pyrox.dev
1{ stdenv
2, buildPythonPackage
3, fetchPypi
4, openssl
5, cryptography_vectors
6, darwin
7, idna
8, asn1crypto
9, packaging
10, six
11, pythonOlder
12, enum34
13, ipaddress
14, isPyPy
15, cffi
16, pytest
17, pretend
18, iso8601
19, pytz
20, hypothesis
21}:
22
23buildPythonPackage rec {
24 # also bump cryptography_vectors
25 pname = "cryptography";
26 version = "2.3.1";
27
28 src = fetchPypi {
29 inherit pname version;
30 sha256 = "8d10113ca826a4c29d5b85b2c4e045ffa8bad74fb525ee0eceb1d38d4c70dfd6";
31 };
32
33 outputs = [ "out" "dev" ];
34
35 buildInputs = [ openssl cryptography_vectors ]
36 ++ stdenv.lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
37 propagatedBuildInputs = [
38 idna
39 asn1crypto
40 packaging
41 six
42 ] ++ stdenv.lib.optional (pythonOlder "3.4") enum34
43 ++ stdenv.lib.optional (pythonOlder "3.3") ipaddress
44 ++ stdenv.lib.optional (!isPyPy) cffi;
45
46 checkInputs = [
47 pytest
48 pretend
49 iso8601
50 pytz
51 hypothesis
52 ];
53
54 # The test assumes that if we're on Sierra or higher, that we use `getentropy`, but for binary
55 # compatibility with pre-Sierra for binary caches, we hide that symbol so the library doesn't
56 # use it. This boils down to them checking compatibility with `getentropy` in two different places,
57 # so let's neuter the second test.
58 postPatch = ''
59 substituteInPlace ./tests/hazmat/backends/test_openssl.py --replace '"16.0"' '"99.0"'
60 '';
61
62 # IOKit's dependencies are inconsistent between OSX versions, so this is the best we
63 # can do until nix 1.11's release
64 __impureHostDeps = [ "/usr/lib" ];
65}