| 1 | ;;; GNU Guix --- Functional package management for GNU |
| 2 | ;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr> |
| 3 | ;;; Copyright © 2015, 2016, 2017, 2018 Efraim Flashner <efraim@flashner.co.il> |
| 4 | ;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name> |
| 5 | ;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com> |
| 6 | ;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au> |
| 7 | ;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com> |
| 8 | ;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com> |
| 9 | ;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org> |
| 10 | ;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org> |
| 11 | ;;; Copyright © 2016, 2017, 2018 Tobias Geerinckx-Rice <me@tobias.gr> |
| 12 | ;;; Copyright © 2016, 2017 Nils Gillmann <ng0@n0.is> |
| 13 | ;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org> |
| 14 | ;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net> |
| 15 | ;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org> |
| 16 | ;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net> |
| 17 | ;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au> |
| 18 | ;;; Copyright © 2018 Tomáš Čech <sleep_walker@gnu.org> |
| 19 | ;;; Copyright © 2018 Nicolas Goaziou <mail@nicolasgoaziou.fr> |
| 20 | ;;; Copyright © 2018 Vagrant Cascadian <vagrant@debian.org> |
| 21 | ;;; |
| 22 | ;;; This file is part of GNU Guix. |
| 23 | ;;; |
| 24 | ;;; GNU Guix is free software; you can redistribute it and/or modify it |
| 25 | ;;; under the terms of the GNU General Public License as published by |
| 26 | ;;; the Free Software Foundation; either version 3 of the License, or (at |
| 27 | ;;; your option) any later version. |
| 28 | ;;; |
| 29 | ;;; GNU Guix is distributed in the hope that it will be useful, but |
| 30 | ;;; WITHOUT ANY WARRANTY; without even the implied warranty of |
| 31 | ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 32 | ;;; GNU General Public License for more details. |
| 33 | ;;; |
| 34 | ;;; You should have received a copy of the GNU General Public License |
| 35 | ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>. |
| 36 | |
| 37 | (define-module (gnu packages python-crypto) |
| 38 | #:use-module (guix packages) |
| 39 | #:use-module (guix download) |
| 40 | #:use-module (guix git-download) |
| 41 | #:use-module (guix build-system python) |
| 42 | #:use-module (gnu packages) |
| 43 | #:use-module (gnu packages check) |
| 44 | #:use-module (gnu packages crypto) |
| 45 | #:use-module (gnu packages libffi) |
| 46 | #:use-module (gnu packages multiprecision) |
| 47 | #:use-module (gnu packages protobuf) |
| 48 | #:use-module (gnu packages python) |
| 49 | #:use-module (gnu packages python-web) |
| 50 | #:use-module (gnu packages time) |
| 51 | #:use-module (gnu packages tls) |
| 52 | #:use-module ((guix licenses) #:prefix license:) |
| 53 | #:use-module (srfi srfi-1)) |
| 54 | |
| 55 | (define-public python-base58 |
| 56 | (package |
| 57 | (name "python-base58") |
| 58 | (version "1.0.0") |
| 59 | (source |
| 60 | (origin |
| 61 | (method url-fetch) |
| 62 | (uri (pypi-uri "base58" version)) |
| 63 | (sha256 |
| 64 | (base32 |
| 65 | "0lgnk7ycdxwhk2bkygl30nsks56bvrdj79ix76iv965pz808pzn5")))) |
| 66 | (build-system python-build-system) |
| 67 | (native-inputs |
| 68 | `(("python-pyhamcrest" ,python-pyhamcrest))) |
| 69 | (home-page "https://github.com/keis/base58") |
| 70 | (synopsis "Base58 and Base58Check implementation") |
| 71 | (description "Base58 and Base58Check implementation compatible |
| 72 | with what is used by the Bitcoin network.") |
| 73 | (license license:expat))) |
| 74 | |
| 75 | (define-public python-bcrypt |
| 76 | (package |
| 77 | (name "python-bcrypt") |
| 78 | (version "3.1.4") |
| 79 | (source |
| 80 | (origin |
| 81 | (method url-fetch) |
| 82 | (uri (pypi-uri "bcrypt" version)) |
| 83 | (sha256 |
| 84 | (base32 |
| 85 | "13cyrnqwkhc70rs6dg65z4yrrr3dc42fhk11804fqmci9hvimvb7")))) |
| 86 | (build-system python-build-system) |
| 87 | (native-inputs |
| 88 | `(("python-pycparser" ,python-pycparser) |
| 89 | ("python-pytest" ,python-pytest))) |
| 90 | (propagated-inputs |
| 91 | `(("python-cffi" ,python-cffi) |
| 92 | ("python-six" ,python-six))) |
| 93 | (home-page "https://github.com/pyca/bcrypt/") |
| 94 | (synopsis |
| 95 | "Modern password hashing library") |
| 96 | (description |
| 97 | "Bcrypt is a Python module which provides a password hashing method based |
| 98 | on the Blowfish password hashing algorithm, as described in |
| 99 | @url{http://static.usenix.org/events/usenix99/provos.html,\"A Future-Adaptable |
| 100 | Password Scheme\"} by Niels Provos and David Mazieres.") |
| 101 | (license license:asl2.0))) |
| 102 | |
| 103 | (define-public python2-bcrypt |
| 104 | (package-with-python2 python-bcrypt)) |
| 105 | |
| 106 | (define-public python-passlib |
| 107 | (package |
| 108 | (name "python-passlib") |
| 109 | (version "1.7.1") |
| 110 | (source |
| 111 | (origin |
| 112 | (method url-fetch) |
| 113 | (uri (pypi-uri "passlib" version)) |
