi0i4xj8dlq4gblpbjxiac187"))))
cc6f4912 626 (build-system python-build-system)
cc6f4912
LC		 627 (home-page "https://github.com/tgalal/python-axolotl-curve25519")
628 (synopsis "Python wrapper for curve25519 library")
629 (description "This is a python wrapper for the curve25519 library
630with ed25519 signatures. The C code was pulled from
631libaxolotl-android. At the moment this wrapper is meant for use by
632python-axolotl.")
633 (license (list license:gpl3 ; Most files
634 license:bsd-3)))) ; curve/curve25519-donna.c
635
636(define-public python2-axolotl-curve25519
637 (package-with-python2 python-axolotl-curve25519))
638
639(define-public python-axolotl
640 (package
641 (name "python-axolotl")
b578168f 642 (version "0.2.3")
cc6f4912
LC		 643 (source
644 (origin
b578168f
AI		 645 (method url-fetch)
646 (uri (pypi-uri "python-axolotl" version))
cc6f4912 647 (sha256
b578168f
AI		 648 (base32
649 "1bwdp24fmriffwx91aigs9k162albb51iskp23nc939z893q23py"))))
cc6f4912
LC		 650 (build-system python-build-system)
651 (arguments
652 `(#:phases
653 (modify-phases %standard-phases
654 ;; Don't install tests
655 (add-before 'install 'remove-tests
656 (lambda _
657 (for-each delete-file-recursively
658 '("axolotl/tests" "build/lib/axolotl/tests"))
659 #t)))))
660 (propagated-inputs
661 `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
b578168f
AI		 662 ("python-cryptography" ,python-cryptography)
663 ("python-protobuf" ,python-protobuf)))
cc6f4912
LC		 664 (home-page "https://github.com/tgalal/python-axolotl")
665 (synopsis "Python port of libaxolotl-android")
666 (description "This is a python port of libaxolotl-android. This
667is a ratcheting forward secrecy protocol that works in synchronous and
668asynchronous messaging environments.")
669 (license license:gpl3)))
670
671(define-public python2-axolotl
672 (package-with-python2 python-axolotl))
673
674;; SlowAES isn't compatible with Python 3.
675(define-public python2-slowaes
676 (package
677 (name "python2-slowaes")
678 (version "0.1a1")
679 (source
680 (origin
681 (method url-fetch)
682 (uri (pypi-uri "slowaes" version))
683 (sha256
684 (base32
685 "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
686 (build-system python-build-system)
687 (arguments `(#:python ,python-2))
688 (home-page "http://code.google.com/p/slowaes/")
689 (synopsis "Implementation of AES in Python")
690 (description "This package contains an implementation of AES in Python.
691This implementation is slow (hence the project name) but still useful when
692faster ones are not available.")
693 (license license:asl2.0)))
694
695(define-public python-pyaes
696 (package
697 (name "python-pyaes")
6de86fd5 698 (version "1.6.1")
cc6f4912
LC		 699 (source
700 (origin
701 (method url-fetch)
702 (uri (pypi-uri "pyaes" version))
703 (sha256
704 (base32
6de86fd5 705 "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82"))))
cc6f4912
LC		 706 (build-system python-build-system)
707 (home-page "https://github.com/ricmoo/pyaes")
708 (synopsis "Implementation of AES in Python")
709 (description "This package contains a pure-Python implementation of the
710AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
711ECB and OFB).")
712 (license license:expat)))
713
714(define-public python2-pyaes
715 (package-with-python2 python-pyaes))
b95c17c5
LC		 716
717(define-public python-asn1crypto
718 (package
719 (name "python-asn1crypto")
19f2a526 720 (version "0.24.0")
b95c17c5
LC		 721 (source
722 (origin
d3b7feb7
EF		 723 (method git-fetch)
724 (uri (git-reference
b0e7b699 725 (url "https://github.com/wbond/asn1crypto")
d3b7feb7
EF		 726 (commit version)))
727 (file-name (git-file-name name version))
b95c17c5
LC		 728 (sha256
729 (base32
19f2a526 730 "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb"))))
b95c17c5
LC		 731 (build-system python-build-system)
732 (home-page "https://github.com/wbond/asn1crypto")
733 (synopsis "ASN.1 parser and serializer in Python")
734 (description "asn1crypto is an ASN.1 parser and serializer with definitions
735for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
736PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
737 (license license:expat)))
738
739(define-public python2-asn1crypto
740 (package-with-python2 python-asn1crypto))
741
742(define-public python-pynacl
743 (package
744 (name "python-pynacl")
f5e3f02f 745 (version "1.4.0")
b95c17c5
LC		 746 (source
747 (origin
748 (method url-fetch)
749 (uri (pypi-uri "PyNaCl" version))
750 (modules '((guix build utils)))
f5e3f02f
MB		 751 (snippet
752 '(begin
753 ;; Remove spurious dependency on python-wheel, can be removed
754 ;; for 1.5.
