summaryrefslogtreecommitdiff
path: root/gnu/packages/python-crypto.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/python-crypto.scm')
-rw-r--r--gnu/packages/python-crypto.scm295
1 files changed, 117 insertions, 178 deletions
diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index 602768ae85..9cf5914337 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -24,7 +24,7 @@
;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
;;; Copyright © 2020 Justus Winter <justus@sequoia-pgp.org>
;;; Copyright © 2020, 2021 Vinicius Monego <monego@posteo.net>
-;;; Copyright © 2021, 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2021, 2022, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
;;; Copyright © 2022 Antero Mejr <antero@mailbox.org>
;;;
@@ -60,6 +60,7 @@
#:use-module (gnu packages libffi)
#:use-module (gnu packages multiprecision)
#:use-module (gnu packages password-utils)
+ #:use-module (gnu packages pkg-config)
#:use-module (gnu packages protobuf)
#:use-module (gnu packages python)
#:use-module (gnu packages python-build)
@@ -465,17 +466,17 @@ for example, for recording or replaying web content.")
is used by the Requests library to verify HTTPS requests.")
(license license:asl2.0)))
-(define-public python-cryptography-vectors-next
+(define-public python-cryptography-vectors
(package
(name "python-cryptography-vectors")
- (version "37.0.4")
+ (version "40.0.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "cryptography_vectors" version))
(sha256
(base32
- "1a1yi37ygw0jp72q280cmxd3qn9y9vmcch2bcnjkg2g2202l0qas"))))
+ "0hd0ppss5xg0kzf36q8cdaxh1xw8ry4k7jkianlf832xbdmp0q44"))))
(build-system python-build-system)
(home-page "https://github.com/pyca/cryptography")
(synopsis "Test vectors for the cryptography package")
@@ -484,179 +485,127 @@ is used by the Requests library to verify HTTPS requests.")
;; Distributed under either BSD-3 or ASL2.0
(license (list license:bsd-3 license:asl2.0))))
-(define-public python-cryptography-vectors
- (package
- (inherit python-cryptography-vectors-next)
- (version "3.4.8")
- (source (origin
- (method url-fetch)
- (uri (pypi-uri "cryptography_vectors" version))
- (sha256
- (base32 "1wl0ynh3lzhc6q59g8mybvijmnp195x7fjxlb3h3sgcraw14312c"))))))
-
-(define-public python-cryptography-next
+(define-public python-cryptography
(package
(name "python-cryptography")
- (version "37.0.4")
+ (version "40.0.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "cryptography" version))
(sha256
(base32
- "10haq7sn8mrdlhcfs791rczknnxm0wpww0lkpjzcqx141ryc3yb3"))))
- (build-system python-build-system)
+ "0wilrilfcyl78caxcpna2k3aya6qamppwv4j35262pz9n7wg40r8"))))
+ (build-system pyproject-build-system)
(arguments
(list
- #:imported-modules (append %cargo-build-system-modules
- %python-build-system-modules)
- #:modules `(((guix build cargo-build-system) #:prefix cargo:)
- ,@%python-build-system-modules
- (srfi srfi-1)
- (ice-9 match))
- #:phases
- #~(modify-phases (@ (guix build python-build-system) %standard-phases)
- (add-after 'unpack 'adjust-pyo3-requirement
- (lambda _
- ;; The package depends on 0.15.2, which is not on crates.io(!?).
- ;; Downgrade to 0.15.1...
- (substitute* "src/rust/Cargo.toml"
- (("pyo3 = \\{ version = \"0\\.15\\.2\"")
- "pyo3 = { version = \"0.15.1\""))))
- (add-before 'build 'configure-cargo
- (lambda* (#:key inputs #:allow-other-keys)
- ;; Hide irrelevant inputs from cargo-build-system so it does
- ;; not try to unpack sanity-check.py, etc.