| 114 | (sha256 |
| 115 | (base32 |
| 116 | "1q2khqpj9rlcgdmkypjdq1kswvhjf72bq0zk2cv669cc2dj8z51x")))) |
| 117 | (build-system python-build-system) |
| 118 | (native-inputs |
| 119 | `(("python-nose" ,python-nose))) |
| 120 | (propagated-inputs |
| 121 | `(("python-py-bcrypt" ,python-py-bcrypt))) |
| 122 | (arguments |
| 123 | `(#:phases |
| 124 | (modify-phases %standard-phases |
| 125 | (add-before 'check 'set-PYTHON_EGG_CACHE |
| 126 | ;; some tests require access to "$HOME/.cython" |
| 127 | (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t))))) |
| 128 | (home-page "https://bitbucket.org/ecollins/passlib") |
| 129 | (synopsis |
| 130 | "Comprehensive password hashing framework") |
| 131 | (description |
| 132 | "Passlib is a password hashing library for Python 2 & 3, which provides |
| 133 | cross-platform implementations of over 30 password hashing algorithms, as well |
| 134 | as a framework for managing existing password hashes. It's designed to be |
| 135 | useful for a wide range of tasks, from verifying a hash found in /etc/shadow, |
| 136 | to providing full-strength password hashing for multi-user application.") |
| 137 | (license license:bsd-3))) |
| 138 | |
| 139 | (define-public python2-passlib |
| 140 | (package-with-python2 python-passlib)) |
| 141 | |
| 142 | (define-public python-py-bcrypt |
| 143 | (package |
| 144 | (name "python-py-bcrypt") |
| 145 | (version "0.4") |
| 146 | (source |
| 147 | (origin |
| 148 | (method url-fetch) |
| 149 | (uri (string-append |
| 150 | "https://pypi.python.org/packages/source/p/py-bcrypt/py-bcrypt-" |
| 151 | version |
| 152 | ".tar.gz")) |
| 153 | (sha256 |
| 154 | (base32 |
| 155 | "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az")))) |
| 156 | (build-system python-build-system) |
| 157 | (home-page "https://code.google.com/p/py-bcrypt") |
| 158 | (synopsis |
| 159 | "Bcrypt password hashing and key derivation") |
| 160 | (description |
| 161 | "A python wrapper of OpenBSD's Blowfish password hashing code. This |
| 162 | system hashes passwords using a version of Bruce Schneier's Blowfish block |
| 163 | cipher with modifications designed to raise the cost of off-line password |
| 164 | cracking and frustrate fast hardware implementation. The computation cost of |
| 165 | the algorithm is parametised, so it can be increased as computers get faster. |
| 166 | The intent is to make a compromise of a password database less likely to |
| 167 | result in an attacker gaining knowledge of the plaintext passwords (e.g. using |
| 168 | John the Ripper).") |
| 169 | ;; "sha2.c" is under BSD-3; |
| 170 | ;; "blowfish.c" and "bcrypt.c" are under BSD-4; |
| 171 | ;; the rest is under ISC. |
| 172 | (license (list license:isc license:bsd-3 license:bsd-4)))) |
| 173 | |
| 174 | (define-public python2-py-bcrypt |
| 175 | (package-with-python2 python-py-bcrypt)) |
| 176 | |
| 177 | (define-public python-pyblake2 |
| 178 | (package |
| 179 | (name "python-pyblake2") |
| 180 | (version "1.1.2") |
| 181 | (source |
| 182 | (origin |
| 183 | (method url-fetch) |
| 184 | (uri (pypi-uri "pyblake2" version)) |
| 185 | (sha256 |
| 186 | (base32 |
| 187 | "0gz9hgznv5zw4qjq43xa56y0yikimx30gffvibxzm0nv5sq7xk2w")))) |
| 188 | (build-system python-build-system) |
| 189 | (home-page "https://github.com/dchest/pyblake2") |
| 190 | (synopsis "BLAKE2 hash function for Python") |
| 191 | (description "BLAKE2 is a cryptographic hash function, which offers |
| 192 | stronger security while being as fast as MD5 or SHA-1, and comes in two |
| 193 | flavors: @code{BLAKE2b}, optimized for 64-bit platforms and produces digests |
| 194 | of any size between 1 and 64 bytes, and @code{BLAKE2s}, optimized for 8- to |
| 195 | 32-bit platforms and produces digests of any size between 1 and 32 bytes. |
| 196 | |
| 197 | This package provides a Python interface for BLAKE2.") |
| 198 | ;; The COPYING file declares it as public domain, with the option to |
| 199 | ;; alternatively use and redistribute it under a variety of permissive |
| 200 | ;; licenses. cc0 is explicitly mentioned in setup.py and pyblake2module.c. |
| 201 | (license (list license:public-domain license:cc0)))) |
| 202 | |
| 203 | (define-public python-paramiko |
| 204 | (package |
| 205 | (name "python-paramiko") |
| 206 | (version "2.4.1") |
| 207 | (source |
| 208 | (origin |
| 209 | (method url-fetch) |
| 210 | (uri (pypi-uri "paramiko" version)) |
| 211 | (sha256 |
| 212 | (base32 |
| 213 | "1wx4s95i2cdh8hhi1c3jb8lzk71jifa3z9wjfsx905y7lrsngqrk")))) |
| 214 | (build-system python-build-system) |
| 215 | (arguments |
| 216 | `(;; FIXME: Tests require many unpackaged libraries, see dev-requirements.txt. |
| 217 | #:tests? #f)) |
| 218 | (propagated-inputs |
| 219 | `(("python-bcrypt" ,python-bcrypt) |
| 220 | ("python-pyasn1" ,python-pyasn1) |
| 221 | ("python-pynacl" ,python-pynacl) |
| 222 | ("python-cryptography" ,python-cryptography))) |
| 223 | (home-page "http://www.paramiko.org/") |
| 224 | (synopsis "SSHv2 protocol library") |