755 (substitute* "setup.py"
756 (("\"wheel\"") ""))
757 ;; Remove bundled libsodium.
758 (delete-file-recursively "src/libsodium")
759 #t))
b95c17c5
LC		 760 (sha256
761 (base32
f5e3f02f 762 "01b56hxrbif3hx8l6rwz5kljrgvlbj7shmmd2rjh0hn7974a5sal"))))
b95c17c5
LC		 763 (build-system python-build-system)
764 (arguments
f5e3f02f
MB		 765 `(#:modules (,@%python-build-system-modules
766 (guix build utils)
767 (ice-9 ftw)
768 (srfi srfi-26))
769 #:phases
770 (modify-phases (@ (guix build python-build-system) %standard-phases)
b95c17c5
LC		 771 (add-before 'build 'use-system-sodium
772 (lambda _
773 (setenv "SODIUM_INSTALL" "system")
f5e3f02f
MB		 774 #t))
775 (replace 'check
776 (lambda _
777 (let ((build-directory
778 (car (scandir "build" (cut string-prefix? "lib" <>)))))
779 (setenv "PYTHONPATH"
780 (string-append "./build/" build-directory ":"
781 (getenv "PYTHONPATH")))
782 (invoke "pytest" "-vv")))))))
b95c17c5 783 (native-inputs
6969ad0e
LF		 784 `(("python-hypothesis" ,python-hypothesis)
785 ("python-pytest" ,python-pytest)))
b95c17c5
LC		 786 (propagated-inputs
787 `(("python-cffi" ,python-cffi)
788 ("python-six" ,python-six)
789 ("libsodium" ,libsodium)))
790 (home-page "https://github.com/pyca/pynacl/")
791 (synopsis "Python bindings to libsodium")
792 (description
793 "PyNaCl is a Python binding to libsodium, which is a fork of the
794Networking and Cryptography library. These libraries have a stated goal
795of improving usability, security and speed.")
796 (license license:asl2.0)))
797
acc6e695
JL		 798(define-public python2-pynacl
799 (package-with-python2 python-pynacl))
800
b95c17c5
LC		 801(define-public python2-pgpdump
802 (package
803 (name "python2-pgpdump")
804 (version "1.5")
805 (source
806 (origin
807 (method url-fetch)
808 (uri (pypi-uri "pgpdump" version))
809 (sha256
810 (base32
811 "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
812 (build-system python-build-system)
813
814 ;; Currently fails to build with Python 3.
815 (arguments `(#:python ,python-2))
816
817 (home-page "https://github.com/toofishes/python-pgpdump")
818 (synopsis "Python library for parsing PGP packets")
819 (description
820 "Python-pgpdump is an OpenPGP packet parser based on
821@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports:
822
823@itemize
824@item signature packets;
825@item public key packets;
826@item secret key packets;
827@item trust, user ID, and user attribute packets;
828@item ASCII-armor decoding and CRC check.
829@end itemize\n")
830 (license license:bsd-3)))
831
832(define-public python2-roca-detect
833 (package
834 (name "python2-roca-detect")
835 (version "1.0.8")
836 (source
837 (origin
838 (method url-fetch)
839 (uri (pypi-uri "roca-detect" version))
840 (sha256
841 (base32
842 "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
843 (build-system python-build-system)
844 (native-inputs
845 ;; TODO: apk_parse_ph4, pyjks
846 `(("python2-dateutil" ,python2-dateutil)
847 ("python2-six" ,python2-six)
848 ("python2-cryptography" ,python2-cryptography)
849 ("python2-future" ,python2-future)
850 ("python2-coloredlogs" ,python2-coloredlogs)
851 ("python2-pgpdump" ,python2-pgpdump)))
852 (arguments
853 `(;; Basic testing routine is quite simple and works with Py3
854 ;; but the rest of the code that processes the different
855 ;; key formats and extracts the modulus for inspection is
856 ;; not yet fully py3 ready.
857 #:python ,python-2))
858 (home-page "https://github.com/crocs-muni/roca")
859 (synopsis "ROCA detection tool")
860 (description
861 "This tool is related to the paper entitled @i{Return of the
862Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It
863enables you to test public RSA keys for a presence of the described
864vulnerability. Currently the tool supports the following key formats: X.509
865Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
866key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
867file, and more.")
868 (license license:gpl3)))
d0d5f726 869
3eca7ff9
EF		 870(define-public python-blurhash
871 (package
872 (name "python-blurhash")
873 (version "1.1.4")
874 (source
875 (origin
876 ;; Tests not included in pypi release and releases not tagged in git repo.