- (let ((cargo-inputs (filter (match-lambda
- ((name . path)
- (or (string-prefix? "rust-" name)
- (string=? "gcc" name))))
- inputs)))
- (with-directory-excursion "src/rust"
- ((assoc-ref cargo:%standard-phases 'unpack-rust-crates)
- #:inputs cargo-inputs
- #:vendor-dir "guix-vendor")
- ((assoc-ref cargo:%standard-phases 'configure)
- #:inputs cargo-inputs)
- ((assoc-ref cargo:%standard-phases 'patch-cargo-checksums)
- #:vendor-dir "guix-vendor"))
- (rename-file "src/rust/.cargo" ".cargo"))))
- (replace 'check
- (lambda* (#:key tests? #:allow-other-keys)
- (when tests?
- (invoke "pytest" "-vv" "tests")))))))
- (inputs
- (list openssl
- ;; TODO: Most of these inputs are transitive dependencies of
- ;; the Rust requirements (see src/rust/cargo.toml). Surely
- ;; there is a better way than manually listing everything..?
- rust-aliasable-0.1
- rust-asn1-0.8
- rust-asn1-derive-0.8
- rust-autocfg-1
- rust-base64-0.13
- rust-bitflags-1
- rust-cfg-if-0.1
- rust-cfg-if-1
- rust-chrono-0.4
- rust-cloudabi-0.1
- rust-lazy-static-1
- rust-libc-0.2
- rust-indoc-0.3
- rust-indoc-impl-0.3
- rust-inflector-0.11
- rust-instant-0.1
- rust-lock-api-0.4
- rust-num-integer-0.1
- rust-num-traits-0.2
- rust-once-cell-1
- rust-ouroboros-0.15
- rust-ouroboros-macro-0.15
- rust-parking-lot-0.11
- rust-parking-lot-core-0.8
- rust-paste-0.1
- rust-paste-impl-0.1
- rust-pem-1
- rust-proc-macro-error-1
- rust-proc-macro-error-attr-1
- rust-proc-macro-hack-0.5
- rust-proc-macro2-1
- rust-pyo3-0.15
- rust-pyo3-build-config-0.15
- rust-pyo3-macros-0.15
- rust-pyo3-macros-backend-0.15
- rust-quote-1
- rust-redox-syscall-0.2
- rust-scopeguard-1
- rust-smallvec-1
- rust-stable-deref-trait-1
- rust-syn-1
- rust-unicode-xid-0.2
- rust-unindent-0.1
- rust-version-check-0.9
- rust-winapi-0.3))
- (propagated-inputs
- (list python-asn1crypto python-cffi python-six python-idna
- python-iso8601))
+ #:phases #~(modify-phases %standard-phases
+ (add-after 'unpack 'disable-rust-extension-build
+ (lambda _
+ ;; The Rust extension is built separately as
+ ;; 'python-cryptography-rust', so there's no need
+ ;; to build it here.
+ (substitute* "pyproject.toml"
+ ((".*setuptools-rust.*") ""))
+ (delete-file "setup.py")))
+ (add-before 'check 'symlink-rust-library
+ (lambda* (#:key inputs outputs #:allow-other-keys)
+ (symlink (search-input-file
+ inputs "lib/libcryptography_rust.so")
+ (string-append (site-packages inputs outputs)
+ "/cryptography/hazmat/bindings/"
+ "_rust.abi3.so")))))))
+
(native-inputs
- (list python-cryptography-vectors-next
+ (list python-cryptography-vectors
python-hypothesis
+ python-iso8601
python-pretend
- python-pytz
- python-pytest
+ python-pytest-7.1 ;for subtests
python-pytest-benchmark
- python-pytest-subtests
- python-setuptools-rust
- rust
- `(,rust "cargo")))
+ python-pytest-subtests))
+ (inputs (list python-cryptography-rust))
+ (propagated-inputs (list python-cffi))
(home-page "https://github.com/pyca/cryptography")
(synopsis "Cryptographic recipes and primitives for Python")
(description
- "cryptography is a package which provides cryptographic recipes and
-primitives to Python developers. It aims to be the “cryptographic standard
-library” for Python. The package includes both high level recipes, and low
-level interfaces to common cryptographic algorithms such as symmetric ciphers,
-message digests and key derivation functions.")
+ "@code{cryptography} is a package which provides cryptographic recipes
+and primitives to Python developers. It aims to be the “cryptographic
+standard library” for Python. The package includes both high level recipes,
+and low level interfaces to common cryptographic algorithms such as symmetric
+ciphers, message digests and key derivation functions.")