| 225 | (description "Paramiko is a python implementation of the SSHv2 protocol, |
| 226 | providing both client and server functionality. While it leverages a Python C |
| 227 | extension for low level cryptography (PyCrypto), Paramiko itself is a pure |
| 228 | Python interface around SSH networking concepts.") |
| 229 | (license license:lgpl2.1+))) |
| 230 | |
| 231 | (define-public python2-paramiko |
| 232 | (package-with-python2 python-paramiko)) |
| 233 | |
| 234 | (define-public python-ecdsa |
| 235 | (package |
| 236 | (name "python-ecdsa") |
| 237 | (version "0.13") |
| 238 | (source |
| 239 | (origin |
| 240 | (method url-fetch) |
| 241 | (uri (string-append |
| 242 | "https://pypi.python.org/packages/source/e/ecdsa/ecdsa-" |
| 243 | version |
| 244 | ".tar.gz")) |
| 245 | (sha256 |
| 246 | (base32 |
| 247 | "1yj31j0asmrx4an9xvsaj2icdmzy6pw0glfpqrrkrphwdpi1xkv4")))) |
| 248 | (build-system python-build-system) |
| 249 | (inputs |
| 250 | `(("openssl" ,openssl))) |
| 251 | (home-page |
| 252 | "https://github.com/warner/python-ecdsa") |
| 253 | (synopsis |
| 254 | "ECDSA cryptographic signature library (pure python)") |
| 255 | (description |
| 256 | "This is an easy-to-use implementation of ECDSA cryptography (Elliptic |
| 257 | Curve Digital Signature Algorithm), implemented purely in Python. With this |
| 258 | library, you can quickly create keypairs (signing key and verifying key), sign |
| 259 | messages, and verify the signatures. The keys and signatures are very short, |
| 260 | making them easy to handle and incorporate into other protocols.") |
| 261 | (license license:expat))) |
| 262 | |
| 263 | (define-public python2-ecdsa |
| 264 | (package-with-python2 python-ecdsa)) |
| 265 | |
| 266 | ;;; Pycrypto is abandoned upstream: |
| 267 | ;;; |
| 268 | ;;; https://github.com/dlitz/pycrypto/issues/173 |
| 269 | ;;; |
| 270 | ;;; TODO Remove this package from GNU Guix. |
| 271 | (define-public python-pycrypto |
| 272 | (package |
| 273 | (name "python-pycrypto") |
| 274 | (version "2.6.1") |
| 275 | (source |
| 276 | (origin |
| 277 | (method url-fetch) |
| 278 | (uri (pypi-uri "pycrypto" version)) |
| 279 | (patches (search-patches "python-pycrypto-CVE-2013-7459.patch")) |
| 280 | (sha256 |
| 281 | (base32 |
| 282 | "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj")))) |
| 283 | (build-system python-build-system) |
| 284 | (inputs |
| 285 | `(("python" ,python) |
| 286 | ("gmp" ,gmp))) |
| 287 | (arguments |
| 288 | `(#:phases |
| 289 | (modify-phases %standard-phases |
| 290 | (add-before 'build 'set-build-env |
| 291 | ;; pycrypto runs an autoconf configure script behind the scenes |
| 292 | (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t))))) |
| 293 | (home-page "http://www.pycrypto.org/") |
| 294 | (synopsis "Cryptographic modules for Python") |
| 295 | (description |
| 296 | "Pycrypto is a collection of both secure hash functions (such as SHA256 |
| 297 | and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, |
| 298 | etc.). The package is structured to make adding new modules easy.") |
| 299 | (license license:public-domain))) |
| 300 | |
| 301 | (define-public python2-pycrypto |
| 302 | (let ((pycrypto (package-with-python2 python-pycrypto))) |
| 303 | (package (inherit pycrypto) |
| 304 | (inputs |
| 305 | `(("python" ,python-2) |
| 306 | ,@(alist-delete |
| 307 | "python" |
| 308 | (package-inputs pycrypto))))))) |
| 309 | |
| 310 | (define-public python-keyring |
| 311 | (package |
| 312 | (name "python-keyring") |
| 313 | (version "8.7") |
| 314 | (source |
| 315 | (origin |
| 316 | (method url-fetch) |
| 317 | (uri (pypi-uri "keyring" version)) |
| 318 | (sha256 |
| 319 | (base32 |
| 320 | "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx")))) |
| 321 | (build-system python-build-system) |
| 322 | (native-inputs |
| 323 | `(("python-setuptools-scm" ,python-setuptools-scm))) |
| 324 | (propagated-inputs |
| 325 | `(("python-pycrypto" ,python-pycrypto))) |
| 326 | (arguments |
| 327 | `(#:tests? #f)) ;TODO: tests require pytest |
| 328 | (home-page "https://github.com/jaraco/keyring") |
| 329 | (synopsis "Store and access your passwords safely") |
| 330 | (description |
| 331 | "The Python keyring lib provides a easy way to access the system keyring |
| 332 | service from python. It can be used in any application that needs safe |
| 333 | password storage.") |
| 334 | ;; "MIT" and PSF dual license |
| 335 | (license license:x11))) |
| 336 | |
| 337 | (define-public python2-keyring |
| 338 | (package-with-python2 python-keyring)) |
| 339 | |
| 340 | (define-public python-certifi |
| 341 | (package |
| 342 | (name "python-certifi") |
| 343 | (version "2017.1.23") |
| 344 | (source (origin |
| 345 | (method url-fetch) |
| 346 | (uri (pypi-uri "certifi" version)) |
| 347 | (sha256 |
| 348 | (base32 |
| 349 | "1klrzl3hgvcf2mjk00g0k3kk1p2z27vzwnxivwar4vhjmjvpz1w1")))) |
| 350 | (build-system python-build-system) |
| 351 | (home-page "https://certifi.io/") |
| 352 | (synopsis "Python CA certificate bundle") |
| 353 | (description |