877 (method git-fetch)
878 (uri (git-reference
879 (url "https://github.com/halcy/blurhash-python")
880 (commit "22e081ef1c24da1bb5c5eaa2c1d6649724deaef8")))
881 (file-name (git-file-name name version))
882 (sha256
883 (base32
884 "1qq6mhydlp7q3na4kmaq3871h43wh3pyfyxr4b79bia73wjdylxf"))))
885 (build-system python-build-system)
886 (arguments
887 '(#:phases
888 (modify-phases %standard-phases
889 (replace 'check
890 (lambda _
891 (delete-file "setup.cfg")
892 (invoke "pytest"))))))
893 (native-inputs
894 `(("python-numpy" ,python-numpy)
895 ("python-pillow" ,python-pillow)
896 ("python-pytest" ,python-pytest)))
897 (home-page "https://github.com/halcy/blurhash-python")
898 (synopsis
899 "Pure-Python implementation of the blurhash algorithm")
900 (description
901 "Pure-Python implementation of the blurhash algorithm.")
902 (license license:expat)))
903
d0d5f726
DM		 904(define-public python-ecpy
905 (package
906 (name "python-ecpy")
37da5813 907 (version "0.10.0")
d0d5f726
DM		 908 (source
909 (origin
910 (method url-fetch)
911 (uri (pypi-uri "ECPy" version))
912 (sha256
913 (base32
37da5813 914 "1gc3i5s93zq6x1nkaxkq1dvmsc12vmrw0hns9f5s1hcb78ni52c8"))))
d0d5f726
DM		 915 (build-system python-build-system)
916 (propagated-inputs
917 `(("python-future" ,python-future)))
918 (home-page "https://github.com/ubinity/ECPy")
919 (synopsis "Pure Python Elliptic Curve Library")
920 (description "This package provides a Elliptic Curve Library in pure
921Python.")
922 (license license:asl2.0)))
923
924(define-public python2-ecpy
925 (package-with-python2 python-ecpy))
c1927129
LF		 926
927(define-public python-josepy
928 (package
929 (name "python-josepy")
205044b9 930 (version "1.1.0")
c1927129
LF		 931 (source (origin
932 (method url-fetch)
933 (uri (pypi-uri "josepy" version))
934 (sha256
935 (base32
205044b9 936 "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v"))))
c1927129
LF		 937 (build-system python-build-system)
938 (arguments
205044b9 939 ;; The tests require flake8 >= 3.5, which is not yet packaged.
c1927129
LF		 940 '(#:tests? #f))
941 (propagated-inputs
942 `(("python-cryptography" ,python-cryptography)
943 ("python-pyopenssl" ,python-pyopenssl)
944 ("python-six" ,python-six)))
205044b9 945;; TODO Enable when we have flake8 >= 3.5.
c1927129
LF		 946; (native-inputs
947; `(("python-coverage" ,python-coverage)
948; ("python-flake8" ,python-flake8)
949; ("python-isort" ,python-isort)
950; ("python-mock" ,python-mock)
205044b9 951; ("python-pytest" ,python-pytest)
c1927129
LF		 952; ("python-pytest-cov" ,python-pytest-cov)
953; ("python-pytest-cache" ,python-pytest-cache)
954; ("python-pytest-flake8" ,python-pytest-flake8)))
955 (home-page "https://github.com/certbot/josepy")
956 (synopsis "JOSE protocol implementation in Python")
957 (description "This package provides a Python implementation of the JOSE
958protocol (Javascript Object Signing and Encryption).")
959 (license license:asl2.0)))
960
961(define-public python2-josepy
962 (package-with-python2 python-josepy))
d32456d5
OP		 963
964(define-public python-pycryptodome
965 (package
966 (name "python-pycryptodome")
a62887d3 967 (version "3.7.3")
d32456d5
OP		 968 (source
969 (origin
970 (method url-fetch)
971 (uri (pypi-uri "pycryptodome" version))
972 (sha256
973 (base32
a62887d3 974 "0dh6ky5ngxayyn5f6n7gdamjl49g3khz6pdx9sdnag1zwi8248hs"))))
d32456d5
OP		 975 (build-system python-build-system)
976 (home-page "https://www.pycryptodome.org")
977 (synopsis "Cryptographic library for Python")
978 (description "This package provides a cryptographic library for Python.