;; Distributed under either BSD-3 or ASL2.0
(license (list license:bsd-3 license:asl2.0))))
-(define-public python-cryptography
+;;; This is the Rust component of the python-cryptography library, extracted
+;;; as a separate package to ease the Rust build.
+(define-public python-cryptography-rust
(package
- (inherit python-cryptography-next)
- (version "3.4.8")
- (source (origin
- (method url-fetch)
- (uri (pypi-uri "cryptography" version))
- (sha256
- (base32 "072awar70cwfd2hnx0pvp1dkc7gw45mbm3wcyddvxz5frva5xk4l"))))
+ (inherit python-cryptography)
+ (name "python-cryptography-rust")
+ (build-system cargo-build-system)
(arguments
- (list #:phases
- #~(modify-phases %standard-phases
- (add-after 'unpack 'set-no-rust
- (lambda _
- (setenv "CRYPTOGRAPHY_DONT_BUILD_RUST" "1"))))))
- (inputs (list openssl-1.1))
- (native-inputs
- (list python-cryptography-vectors
- python-hypothesis
- python-pretend
- python-pytz
- python-pytest
- python-setuptools-rust))))
+ (list
+ #:modules '((guix build cargo-build-system)
+ (guix build utils)
+ (srfi srfi-1)
+ (ice-9 match))
+ ;; XXX: Building the test objects appear to fail due to a missing link
+ ;; directive to Python's shared library (e.g.: "ld:
+ ;; cryptography_rust.c950d742-cgu.11:(.text._ZN3...+0x57): undefined
+ ;; reference to `PyLong_FromLong'").
+ #:tests? #f
+ #:phases
+ #~(modify-phases %standard-phases
+ (add-after 'unpack 'chdir
+ (lambda _
+ (chdir "src/rust")))
+ (replace 'unpack-rust-crates
+ ;; This is to avoid the non-crate source from being erroneously
+ ;; unpacked by this phase, causing an error.
+ (lambda* (#:key inputs #:allow-other-keys #:rest args)
+ (apply (assoc-ref %standard-phases 'unpack-rust-crates)
+ (append args
+ (list #:inputs (alist-delete "source" inputs))))))
+ (replace 'configure
+ (lambda* (#:key inputs #:allow-other-keys #:rest args)
+ (apply (assoc-ref %standard-phases 'configure)
+ (append args
+ (list #:inputs (alist-delete "source" inputs))))))
+ (add-after 'install 'install-shared-library
+ (lambda _
+ (install-file "target/release/libcryptography_rust.so"
+ (string-append #$output "/lib")))))
+ #:cargo-inputs
+ `(("rust-asn1-0.13" ,rust-asn1-0.13)
+ ("rust-chrono-0.4" ,rust-chrono-0.4)
+ ("rust-foreign-types-shared-0.1" ,rust-foreign-types-shared-0.1)
+ ("rust-once-cell-1" ,rust-once-cell-1)
+ ("rust-openssl-0.10" ,rust-openssl-0.10)
+ ("rust-openssl-sys-0.9" ,rust-openssl-sys-0.9)
+ ("rust-ouroboros-0.15" ,rust-ouroboros-0.15)
+ ("rust-pem-1" ,rust-pem-1)
+ ("rust-pyo3-0.15" ,rust-pyo3-0.15))
+ #:cargo-development-inputs
+ `(("rust-cc" ,rust-cc-1))))
+ (native-inputs (list pkg-config python python-cffi))
+ ;; XXX: Adding rust-openssl-sys-0.9 is needed because #:cargo-inputs
+ ;; doesn't honor propagated-inputs.
+ (inputs (list python rust-openssl-sys-0.9))
+ (propagated-inputs '())
+ (synopsis "Core implementation of the Cryptography Python library")))
-;; This is the last version which is compatable with python-cryptography < 35.
(define-public python-pyopenssl
(package
(name "python-pyopenssl")
- (version "21.0.0")
+ (version "23.1.1")
(source
(origin
(method url-fetch)
(uri (pypi-uri "pyOpenSSL" version))
(sha256
(base32
- "1cqcc20fwl521z3fxsc1c98gbnhb14q55vrvjfp6bn6h8rg8qbay"))
- (patches (search-patches "python2-pyopenssl-openssl-compat.patch"))))
+ "1dxhip610zw1j2bz35g1w1h7vh374g0bnzn4nsqj65n6pswrh544"))))
(build-system python-build-system)
(arguments
(list
@@ -668,7 +617,7 @@ message digests and key derivation functions.")