| 354 | "Certifi is a Python library that contains a CA certificate bundle, which |
| 355 | is used by the Requests library to verify HTTPS requests.") |
| 356 | (license license:asl2.0))) |
| 357 | |
| 358 | (define-public python2-certifi |
| 359 | (package-with-python2 python-certifi)) |
| 360 | |
| 361 | (define-public python-cryptography-vectors |
| 362 | (package |
| 363 | (name "python-cryptography-vectors") |
| 364 | (version "2.3.1") |
| 365 | (source |
| 366 | (origin |
| 367 | (method url-fetch) |
| 368 | (uri (pypi-uri "cryptography_vectors" version)) |
| 369 | (sha256 |
| 370 | (base32 |
| 371 | "0ijdck30p7jv8a0zwv8b7d30ciqrmmps62lm63l4k776vihrnkdz")))) |
| 372 | (build-system python-build-system) |
| 373 | (home-page "https://github.com/pyca/cryptography") |
| 374 | (synopsis "Test vectors for the cryptography package") |
| 375 | (description |
| 376 | "This package contains test vectors for the cryptography package.") |
| 377 | ;; Distributed under either BSD-3 or ASL2.0 |
| 378 | (license (list license:bsd-3 license:asl2.0)))) |
| 379 | |
| 380 | (define-public python2-cryptography-vectors |
| 381 | (package-with-python2 python-cryptography-vectors)) |
| 382 | |
| 383 | (define-public python-cryptography |
| 384 | (package |
| 385 | (name "python-cryptography") |
| 386 | (version "2.3.1") |
| 387 | (source |
| 388 | (origin |
| 389 | (method url-fetch) |
| 390 | (uri (pypi-uri "cryptography" version)) |
| 391 | (sha256 |
| 392 | (base32 |
| 393 | "1mnzf168vlxirq7fw9dm9zbvma7z8phc9cl5bffw5916m0y1244d")))) |
| 394 | (build-system python-build-system) |
| 395 | (inputs |
| 396 | `(("openssl" ,openssl))) |
| 397 | (propagated-inputs |
| 398 | `(("python-asn1crypto" ,python-asn1crypto) |
| 399 | ("python-cffi" ,python-cffi) |
| 400 | ("python-six" ,python-six) |
| 401 | ("python-idna" ,python-idna) |
| 402 | ("python-iso8601" ,python-iso8601))) |
| 403 | (native-inputs |
| 404 | `(("python-cryptography-vectors" ,python-cryptography-vectors) |
| 405 | ("python-hypothesis" ,python-hypothesis) |
| 406 | ("python-pretend" ,python-pretend) |
| 407 | ("python-pytz" ,python-pytz) |
| 408 | ("python-pytest" ,python-pytest))) |
| 409 | (home-page "https://github.com/pyca/cryptography") |
| 410 | (synopsis "Cryptographic recipes and primitives for Python") |
| 411 | (description |
| 412 | "cryptography is a package which provides cryptographic recipes and |
| 413 | primitives to Python developers. It aims to be the “cryptographic standard |
| 414 | library” for Python. The package includes both high level recipes, and low |
| 415 | level interfaces to common cryptographic algorithms such as symmetric ciphers, |
| 416 | message digests and key derivation functions.") |
| 417 | ;; Distributed under either BSD-3 or ASL2.0 |
| 418 | (license (list license:bsd-3 license:asl2.0)) |
| 419 | (properties `((python2-variant . ,(delay python2-cryptography)))))) |
| 420 | |
| 421 | (define-public python2-cryptography |
| 422 | (let ((crypto (package-with-python2 |
| 423 | (strip-python2-variant python-cryptography)))) |
| 424 | (package (inherit crypto) |
| 425 | (propagated-inputs |
| 426 | `(("python2-ipaddress" ,python2-ipaddress) |
| 427 | ("python2-backport-ssl-match-hostname" |
| 428 | ,python2-backport-ssl-match-hostname) |
| 429 | ("python2-enum34" ,python2-enum34) |
| 430 | ,@(package-propagated-inputs crypto)))))) |
| 431 | |
| 432 | (define-public python-pyopenssl |
| 433 | (package |
| 434 | (name "python-pyopenssl") |
| 435 | (version "18.0.0") |
| 436 | (source |
| 437 | (origin |
| 438 | (method url-fetch) |
| 439 | (uri (pypi-uri "pyOpenSSL" version)) |
| 440 | (sha256 |
| 441 | (base32 |
| 442 | "1055rb456nvrjcij3sqj6c6l3kmh5cqqay0nsmx3pxq07d1g3234")))) |
| 443 | (build-system python-build-system) |
| 444 | (arguments |
| 445 | '(#:phases |
| 446 | (modify-phases %standard-phases |
| 447 | (delete 'check) |
| 448 | (add-after 'install 'check |
| 449 | (lambda* (#:key inputs outputs #:allow-other-keys) |
| 450 | (add-installed-pythonpath inputs outputs) |
| 451 | (zero? (system* "py.test" "-v" "-k" |
| 452 | (string-append |
| 453 | ;; This test tries to look up certificates from |
| 454 | ;; the compiled-in default path in OpenSSL, which |
| 455 | ;; does not exist in the build environment. |
| 456 | "not test_fallback_default_verify_paths " |
| 457 | ;; This test attempts to make a connection to |
| 458 | ;; an external web service. |
| 459 | "and not test_set_default_verify_paths")))))))) |
| 460 | (propagated-inputs |
| 461 | `(("python-cryptography" ,python-cryptography) |
| 462 | ("python-six" ,python-six))) |
| 463 | (inputs |
| 464 | `(("openssl" ,openssl))) |
| 465 | (native-inputs |
| 466 | `(("python-flaky" ,python-flaky) |
| 467 | ("python-pretend" ,python-pretend) |
| 468 | ("python-pytest" ,python-pytest))) |
| 469 | (home-page "https://github.com/pyca/pyopenssl") |
| 470 | (synopsis "Python wrapper module around the OpenSSL library") |
| 471 | (description |
| 472 | "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL |
| 473 | library.") |