979
980It brings the following enhancements with respect to the last official version
981of PyCrypto:
982
983@itemize
984@item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB)
985@item Accelerated AES on Intel platforms via AES-NI
986@item First class support for PyPy
987@item Elliptic curves cryptography (NIST P-256 curve only)
988@item Better and more compact API (nonce and iv attributes for ciphers,
989automatic generation of random nonces and IVs, simplified CTR cipher mode, and
990more)
991@item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms
992@item Salsa20 and ChaCha20 stream ciphers
993@item scrypt and HKDF
994@item Deterministic (EC)DSA
995@item Password-protected PKCS#8 key containers
996@item Shamir’s Secret Sharing scheme
997@item Random numbers get sourced directly from the OS (and not from a CSPRNG
998in userspace)
999@item Cleaner RSA and DSA key generation (largely based on FIPS 186-4)
1000@item Major clean ups and simplification of the code base
1001@end itemize\n")
1002 (license license:bsd-2)))
1003
1004(define-public python2-pycryptodome
1005 (package-with-python2 python-pycryptodome))
2f691218
 1006
1007(define-public python-m2crypto
1008 (package
1009 (name "python-m2crypto")
3b4cc5cb 1010 (version "0.35.2")
2f691218
 1011 (source
1012 (origin
1013 (method url-fetch)
1014 (uri (pypi-uri "M2Crypto" version))
1015 (sha256
3b4cc5cb 1016 (base32 "09yirf3w77w6f49q6nxhrjm9c3a4y9s30s1k09chqrw8zdgx8sjc"))))
2f691218
 1017 (build-system python-build-system)
1018 (inputs `(("openssl" ,openssl)))
4764e83c 1019 (native-inputs `(("swig" ,swig)))
2f691218
 1020 (home-page "https://gitlab.com/m2crypto/m2crypto")
1021 (synopsis "Python crypto and TLS toolkit")
1022 (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL
1023featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers
1024(including AES); TLS functionality to implement clients and servers; HTTPS
1025extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing
1026AuthCookies for web session management; FTP/TLS client and server; S/MIME;
1027M2Crypto can also be used to provide TLS for Twisted. Smartcards supported
1028through the Engine interface.")
e810de3e 1029 (properties `((python2-variant . ,(delay python2-m2crypto))))
2f691218
 1030 (license license:expat)))
1031
1032(define-public python2-m2crypto
e810de3e
MB		 1033 (let ((m2crypto (package-with-python2
1034 (strip-python2-variant python-m2crypto))))
1035 (package (inherit m2crypto)
1036 (propagated-inputs
1037 `(("python2-typing" ,python2-typing))))))
c158d476
NG		 1038
1039(define-public python-pylibscrypt
1040 (package
1041 (name "python-pylibscrypt")
1042 (version "1.7.1")
1043 (source
1044 (origin
1045 (method url-fetch)
1046 (uri (pypi-uri "pylibscrypt" version))
1047 (sha256
1048 (base32
1049 "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs"))))
1050 (build-system python-build-system)
1051 (arguments
929d4d2f
NG		 1052 `(#:phases
1053 (modify-phases %standard-phases
1054 (add-before 'build 'hard-code-path-to-libscrypt
1055 (lambda* (#:key inputs #:allow-other-keys)
1056 (let ((libscrypt (assoc-ref inputs "libscrypt")))
1057 (substitute* "pylibscrypt/pylibscrypt.py"
1058 (("find_library\\('scrypt'\\)")
1059 (string-append "'" libscrypt "/lib/libscrypt.so'")))
1060 #t))))
1061 ;; The library can use various scrypt implementations and tests all of
1062 ;; them. Since we only provide a single implementation, most tests
1063 ;; fail. Simply skip them.
1064 #:tests? #f))
1065 ;; FIXME: Using "libscrypt" is the second best choice. The best one
1066 ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL
1067 ;; 1.1+. Use that as soon as Guix provides it.
c158d476 1068 (inputs
929d4d2f 1069 `(("libscrypt" ,libscrypt)))
c158d476
NG		 1070 (home-page "https://github.com/jvarho/pylibscrypt")
1071 (synopsis "Scrypt for Python")
1072 (description "There are a lot of different scrypt modules for Python, but
1073none of them have everything that I'd like, so here's one more. It uses
929d4d2f 1074@code{libscrypt}.")
c158d476 1075 (license license:isc)))
40c6e454
NG		 1076
1077(define-public python-libnacl
1078 (package
1079 (name "python-libnacl")
1080 (version "1.6.1")
1081 (source
1082 (origin
1083 (method url-fetch)
1084 (uri (pypi-uri "libnacl" version))
1085 (sha256
1086 (base32
1087 "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v"))))
1088 (build-system python-build-system)
1089 (arguments
1090 `(#:phases
1091 (modify-phases %standard-phases
1092 (add-after 'unpack 'locate-libsodium
1093 (lambda* (#:key inputs #:allow-other-keys)
1094 (substitute* "libnacl/__init__.py"
1095 (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))"
1096 _ pre post)
1097 (let ((libsodium (string-append (assoc-ref inputs "libsodium")
1098 "/lib/libsodium.so")))
1099 (string-append pre libsodium post)))))))))
1100 (native-inputs
1101 `(("python-pyhamcrest" ,python-pyhamcrest)))
1102 (inputs
1103 `(("libsodium" ,libsodium)))
1104 (home-page "https://libnacl.readthedocs.org/")
1105 (synopsis "Python bindings for libsodium based on ctypes")
1106 (description "@code{libnacl} is used to gain direct access to the
1107functions exposed by @code{NaCl} library via @code{libsodium}. It has
1108been constructed to maintain extensive documentation on how to use
1109@code{NaCl} as well as being completely portable.")
