2018-02-03 11:36:14 +01:00
|
|
|
{ stdenv
|
|
|
|
, buildPythonPackage
|
|
|
|
, fetchPypi
|
|
|
|
, openssl
|
|
|
|
, cryptography_vectors
|
|
|
|
, darwin
|
|
|
|
, asn1crypto
|
|
|
|
, packaging
|
|
|
|
, six
|
|
|
|
, pythonOlder
|
|
|
|
, enum34
|
|
|
|
, ipaddress
|
|
|
|
, isPyPy
|
|
|
|
, cffi
|
|
|
|
, pytest
|
|
|
|
, pretend
|
|
|
|
, iso8601
|
|
|
|
, pytz
|
|
|
|
, hypothesis
|
|
|
|
}:
|
|
|
|
|
2018-08-21 02:47:41 +02:00
|
|
|
buildPythonPackage rec {
|
2018-02-03 11:36:14 +01:00
|
|
|
pname = "cryptography";
|
2019-03-02 12:11:33 +01:00
|
|
|
version = "2.6.1"; # Also update the hash in vectors.nix
|
2018-02-03 11:36:14 +01:00
|
|
|
|
|
|
|
src = fetchPypi {
|
|
|
|
inherit pname version;
|
2019-03-02 12:11:33 +01:00
|
|
|
sha256 = "19iwz5avym5zl6jrrrkym1rdaa9h61j20ph4cswsqgv8xg5j3j16";
|
2018-02-03 11:36:14 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
outputs = [ "out" "dev" ];
|
|
|
|
|
2019-03-30 17:13:09 +01:00
|
|
|
buildInputs = [ openssl ]
|
2018-02-03 11:36:14 +01:00
|
|
|
++ stdenv.lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
|
|
|
|
propagatedBuildInputs = [
|
|
|
|
asn1crypto
|
|
|
|
packaging
|
|
|
|
six
|
|
|
|
] ++ stdenv.lib.optional (pythonOlder "3.4") enum34
|
|
|
|
++ stdenv.lib.optional (pythonOlder "3.3") ipaddress
|
|
|
|
++ stdenv.lib.optional (!isPyPy) cffi;
|
|
|
|
|
|
|
|
checkInputs = [
|
2019-03-30 17:13:09 +01:00
|
|
|
cryptography_vectors
|
|
|
|
hypothesis
|
2018-02-03 11:36:14 +01:00
|
|
|
iso8601
|
2019-03-30 17:13:09 +01:00
|
|
|
pretend
|
|
|
|
pytest
|
2018-02-03 11:36:14 +01:00
|
|
|
pytz
|
|
|
|
];
|
|
|
|
|
2018-11-11 08:55:35 +01:00
|
|
|
checkPhase = ''
|
|
|
|
py.test --disable-pytest-warnings tests
|
|
|
|
'';
|
|
|
|
|
2018-02-03 11:36:14 +01:00
|
|
|
# The test assumes that if we're on Sierra or higher, that we use `getentropy`, but for binary
|
|
|
|
# compatibility with pre-Sierra for binary caches, we hide that symbol so the library doesn't
|
|
|
|
# use it. This boils down to them checking compatibility with `getentropy` in two different places,
|
|
|
|
# so let's neuter the second test.
|
|
|
|
postPatch = ''
|
|
|
|
substituteInPlace ./tests/hazmat/backends/test_openssl.py --replace '"16.0"' '"99.0"'
|
|
|
|
'';
|
|
|
|
|
|
|
|
# IOKit's dependencies are inconsistent between OSX versions, so this is the best we
|
|
|
|
# can do until nix 1.11's release
|
|
|
|
__impureHostDeps = [ "/usr/lib" ];
|
2019-01-23 23:58:29 +01:00
|
|
|
|
|
|
|
meta = with stdenv.lib; {
|
|
|
|
description = "A package which provides cryptographic recipes and primitives";
|
|
|
|
longDescription = ''
|
|
|
|
Cryptography includes both high level recipes and low level interfaces to
|
|
|
|
common cryptographic algorithms such as symmetric ciphers, message
|
|
|
|
digests, and key derivation functions.
|
|
|
|
Our goal is for it to be your "cryptographic standard library". It
|
|
|
|
supports Python 2.7, Python 3.4+, and PyPy 5.3+.
|
|
|
|
'';
|
|
|
|
homepage = https://github.com/pyca/cryptography;
|
|
|
|
license = with licenses; [ asl20 bsd3 psfl ];
|
|
|
|
maintainers = with maintainers; [ primeos ];
|
|
|
|
};
|
2018-08-21 02:47:41 +02:00
|
|
|
}
|