| 474 | (license license:asl2.0))) |
| 475 | |
| 476 | (define-public python2-pyopenssl |
| 477 | (package-with-python2 python-pyopenssl)) |
| 478 | |
| 479 | (define-public python-ed25519 |
| 480 | (package |
| 481 | (name "python-ed25519") |
| 482 | (version "1.4") |
| 483 | (source |
| 484 | (origin |
| 485 | (method url-fetch) |
| 486 | (uri (pypi-uri "ed25519" version)) |
| 487 | (sha256 |
| 488 | (base32 |
| 489 | "0ahx1nkxa0xis3cw0h5c4fpgv8mq4znkq7kajly33lc3317bk499")))) |
| 490 | (build-system python-build-system) |
| 491 | (home-page "https://github.com/warner/python-ed25519") |
| 492 | (synopsis "Ed25519 public-key signatures") |
| 493 | (description "Ed25519 public-key signatures") |
| 494 | (license license:expat))) |
| 495 | |
| 496 | (define-public python2-ed25519 |
| 497 | (package-with-python2 python-ed25519)) |
| 498 | |
| 499 | (define-public python-axolotl-curve25519 |
| 500 | (package |
| 501 | (name "python-axolotl-curve25519") |
| 502 | (version "0.1") |
| 503 | (source |
| 504 | (origin |
| 505 | (method git-fetch) |
| 506 | (uri (git-reference |
| 507 | (url "https://github.com/tgalal/python-axolotl-curve25519") |
| 508 | (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2"))) |
| 509 | (file-name (string-append name "-" version "-checkout")) |
| 510 | (sha256 |
| 511 | (base32 |
| 512 | "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra")))) |
| 513 | (build-system python-build-system) |
| 514 | (arguments |
| 515 | `(;; Prevent creation of the egg. This works around |
| 516 | ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765 |
| 517 | #:configure-flags '("--root=/"))) |
| 518 | (home-page "https://github.com/tgalal/python-axolotl-curve25519") |
| 519 | (synopsis "Python wrapper for curve25519 library") |
| 520 | (description "This is a python wrapper for the curve25519 library |
| 521 | with ed25519 signatures. The C code was pulled from |
| 522 | libaxolotl-android. At the moment this wrapper is meant for use by |
| 523 | python-axolotl.") |
| 524 | (license (list license:gpl3 ; Most files |
| 525 | license:bsd-3)))) ; curve/curve25519-donna.c |
| 526 | |
| 527 | (define-public python2-axolotl-curve25519 |
| 528 | (package-with-python2 python-axolotl-curve25519)) |
| 529 | |
| 530 | (define-public python-axolotl |
| 531 | (package |
| 532 | (name "python-axolotl") |
| 533 | (version "0.1.39") |
| 534 | (source |
| 535 | (origin |
| 536 | (method url-fetch) |
| 537 | (uri (string-append |
| 538 | "https://github.com/tgalal/python-axolotl/archive/" |
| 539 | version ".tar.gz")) |
| 540 | (file-name (string-append name "-" version ".tar.gz")) |
| 541 | (patches (search-patches "python-axolotl-AES-fix.patch")) |
| 542 | (sha256 |
| 543 | (base32 "0badsgkgz0ir3hqynxzsfjgacppi874syvvmgccc6j164053x6zm")))) |
| 544 | (build-system python-build-system) |
| 545 | (arguments |
| 546 | `(#:phases |
| 547 | (modify-phases %standard-phases |
| 548 | ;; Don't install tests |
| 549 | (add-before 'install 'remove-tests |
| 550 | (lambda _ |
| 551 | (for-each delete-file-recursively |
| 552 | '("axolotl/tests" "build/lib/axolotl/tests")) |
| 553 | #t))))) |
| 554 | (propagated-inputs |
| 555 | `(("python-axolotl-curve25519" ,python-axolotl-curve25519) |
| 556 | ("python-dateutil" ,python-dateutil) |
| 557 | ("python-protobuf" ,python-protobuf) |
| 558 | ("python-pycrypto" ,python-pycrypto))) |
| 559 | (home-page "https://github.com/tgalal/python-axolotl") |
| 560 | (synopsis "Python port of libaxolotl-android") |
| 561 | (description "This is a python port of libaxolotl-android. This |
| 562 | is a ratcheting forward secrecy protocol that works in synchronous and |
| 563 | asynchronous messaging environments.") |
| 564 | (license license:gpl3))) |
| 565 | |
| 566 | (define-public python2-axolotl |
| 567 | (package-with-python2 python-axolotl)) |
| 568 | |
| 569 | ;; SlowAES isn't compatible with Python 3. |
| 570 | (define-public python2-slowaes |
| 571 | (package |
| 572 | (name "python2-slowaes") |
| 573 | (version "0.1a1") |
| 574 | (source |
| 575 | (origin |
| 576 | (method url-fetch) |
| 577 | (uri (pypi-uri "slowaes" version)) |
| 578 | (sha256 |
| 579 | (base32 |
| 580 | "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3")))) |
| 581 | (build-system python-build-system) |
| 582 | (arguments `(#:python ,python-2)) |
| 583 | (home-page "http://code.google.com/p/slowaes/") |
| 584 | (synopsis "Implementation of AES in Python") |
| 585 | (description "This package contains an implementation of AES in Python. |
| 586 | This implementation is slow (hence the project name) but still useful when |
| 587 | faster ones are not available.") |
| 588 | (license license:asl2.0))) |
| 589 | |
| 590 | (define-public python-pyaes |
| 591 | (package |
| 592 | (name "python-pyaes") |
| 593 | (version "1.6.1") |
| 594 | (source |
| 595 | (origin |
| 596 | (method url-fetch) |
| 597 | (uri (pypi-uri "pyaes" version)) |
| 598 | (sha256 |
| 599 | (base32 |
| 600 | "13vdaff15k0jyfcss4b4xvfgm8xyv0nrbyw5n1qc7lrqbi0b3h82")))) |
| 601 | (build-system python-build-system) |