1110 (license license:asl2.0)))
cb91f6ae 1111
1fa1d822
NG		 1112(define-public python-scrypt
1113 (package
1114 (name "python-scrypt")
cc314e90 1115 (version "0.8.7")
1fa1d822
NG		 1116 (source
1117 (origin
1118 (method url-fetch)
1119 (uri (pypi-uri "scrypt" version))
1120 (sha256
1121 (base32
cc314e90 1122 "0hjk71k3mgnl8siikm9lii9im8kv0rb7inkjzx78rnancra48xxr"))))
1fa1d822
NG		 1123 (build-system python-build-system)
1124 (inputs
1125 `(("openssl" ,openssl)))
20c604c5 1126 (home-page "https://bitbucket.org/mhallin/py-scrypt")
1fa1d822
NG		 1127 (synopsis "Bindings for the scrypt key derivation function library")
1128 (description "This is a set of Python bindings for the scrypt key
1129derivation function.")
1130 (license license:bsd-2)))
8afe166d
NN		 1131
1132(define-public python-service-identity
1133 (package
1134 (name "python-service-identity")
c105e509 1135 (version "18.1.0")
8afe166d
NN		 1136 (source
1137 (origin
1138 (method url-fetch)
1139 (uri (pypi-uri "service_identity" version))
1140 (sha256
1141 (base32
c105e509 1142 "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
8afe166d
NN		 1143 (build-system python-build-system)
1144 (propagated-inputs
1145 `(("python-attrs" ,python-attrs)
1146 ("python-pyasn1" ,python-pyasn1)
1147 ("python-pyasn1-modules" ,python-pyasn1-modules)
1148 ("python-pyopenssl" ,python-pyopenssl)))
1149 (home-page "https://service-identity.readthedocs.io/")
1150 (synopsis "Service identity verification for PyOpenSSL")
1151 (description
1152 "@code{service_identity} aspires to give you all the tools you need
1153for verifying whether a certificate is valid for the intended purposes.
1154In the simplest case, this means host name verification. However,
1155service_identity implements RFC 6125 fully and plans to add other
1156relevant RFCs too.")
1157 (license license:expat)))
1158
1159(define-public python2-service-identity
1160 (package-with-python2 python-service-identity))
0a90c789
LF		 1161
1162(define-public python-hkdf
1163 (package
1164 (name "python-hkdf")
1165 (version "0.0.3")
1166 (source
1167 (origin
1168 (method url-fetch)
1169 (uri (pypi-uri "hkdf" version))
1170 (sha256
1171 (base32
1172 "1jhxk5vhxmxxjp3zj526ry521v9inzzl8jqaaf0ma65w6k332ak2"))))
1173 (build-system python-build-system)
1174 (native-inputs
1175 `(("python-nose" ,python-nose)))
1176 (home-page "https://github.com/casebeer/python-hkdf")
1177 (synopsis "HMAC-based Extract-and-Expand Key Derivation Function (HKDF)")
1178 (description "This package provides a Python implementation of the HMAC Key
1179Derivation function (HKDF) defined in RFC 5869.")
1180 (license license:bsd-2)))
fc681a18
LF		 1181
1182(define-public python-spake2
1183 (package
1184 (name "python-spake2")
1185 (version "0.8")
1186 (source
1187 (origin
1188 (method url-fetch)
1189 (uri (pypi-uri "spake2" version))
1190 (sha256
1191 (base32
1192 "1x16r7lrbklvfzbacb66qv9iiih6liq1y612dqh2chgf555n2yn1"))))
1193 (build-system python-build-system)
1194 (propagated-inputs
1195 `(("python-hkdf" ,python-hkdf)))
1196 (home-page "https://github.com/warner/python-spake2")
1197 (synopsis "SPAKE2 password-authenticated key exchange in Python")
1198 (description "This package provides a Python implementation of the SPAKE2
1199Password-Authenticated Key Exchange algorithm.")
1200 (license license:expat)))
215f3db0
LF		 1201
1202(define-public python-txtorcon
1203 (package
1204 (name "python-txtorcon")
1205 (version "19.0.0")
1206 (source
1207 (origin
1208 (method url-fetch)
1209 (uri (pypi-uri "txtorcon" version))
1210 (sha256
1211 (base32
1212 "0fxzhsc62bhmr730vj9pzallmw56gz6iykvl28a5agrycm0bfc9p"))))
1213 (build-system python-build-system)
1214 (arguments
1215 ;; The tests fail immediately due to a missing file. Reported upstream:
1216 ;; <https://github.com/meejah/txtorcon/issues/330>
1217 `(#:tests? #f))
1218 (propagated-inputs
1219 `(("python-automat" ,python-automat)
1220 ("python-idna" ,python-idna)
1221 ("python-incremental" ,python-incremental)
215f3db0
LF		 1222 ("python-service-identity" ,python-service-identity)
1223 ("python-twisted" ,python-twisted)
1224 ("python-zope-interface" ,python-zope-interface)))
1225 (home-page "https://github.com/meejah/txtorcon")
1226 (synopsis "Twisted-based Tor controller client")
1227 (description "This package provides a Twisted-based Tor controller client,
1228with state-tracking and configuration abstractions.")
