1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
{ lib
, stdenv
, callPackage
, buildPythonPackage
, fetchPypi
, cargo
, cffi
, hypothesis
, iso8601
, isPyPy
, libiconv
, libxcrypt
, openssl
, pkg-config
, pretend
, py
, pytestCheckHook
, pytest-subtests
, pythonOlder
, pytz
, rustc
, rustPlatform
, Security
, setuptoolsRustBuildHook
}:
let
cryptography-vectors = callPackage ./vectors.nix { };
in
buildPythonPackage rec {
pname = "cryptography";
version = "41.0.2"; # Also update the hash in vectors.nix
format = "pyproject";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-fSML+FYWTeFk7LYVzMFMf8beaQbd1bSR86+Q01FMklw=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
sourceRoot = "${pname}-${version}/${cargoRoot}";
name = "${pname}-${version}";
hash = "sha256-hkuoICa/suMXlr4u95JbMlFzi27lJqJRmWnX3nZfzKU=";
};
postPatch = ''
substituteInPlace pyproject.toml \
--replace "--benchmark-disable" ""
'';
cargoRoot = "src/rust";
nativeBuildInputs = [
rustPlatform.cargoSetupHook
setuptoolsRustBuildHook
cargo
rustc
pkg-config
] ++ lib.optionals (!isPyPy) [
cffi
];
buildInputs = [ openssl ]
++ lib.optionals stdenv.isDarwin [ Security libiconv ]
++ lib.optionals (pythonOlder "3.9") [ libxcrypt ];
propagatedBuildInputs = lib.optionals (!isPyPy) [
cffi
];
nativeCheckInputs = [
cryptography-vectors
hypothesis
iso8601
pretend
py
pytestCheckHook
pytest-subtests
pytz
];
pytestFlagsArray = [
"--disable-pytest-warnings"
];
disabledTestPaths = [
# save compute time by not running benchmarks
"tests/bench"
] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
# aarch64-darwin forbids W+X memory, but this tests depends on it:
# * https://cffi.readthedocs.io/en/latest/using.html#callbacks
"tests/hazmat/backends/test_openssl_memleak.py"
];
meta = with lib; {
description = "A package which provides cryptographic recipes and primitives";
longDescription = ''
Cryptography includes both high level recipes and low level interfaces to
common cryptographic algorithms such as symmetric ciphers, message
digests, and key derivation functions.
'';
homepage = "https://github.com/pyca/cryptography";
changelog = "https://cryptography.io/en/latest/changelog/#v"
+ replaceStrings [ "." ] [ "-" ] version;
license = with licenses; [ asl20 bsd3 psfl ];
maintainers = with maintainers; [ SuperSandro2000 ];
};
}
|