| 602 | (home-page "https://github.com/ricmoo/pyaes") |
| 603 | (synopsis "Implementation of AES in Python") |
| 604 | (description "This package contains a pure-Python implementation of the |
| 605 | AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR, |
| 606 | ECB and OFB).") |
| 607 | (license license:expat))) |
| 608 | |
| 609 | (define-public python2-pyaes |
| 610 | (package-with-python2 python-pyaes)) |
| 611 | |
| 612 | (define-public python-asn1crypto |
| 613 | (package |
| 614 | (name "python-asn1crypto") |
| 615 | (version "0.24.0") |
| 616 | (source |
| 617 | (origin |
| 618 | (method git-fetch) |
| 619 | (uri (git-reference |
| 620 | (url "https://github.com/wbond/asn1crypto.git") |
| 621 | (commit version))) |
| 622 | (file-name (git-file-name name version)) |
| 623 | (sha256 |
| 624 | (base32 |
| 625 | "10lai2cs5mnz3gpaffbw1m7b885ls8328q5wxm35vfmcip1f0xmb")))) |
| 626 | (build-system python-build-system) |
| 627 | (home-page "https://github.com/wbond/asn1crypto") |
| 628 | (synopsis "ASN.1 parser and serializer in Python") |
| 629 | (description "asn1crypto is an ASN.1 parser and serializer with definitions |
| 630 | for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, |
| 631 | PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.") |
| 632 | (license license:expat))) |
| 633 | |
| 634 | (define-public python2-asn1crypto |
| 635 | (package-with-python2 python-asn1crypto)) |
| 636 | |
| 637 | (define-public python-pynacl |
| 638 | (package |
| 639 | (name "python-pynacl") |
| 640 | (version "1.2.1") |
| 641 | (source |
| 642 | (origin |
| 643 | (method url-fetch) |
| 644 | (uri (pypi-uri "PyNaCl" version)) |
| 645 | (modules '((guix build utils))) |
| 646 | ;; Remove bundled libsodium. |
| 647 | (snippet '(begin (delete-file-recursively "src/libsodium") |
| 648 | #t)) |
| 649 | (sha256 |
| 650 | (base32 |
| 651 | "1ada3qr83cliap6dk897vnvjkynij1kjqbwizdbgarazlyh8zlz0")))) |
| 652 | (build-system python-build-system) |
| 653 | (arguments |
| 654 | `(#:phases |
| 655 | (modify-phases %standard-phases |
| 656 | (add-before 'build 'use-system-sodium |
| 657 | (lambda _ |
| 658 | (setenv "SODIUM_INSTALL" "system") |
| 659 | #t))))) |
| 660 | (native-inputs |
| 661 | `(("python-hypothesis" ,python-hypothesis) |
| 662 | ("python-pytest" ,python-pytest))) |
| 663 | (propagated-inputs |
| 664 | `(("python-cffi" ,python-cffi) |
| 665 | ("python-six" ,python-six) |
| 666 | ("libsodium" ,libsodium))) |
| 667 | (home-page "https://github.com/pyca/pynacl/") |
| 668 | (synopsis "Python bindings to libsodium") |
| 669 | (description |
| 670 | "PyNaCl is a Python binding to libsodium, which is a fork of the |
| 671 | Networking and Cryptography library. These libraries have a stated goal |
| 672 | of improving usability, security and speed.") |
| 673 | (license license:asl2.0))) |
| 674 | |
| 675 | (define-public python2-pynacl |
| 676 | (package-with-python2 python-pynacl)) |
| 677 | |
| 678 | (define-public python2-pgpdump |
| 679 | (package |
| 680 | (name "python2-pgpdump") |
| 681 | (version "1.5") |
| 682 | (source |
| 683 | (origin |
| 684 | (method url-fetch) |
| 685 | (uri (pypi-uri "pgpdump" version)) |
| 686 | (sha256 |
| 687 | (base32 |
| 688 | "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw")))) |
| 689 | (build-system python-build-system) |
| 690 | |
| 691 | ;; Currently fails to build with Python 3. |
| 692 | (arguments `(#:python ,python-2)) |
| 693 | |
| 694 | (home-page "https://github.com/toofishes/python-pgpdump") |
| 695 | (synopsis "Python library for parsing PGP packets") |
| 696 | (description |
| 697 | "Python-pgpdump is an OpenPGP packet parser based on |
| 698 | @uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}. It notably supports: |
| 699 | |
| 700 | @itemize |
| 701 | @item signature packets; |
| 702 | @item public key packets; |
| 703 | @item secret key packets; |
| 704 | @item trust, user ID, and user attribute packets; |
| 705 | @item ASCII-armor decoding and CRC check. |
| 706 | @end itemize\n") |
| 707 | (license license:bsd-3))) |
| 708 | |
| 709 | (define-public python2-roca-detect |
| 710 | (package |
| 711 | (name "python2-roca-detect") |
| 712 | (version "1.0.8") |
| 713 | (source |
| 714 | (origin |
| 715 | (method url-fetch) |
| 716 | (uri (pypi-uri "roca-detect" version)) |
| 717 | (sha256 |
| 718 | (base32 |
| 719 | "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27")))) |
| 720 | (build-system python-build-system) |
| 721 | (native-inputs |
| 722 | ;; TODO: apk_parse_ph4, pyjks |
| 723 | `(("python2-dateutil" ,python2-dateutil) |
| 724 | ("python2-six" ,python2-six) |
| 725 | ("python2-cryptography" ,python2-cryptography) |
| 726 | ("python2-future" ,python2-future) |
| 727 | ("python2-coloredlogs" ,python2-coloredlogs) |
| 728 | ("python2-pgpdump" ,python2-pgpdump))) |
| 729 | (arguments |
| 730 | `(;; Basic testing routine is quite simple and works with Py3 |
| 731 | ;; but the rest of the code that processes the different |
| 732 | ;; key formats and extracts the modulus for inspection is |