1229 (license license:expat)))
93953ec7
GLV		 1230
1231(define-public python-keyutils
1232 (package
1233 (name "python-keyutils")
1234 (version "0.6")
1235 (source
1236 (origin
1237 (method url-fetch)
1238 (uri (pypi-uri "keyutils" version))
1239 (sha256
1240 (base32
1241 "0lipygpzhwzzsq2k5imb1jgkmj8y4khxdwhzadjs3bd56g6bmkx9"))))
1242 (build-system python-build-system)
1243 (native-inputs
1244 `(("python-pytest" ,python-pytest)
1245 ("python-pytest-runner" ,python-pytest-runner)))
1246 (inputs
1247 `(("keyutils" ,keyutils)))
1248 (arguments
1249 '(#:tests? #f))
1250 (home-page "https://github.com/sassoftware/python-keyutils")
1251 (synopsis "Python bindings for keyutils")
1252 (description
1253 "This is a set of python bindings for keyutils, a key management suite
1254that leverages the infrastructure provided by the Linux kernel for safely
a806b0b0 1255storing and retrieving sensitive information in your programs.")
93953ec7 1256 (license license:asl2.0)))
1f15cbc8
CL		 1257
1258(define-public python-mcuboot-imgtool
1259 (package
1260 (name "python-mcuboot-imgtool")
1261 (version "1.4.0")
1262 (source
1263 (origin
1264 (method git-fetch)
1265 (uri (git-reference
1266 (url "https://github.com/JuulLabs-OSS/mcuboot")
1267 (commit (string-append "v" version))))
1268 (file-name (git-file-name name version))
1269 (sha256
1270 (base32
1271 "1m1csyvzq4jx81zg635ssy1n7sc0z539z0myh872ll3nwqx7wa0q"))))
1272 (build-system python-build-system)
1273 (arguments
1274 `(#:phases
1275 (modify-phases %standard-phases
1276 (add-after 'unpack 'fix-broken-test
1277 (lambda _
1278 (substitute* "scripts/imgtool/keys/ed25519_test.py"
1279 (("raw_sign") "sign_digest"))
1280 #t))
1281 (add-before 'build 'change-directory
1282 (lambda _
1283 (chdir "scripts")
1284 #t)))))
1285 (propagated-inputs
1286 `(("python-click" ,python-click)
1287 ("python-intelhex" ,python-intelhex)
1288 ("python-cryptography" ,python-cryptography)))
1289 (home-page "https://mcuboot.com")
1290 (synopsis "Tool to securely sign firmware images for booting by MCUboot")
1291 (description "MCUboot is a secure bootloader for 32-bit MCUs. This
1292package provides a tool to securely sign firmware images for booting by
1293MCUboot.")
1294 (license license:expat)))
83feb3d0 1295
163997c9
AT		 1296(define-public python-ntlm-auth
1297 (package
1298 (name "python-ntlm-auth")
1299 (version "1.4.0")
1300 (source
1301 (origin
1302 (method url-fetch)
1303 (uri (pypi-uri "ntlm-auth" version))
1304 (sha256
1305 (base32
1306 "16mavidki4ma5ip8srqalr19gz4f5yn3cnmmgps1fmgfr24j63rm"))))
1307 (build-system python-build-system)
1308 (propagated-inputs
1309 `(("python-cryptography" ,python-cryptography)))
1310 (home-page "https://github.com/jborean93/ntlm-auth")
1311 (synopsis
1312 "Calculates NTLM Authentication codes")
1313 (description
1314 "This library handles the low-level details of NTLM authentication for
1315use in authenticating with a service that uses NTLM. It will create and parse
1316the 3 different message types in the order required and produce a base64
1317encoded value that can be attached to the HTTP header.
1318
1319The goal of this library is to offer full NTLM support including signing and
1320sealing of messages as well as supporting MIC for message integrity and the
1321ability to customise and set limits on the messages sent. Please see Features
1322and Backlog for a list of what is and is not currently supported.")
1323 (license license:expat)))
1324
4ee1ea76
EF		 1325(define-public python-secretstorage
1326 (package
1327 (name "python-secretstorage")
1328 (version "3.1.2")
1329 (source
1330 (origin
1331 (method url-fetch)
1332 (uri (pypi-uri "SecretStorage" version))
1333 (sha256
1334 (base32
1335 "1xmzr0j3066s220bss4nkgqbiwb5k4kkp2rkpqlqwjb5kfc8mnhm"))))
1336 (build-system python-build-system)
1337 (arguments
1338 '(#:tests? #f)) ; Tests require a running dbus service.
1339 (propagated-inputs
1340 `(("python-cryptography" ,python-cryptography)
1341 ("python-jeepney" ,python-jeepney)))
1342 (home-page "https://github.com/mitya57/secretstorage")
1343 (synopsis "Python bindings to FreeDesktop.org Secret Service API")
1344 (description
1345 "@code{python-secretstorage} provides a way for securely storing passwords
1346and other secrets. It uses D-Bus Secret Service API that is supported by GNOME
1347Keyring (since version 2.30) and KSecretsService. SecretStorage supports most
1348of the functions provided by Secret Service, including creating and deleting
1349items and collections, editing items, locking and unlocking collections
1350(asynchronous unlocking is also supported).")