;; PyOpenSSL runs tests against a certificate with a fixed
;; expiry time. To ensure successful builds in the future,
;; set the time to roughly the release date.
- (invoke "faketime" "2022-02-01" "py.test" "-v" "-k"
+ (invoke "faketime" "2023-03-25" "pytest" "-vv" "-k"
(string-append
;; This test tries to look up certificates from
;; the compiled-in default path in OpenSSL, which
@@ -680,17 +629,13 @@ message digests and key derivation functions.")
;; Fails on i686-linux and possibly other 32-bit platforms
;; https://github.com/pyca/pyopenssl/issues/974
"and not test_verify_with_time"))))))))
- (propagated-inputs
- (list python-cryptography python-six))
- (inputs
- (list openssl))
- (native-inputs
- (list libfaketime python-flaky python-pretend python-pytest))
+ (propagated-inputs (list python-cryptography))
+ (inputs (list openssl))
+ (native-inputs (list libfaketime python-flaky python-pretend python-pytest))
(home-page "https://github.com/pyca/pyopenssl")
(synopsis "Python wrapper module around the OpenSSL library")
- (description
- "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
-library.")
+ (description "PyOpenSSL is a high-level wrapper around a subset of the
+OpenSSL library.")
(license license:asl2.0)))
(define-public python-ed25519
@@ -1232,18 +1177,17 @@ derivation function.")
(define-public python-service-identity
(package
(name "python-service-identity")
- (version "18.1.0")
- (source
- (origin
- (method url-fetch)
- (uri (pypi-uri "service_identity" version))
- (sha256
- (base32
- "0b9f5qiqjy8ralzgwjgkhx82h6h8sa7532psmb8mkd65md5aan08"))))
- (build-system python-build-system)
- (propagated-inputs
- (list python-attrs python-pyasn1 python-pyasn1-modules
- python-pyopenssl))
+ (version "21.1.0")
+ (source (origin
+ (method url-fetch)
+ (uri (pypi-uri "service-identity" version))
+ (sha256
+ (base32
+ "0d4x84crbz0a17d8gi90z6zlxwm9pslc65rx0cdw2797ra360v3f"))))
+ (build-system pyproject-build-system)
+ (native-inputs (list python-idna python-pytest))
+ (propagated-inputs (list python-attrs python-cryptography python-pyasn1
+ python-pyasn1-modules python-six))
(home-page "https://service-identity.readthedocs.io/")
(synopsis "Service identity verification for PyOpenSSL")
(description
@@ -1444,21 +1388,14 @@ items and collections, editing items, locking and unlocking collections
(define-public python-trustme
(package
(name "python-trustme")
- (version "0.6.0")
+ (version "0.9.0")
(source
(origin
(method url-fetch)
(uri (pypi-uri "trustme" version))
(sha256
- (base32 "0v3vr5z6apnfmklf07m45kv5kaqvm6hxrkaqywch57bjd2siiywx"))))
- (build-system python-build-system)
- (arguments
- `(#:phases
- (modify-phases %standard-phases
- (replace 'check
- (lambda* (#:key inputs outputs #:allow-other-keys)
- (add-installed-pythonpath inputs outputs)
- (invoke "pytest" "-vv"))))))
+ (base32 "0v2qzszmyazfgc1snicdr4b4qdajpjd4pbinpgrn9vfff0yv41sy"))))
+ (build-system pyproject-build-system)
(native-inputs
(list python-more-itertools
python-pyopenssl
@@ -1467,7 +1404,9 @@ items and collections, editing items, locking and unlocking collections
python-service-identity
python-zipp))
(propagated-inputs
- (list python-cryptography))
+ (list python-cryptography
+ python-idna
+ python-ipaddress))
(home-page "https://github.com/python-trio/trustme")
(synopsis "Fake a certificate authority for tests")
(description
generated by cgit v1.2.3 (git 2.44.0) at 2024-07-03 05:31:08 +0000