| 733 | ;; not yet fully py3 ready. |
| 734 | #:python ,python-2)) |
| 735 | (home-page "https://github.com/crocs-muni/roca") |
| 736 | (synopsis "ROCA detection tool") |
| 737 | (description |
| 738 | "This tool is related to the paper entitled @i{Return of the |
| 739 | Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}. It |
| 740 | enables you to test public RSA keys for a presence of the described |
| 741 | vulnerability. Currently the tool supports the following key formats: X.509 |
| 742 | Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public |
| 743 | key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF |
| 744 | file, and more.") |
| 745 | (license license:gpl3))) |
| 746 | |
| 747 | (define-public python-ecpy |
| 748 | (package |
| 749 | (name "python-ecpy") |
| 750 | (version "0.8.2") |
| 751 | (source |
| 752 | (origin |
| 753 | (method url-fetch) |
| 754 | (uri (pypi-uri "ECPy" version)) |
| 755 | (sha256 |
| 756 | (base32 |
| 757 | "090fqnj8z0xm44jrfpll7j45r68m6kp7mjr7yxzg93j42h3sj285")))) |
| 758 | (build-system python-build-system) |
| 759 | (propagated-inputs |
| 760 | `(("python-future" ,python-future))) |
| 761 | (home-page "https://github.com/ubinity/ECPy") |
| 762 | (synopsis "Pure Python Elliptic Curve Library") |
| 763 | (description "This package provides a Elliptic Curve Library in pure |
| 764 | Python.") |
| 765 | (license license:asl2.0))) |
| 766 | |
| 767 | (define-public python2-ecpy |
| 768 | (package-with-python2 python-ecpy)) |
| 769 | |
| 770 | (define-public python-josepy |
| 771 | (package |
| 772 | (name "python-josepy") |
| 773 | (version "1.1.0") |
| 774 | (source (origin |
| 775 | (method url-fetch) |
| 776 | (uri (pypi-uri "josepy" version)) |
| 777 | (sha256 |
| 778 | (base32 |
| 779 | "11khz8malzrv375b27jjkv66z6z6khdx1v5mkkr4vq16gp3n4p7v")))) |
| 780 | (build-system python-build-system) |
| 781 | (arguments |
| 782 | ;; The tests require flake8 >= 3.5, which is not yet packaged. |
| 783 | '(#:tests? #f)) |
| 784 | (propagated-inputs |
| 785 | `(("python-cryptography" ,python-cryptography) |
| 786 | ("python-pyopenssl" ,python-pyopenssl) |
| 787 | ("python-six" ,python-six))) |
| 788 | ;; TODO Enable when we have flake8 >= 3.5. |
| 789 | ; (native-inputs |
| 790 | ; `(("python-coverage" ,python-coverage) |
| 791 | ; ("python-flake8" ,python-flake8) |
| 792 | ; ("python-isort" ,python-isort) |
| 793 | ; ("python-mock" ,python-mock) |
| 794 | ; ("python-pytest" ,python-pytest) |
| 795 | ; ("python-pytest-cov" ,python-pytest-cov) |
| 796 | ; ("python-pytest-cache" ,python-pytest-cache) |
| 797 | ; ("python-pytest-flake8" ,python-pytest-flake8))) |
| 798 | (home-page "https://github.com/certbot/josepy") |
| 799 | (synopsis "JOSE protocol implementation in Python") |
| 800 | (description "This package provides a Python implementation of the JOSE |
| 801 | protocol (Javascript Object Signing and Encryption).") |
| 802 | (license license:asl2.0))) |
| 803 | |
| 804 | (define-public python2-josepy |
| 805 | (package-with-python2 python-josepy)) |
| 806 | |
| 807 | (define-public python-pycryptodome |
| 808 | (package |
| 809 | (name "python-pycryptodome") |
| 810 | (version "3.5.1") |
| 811 | (source |
| 812 | (origin |
| 813 | (method url-fetch) |
| 814 | (uri (pypi-uri "pycryptodome" version)) |
| 815 | (sha256 |
| 816 | (base32 |
| 817 | "15mc1h5ij1b6hcqvb048kb4k0ip64n2ky0zz0rml2s78ylv7g5dp")))) |
| 818 | (build-system python-build-system) |
| 819 | (home-page "https://www.pycryptodome.org") |
| 820 | (synopsis "Cryptographic library for Python") |
| 821 | (description "This package provides a cryptographic library for Python. |
| 822 | |
| 823 | It brings the following enhancements with respect to the last official version |
| 824 | of PyCrypto: |
| 825 | |
| 826 | @itemize |
| 827 | @item Authenticated encryption modes (GCM, CCM, EAX, SIV, OCB) |
| 828 | @item Accelerated AES on Intel platforms via AES-NI |
| 829 | @item First class support for PyPy |
| 830 | @item Elliptic curves cryptography (NIST P-256 curve only) |
| 831 | @item Better and more compact API (nonce and iv attributes for ciphers, |
| 832 | automatic generation of random nonces and IVs, simplified CTR cipher mode, and |
| 833 | more) |
| 834 | @item SHA-3 (including SHAKE XOFs) and BLAKE2 hash algorithms |
| 835 | @item Salsa20 and ChaCha20 stream ciphers |
| 836 | @item scrypt and HKDF |
| 837 | @item Deterministic (EC)DSA |
| 838 | @item Password-protected PKCS#8 key containers |
| 839 | @item Shamir’s Secret Sharing scheme |
| 840 | @item Random numbers get sourced directly from the OS (and not from a CSPRNG |
| 841 | in userspace) |
| 842 | @item Cleaner RSA and DSA key generation (largely based on FIPS 186-4) |
| 843 | @item Major clean ups and simplification of the code base |
| 844 | @end itemize\n") |
| 845 | (license license:bsd-2))) |
| 846 | |
| 847 | (define-public python2-pycryptodome |
| 848 | (package-with-python2 python-pycryptodome)) |
| 849 | |
| 850 | (define-public python-m2crypto |
| 851 | (package |