1351 (license license:bsd-3)))
1352
960dafce
VM		 1353(define-public python-trustme
1354 (package
1355 (name "python-trustme")
1356 (version "0.6.0")
1357 (source
1358 (origin
1359 (method url-fetch)
1360 (uri (pypi-uri "trustme" version))
1361 (sha256
1362 (base32 "0v3vr5z6apnfmklf07m45kv5kaqvm6hxrkaqywch57bjd2siiywx"))))
1363 (build-system python-build-system)
1364 (arguments
1365 `(#:phases
1366 (modify-phases %standard-phases
1367 (replace 'check
1368 (lambda* (#:key inputs outputs #:allow-other-keys)
1369 (add-installed-pythonpath inputs outputs)
1370 (invoke "pytest" "-vv"))))))
1371 (native-inputs
1372 `(("python-more-itertools" ,python-more-itertools)
1373 ("python-pyopenssl" ,python-pyopenssl)
1374 ("python-pytest" ,python-pytest)
1375 ("python-pytest-cov" ,python-pytest-cov)
1376 ("python-service-identity" ,python-service-identity)
1377 ("python-zipp" ,python-zipp)))
1378 (propagated-inputs
1379 `(("python-cryptography" ,python-cryptography)))
1380 (home-page "https://github.com/python-trio/trustme")
1381 (synopsis "Fake a certificate authority for tests")
1382 (description
1383 "@code{trustme} is a tiny Python package that does one thing: it gives you
1384a fake certificate authority (CA) that you can use to generate fake TLS certs to
1385use in your tests.")
1386 ;; Either license applies.
1387 (license (list license:expat license:asl2.0))))
1388
5e5c695d
EF		 1389(define-public python-certipy
1390 (package
1391 (name "python-certipy")
1392 (version "0.1.3")
1393 (source
1394 (origin
1395 (method url-fetch)
1396 (uri (pypi-uri "certipy" version))
1397 (sha256
1398 (base32
1399 "0n980gqpzh0fm58h3i4mi2i10wgj606lscm1r5sk60vbf6vh8mv9"))))
1400 (build-system python-build-system)
1401 (propagated-inputs
1402 `(("python-pyopenssl" ,python-pyopenssl)))
1403 (native-inputs
1404 `(("python-pytest" ,python-pytest)))
1405 (home-page "https://github.com/LLNL/certipy")
1406 (synopsis "Utility to create and sign CAs and certificates")
1407 (description
1408 "Certipy was made to simplify the certificate creation process. To that
1409end, certipy exposes methods for creating and managing certificate authorities,
1410certificates, signing and building trust bundles.")
1411 (license license:bsd-3)))
1412
83feb3d0
EF		 1413(define-public python-jeepney
1414 (package
1415 (name "python-jeepney")
5d844fd6 1416 (version "0.4.3")
83feb3d0
EF		 1417 (source
1418 (origin
1419 (method url-fetch)
1420 (uri (pypi-uri "jeepney" version))
1421 (sha256
5d844fd6 1422 (base32 "0vp3p1lqhqk2kd3254q5sxr50znmm2hmysc8a7g0fr1brihvhy9l"))))
83feb3d0
EF		 1423 (build-system python-build-system)
1424 (native-inputs
1425 `(("python-testpath" ,python-testpath)
1426 ("python-tornado" ,python-tornado)
1427 ("python-pytest" ,python-pytest)))
1428 (home-page "https://gitlab.com/takluyver/jeepney")
1429 (synopsis "Low-level, pure Python DBus protocol wrapper")
1430 (description
1431 "This is a low-level, pure Python DBus protocol client. It has an
1432I/O-free core, and integration modules for different event loops.")
1433 (license license:expat)))
08310637
EF		 1434
1435(define-public python-argon2-cffi
1436 (package
1437 (name "python-argon2-cffi")
9813805b 1438 (version "20.1.0")
08310637
EF		 1439 (source
1440 (origin
1441 (method url-fetch)
1442 (uri (pypi-uri "argon2-cffi" version))
1443 (sha256
1444 (base32
9813805b 1445 "0zgr4mnnm0p4i99023safb0qb8cgvl202nly1rvylk2b7qnrn0nq"))
08310637
EF		 1446 (modules '((guix build utils)))
1447 (snippet '(begin (delete-file-recursively "extras") #t))))
1448 (build-system python-build-system)
1449 (arguments
1450 '(#:phases
1451 (modify-phases %standard-phases
1452 (replace 'build
1453 (lambda _
1454 (setenv "ARGON2_CFFI_USE_SYSTEM" "1")
1455 (invoke "python" "setup.py" "build")))
1456 (replace 'check
1457 (lambda* (#:key inputs outputs #:allow-other-keys)
1458 (add-installed-pythonpath inputs outputs)
1459 (invoke "pytest")
1460 (invoke "python" "-m" "argon2" "--help")
1461 ;; see tox.ini
1462 (invoke "python" "-m" "argon2" "-n" "1" "-t" "1" "-m" "8" "-p" "1"))))))
1463 (propagated-inputs
1464 `(("python-cffi" ,python-cffi)
1465 ("python-six" ,python-six)))
1466 (inputs `(("argon2" ,argon2)))
1467 (native-inputs
1468 `(("python-hypothesis" ,python-hypothesis)
1469 ("python-pytest" ,python-pytest)))
1470 (home-page "https://argon2-cffi.readthedocs.io/")
1471 (synopsis "Secure Password Hashes for Python")
1472 (description
1473 "Argon2 is a secure password hashing algorithm. It is designed to have
1474both a configurable runtime as well as memory consumption. This means that you
1475can decide how long it takes to hash a password and how much memory is required.")
