tjh.dev
1{ lib, stdenv
2, buildPythonPackage
3, fetchPypi
4, fetchpatch
5, isPy27
6, ipaddress
7, openssl
8, cryptography_vectors
9, darwin
10, packaging
11, six
12, pythonOlder
13, isPyPy
14, cffi
15, pytest
16, pretend
17, iso8601
18, pytz
19, hypothesis
20, enum34
21}:
22
23buildPythonPackage rec {
24 pname = "cryptography";
25 version = "3.3.2"; # Also update the hash in vectors-3.3.nix
26
27 src = fetchPypi {
28 inherit pname version;
29 sha256 = "1vcvw4lkw1spiq322pm1256kail8nck6bbgpdxx3pqa905wd6q2s";
30 };
31
32 patches = [ ./cryptography-py27-warning.patch ];
33
34 outputs = [ "out" "dev" ];
35
36 nativeBuildInputs = lib.optionals (!isPyPy) [
37 cffi
38 ];
39
40 buildInputs = [ openssl ]
41 ++ lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security;
42 propagatedBuildInputs = [
43 packaging
44 six
45 ] ++ lib.optionals (!isPyPy) [
46 cffi
47 ] ++ lib.optionals isPy27 [
48 ipaddress enum34
49 ];
50
51 checkInputs = [
52 cryptography_vectors
53 hypothesis
54 iso8601
55 pretend
56 pytest
57 pytz
58 ];
59
60 checkPhase = ''
61 py.test --disable-pytest-warnings tests
62 '';
63
64 # IOKit's dependencies are inconsistent between OSX versions, so this is the best we
65 # can do until nix 1.11's release
66 __impureHostDeps = [ "/usr/lib" ];
67
68 meta = with lib; {
69 description = "A package which provides cryptographic recipes and primitives";
70 longDescription = ''
71 Cryptography includes both high level recipes and low level interfaces to
72 common cryptographic algorithms such as symmetric ciphers, message
73 digests, and key derivation functions.
74 Our goal is for it to be your "cryptographic standard library". It
75 supports Python 2.7, Python 3.5+, and PyPy 5.4+.
76 '';
77 homepage = "https://github.com/pyca/cryptography";
78 changelog = "https://cryptography.io/en/latest/changelog/#v"
79 + replaceStrings [ "." ] [ "-" ] version;
80 license = with licenses; [ asl20 bsd3 psfl ];
81 maintainers = with maintainers; [ primeos ];
82 };
83}