| 852 | (name "python-m2crypto") |
| 853 | (version "0.29.0") |
| 854 | (source |
| 855 | (origin |
| 856 | (method url-fetch) |
| 857 | (uri (pypi-uri "M2Crypto" version)) |
| 858 | (sha256 |
| 859 | (base32 "1h16gpilrnlzc0iyj1mnd1iqh8wchzjsxjqw9n344glimg2s5zm0")))) |
| 860 | (build-system python-build-system) |
| 861 | (inputs `(("openssl" ,openssl))) |
| 862 | (propagated-inputs `(("python-typing" ,python-typing))) |
| 863 | (home-page "https://gitlab.com/m2crypto/m2crypto") |
| 864 | (synopsis "Python crypto and TLS toolkit") |
| 865 | (description "@code{M2Crypto} is a complete Python wrapper for OpenSSL |
| 866 | featuring RSA, DSA, DH, EC, HMACs, message digests, symmetric ciphers |
| 867 | (including AES); TLS functionality to implement clients and servers; HTTPS |
| 868 | extensions to Python's httplib, urllib, and xmlrpclib; unforgeable HMAC'ing |
| 869 | AuthCookies for web session management; FTP/TLS client and server; S/MIME; |
| 870 | M2Crypto can also be used to provide TLS for Twisted. Smartcards supported |
| 871 | through the Engine interface.") |
| 872 | (license license:expat))) |
| 873 | |
| 874 | (define-public python2-m2crypto |
| 875 | (package-with-python2 python-m2crypto)) |
| 876 | |
| 877 | (define-public python-pylibscrypt |
| 878 | (package |
| 879 | (name "python-pylibscrypt") |
| 880 | (version "1.7.1") |
| 881 | (source |
| 882 | (origin |
| 883 | (method url-fetch) |
| 884 | (uri (pypi-uri "pylibscrypt" version)) |
| 885 | (sha256 |
| 886 | (base32 |
| 887 | "1b3rgzl6dbzs08vhv41b6y4n5189wv7lr27acxn104hs45745abs")))) |
| 888 | (build-system python-build-system) |
| 889 | (arguments |
| 890 | `(#:phases |
| 891 | (modify-phases %standard-phases |
| 892 | (add-before 'build 'hard-code-path-to-libscrypt |
| 893 | (lambda* (#:key inputs #:allow-other-keys) |
| 894 | (let ((libscrypt (assoc-ref inputs "libscrypt"))) |
| 895 | (substitute* "pylibscrypt/pylibscrypt.py" |
| 896 | (("find_library\\('scrypt'\\)") |
| 897 | (string-append "'" libscrypt "/lib/libscrypt.so'"))) |
| 898 | #t)))) |
| 899 | ;; The library can use various scrypt implementations and tests all of |
| 900 | ;; them. Since we only provide a single implementation, most tests |
| 901 | ;; fail. Simply skip them. |
| 902 | #:tests? #f)) |
| 903 | ;; FIXME: Using "libscrypt" is the second best choice. The best one |
| 904 | ;; requires "hashlib.scrypt", provided by Python 3.6+ built with OpenSSL |
| 905 | ;; 1.1+. Use that as soon as Guix provides it. |
| 906 | (inputs |
| 907 | `(("libscrypt" ,libscrypt))) |
| 908 | (home-page "https://github.com/jvarho/pylibscrypt") |
| 909 | (synopsis "Scrypt for Python") |
| 910 | (description "There are a lot of different scrypt modules for Python, but |
| 911 | none of them have everything that I'd like, so here's one more. It uses |
| 912 | @code{libscrypt}.") |
| 913 | (license license:isc))) |
| 914 | |
| 915 | (define-public python-libnacl |
| 916 | (package |
| 917 | (name "python-libnacl") |
| 918 | (version "1.6.1") |
| 919 | (source |
| 920 | (origin |
| 921 | (method url-fetch) |
| 922 | (uri (pypi-uri "libnacl" version)) |
| 923 | (sha256 |
| 924 | (base32 |
| 925 | "0nv7n8nfswkhl614x5mllrkvaslraa0053q11iylb337cy43vb4v")))) |
| 926 | (build-system python-build-system) |
| 927 | (arguments |
| 928 | `(#:phases |
| 929 | (modify-phases %standard-phases |
| 930 | (add-after 'unpack 'locate-libsodium |
| 931 | (lambda* (#:key inputs #:allow-other-keys) |
| 932 | (substitute* "libnacl/__init__.py" |
| 933 | (("(return ctypes.cdll.LoadLibrary\\(')libsodium.so('\\))" |
| 934 | _ pre post) |
| 935 | (let ((libsodium (string-append (assoc-ref inputs "libsodium") |
| 936 | "/lib/libsodium.so"))) |
| 937 | (string-append pre libsodium post))))))))) |
| 938 | (native-inputs |
| 939 | `(("python-pyhamcrest" ,python-pyhamcrest))) |
| 940 | (inputs |
| 941 | `(("libsodium" ,libsodium))) |
| 942 | (home-page "https://libnacl.readthedocs.org/") |
| 943 | (synopsis "Python bindings for libsodium based on ctypes") |
| 944 | (description "@code{libnacl} is used to gain direct access to the |
| 945 | functions exposed by @code{NaCl} library via @code{libsodium}. It has |
| 946 | been constructed to maintain extensive documentation on how to use |
| 947 | @code{NaCl} as well as being completely portable.") |
| 948 | (license license:asl2.0))) |
| 949 | |
| 950 | (define-public python-scrypt |
| 951 | (package |
| 952 | (name "python-scrypt") |
| 953 | (version "0.8.6") |
| 954 | (source |
| 955 | (origin |
| 956 | (method url-fetch) |
| 957 | (uri (pypi-uri "scrypt" version)) |
| 958 | (sha256 |
| 959 | (base32 |
| 960 | "0b9nw10hfdl0jflm3b62q485ssc3f3f33lpg4yy407gs8wnrn8zq")))) |
| 961 | (build-system python-build-system) |
| 962 | (inputs |
| 963 | `(("openssl" ,openssl))) |
| 964 | (home-page "http://bitbucket.org/mhallin/py-scrypt") |
| 965 | (synopsis "Bindings for the scrypt key derivation function library") |
| 966 | (description "This is a set of Python bindings for the scrypt key |
| 967 | derivation function.") |
| 968 | (license license:bsd-2))) |