1476 (license license:expat)))
0a124c46
EF		 1477
1478(define-public python-privy
1479 (package
1480 (name "python-privy")
1481 (version "6.0.0")
1482 (source
1483 (origin
1484 (method git-fetch)
1485 (uri (git-reference
1486 ;; Releases are untagged
1487 (url "https://github.com/ofek/privy")
1488 (commit "2838db3df239797c71bddacc48a4c49a83f35747")))
1489 (file-name (git-file-name name version))
1490 (sha256
1491 (base32
1492 "1m32dh5fqc8cy7jyf1z5fs6zvmdkbq5fi98hr609gbl7s0l0y0i9"))))
1493 (build-system python-build-system)
1494 (arguments
1495 '(#:phases
1496 (modify-phases %standard-phases
1497 (replace 'check
1498 (lambda _
1499 (invoke "python" "-m" "pytest"))))))
1500 (native-inputs
1501 `(("python-pytest" ,python-pytest)))
1502 (propagated-inputs
1503 `(("python-argon2-cffi" ,python-argon2-cffi)
1504 ("python-cryptography" ,python-cryptography)))
1505 (home-page "https://www.dropbox.com/developers")
1506 (synopsis "Library to password-protect your data")
1507 (description
1508 "Privy is a small and fast utility for password-protecting secret
1509data such as API keys, cryptocurrency wallets, or seeds for digital
1510signatures.")
1511 (license (list license:expat license:asl2.0)))) ; dual licensed
1b11e894
JW		 1512
1513(define-public python-pgpy
1514 (package
1515 (name "python-pgpy")
1516 (version "0.5.2")
1517 (source
1518 (origin
1519 (method url-fetch)
1520 (uri (pypi-uri "PGPy" version))
1521 (sha256
1522 (base32
1523 "0i4lqhzdwkjkim3wab0kqadx28z3r5ixlh6qxj4lif4gif56c0m7"))))
1524 (build-system python-build-system)
1525 (native-inputs
1526 `(("python-cryptography" ,python-cryptography)
1527 ("python-pyasn1" ,python-pyasn1)
1528 ("python-singledispatch" ,python-singledispatch)
1529 ("python-six" ,python-six)))
1530 (home-page "https://github.com/SecurityInnovation/PGPy")
1531 (synopsis "Python implementation of OpenPGP")
1532 (description
1533 "Currently, PGPy can load keys and signatures of all kinds in both ASCII
1534armored and binary formats.
1535
1536It can create and verify RSA, DSA, and ECDSA signatures, at the moment. It
1537can also encrypt and decrypt messages using RSA and ECDH.")
1538 (license license:bsd-3)))
df6fb956
JW		 1539
1540(define-public python-sop
1541 (package
1542 (name "python-sop")
1543 (version "0.2.0")
1544 (source
1545 (origin
1546 (method url-fetch)
1547 (uri (pypi-uri "sop" version))
1548 (sha256
1549 (base32
1550 "0gljyjsdn6hdmwlwwb5g5s0c031p6izamvfxp0d39x60af8k5jyf"))))
1551 (build-system python-build-system)
1552 (arguments
1553 '(#:tests? #f)) ; There are no tests, and unittest throws an error trying
1554 ; to find some:
1555 ; TypeError: don't know how to make test from: 0.2.0
1556 (home-page "https://gitlab.com/dkg/python-sop")
1557 (synopsis "Stateless OpenPGP Command-Line Interface")
1558 (description
1559 "The Stateless OpenPGP Command-Line Interface (or sop) is a
1560specification that encourages OpenPGP implementors to provide a common,
1561relatively simple command-line API for purposes of object security.
1562
1563This Python module helps implementers build such a CLI from any implementation
1564accessible to the Python interpreter.
1565
1566It does not provide such an implementation itself -- this is just the
1567scaffolding for the command line, which should make it relatively easy to
1568supply a handful of python functions as methods to a class.")
1569 (license license:expat))) ; MIT license
jackhill's copy of GNU Guix: https://guix.gnu.org/