pkgs/development/python-modules/cryptography/default.nix at netboot-syslinux-multiplatform · tjh.dev/nixpkgs

tjh.dev / nixpkgs
Clone of https://github.com/NixOS/nixpkgs.git (to stress-test knotserver)
nixpkgs / pkgs / development / python-modules / cryptography / default.nix
at netboot-syslinux-multiplatform 2.8 kB view raw
  1{ lib
  2, stdenv
  3, callPackage
  4, buildPythonPackage
  5, fetchPypi
  6, rustPlatform
  7, cargo
  8, rustc
  9, setuptools-rust
 10, openssl
 11, Security
 12, isPyPy
 13, cffi
 14, pkg-config
 15, pytestCheckHook
 16, pytest-subtests
 17, pythonOlder
 18, pretend
 19, libiconv
 20, libxcrypt
 21, iso8601
 22, py
 23, pytz
 24, hypothesis
 25}:
 26
 27let
 28  cryptography-vectors = callPackage ./vectors.nix { };
 29in
 30buildPythonPackage rec {
 31  pname = "cryptography";
 32  version = "40.0.1"; # Also update the hash in vectors.nix
 33  format = "setuptools";
 34  disabled = pythonOlder "3.6";
 35
 36  src = fetchPypi {
 37    inherit pname version;
 38    hash = "sha256-KAPy+LHpX2FEGZJsfm9V2CivxhTKXtYVQ4d65mjMNHI=";
 39  };
 40
 41  cargoDeps = rustPlatform.fetchCargoTarball {
 42    inherit src;
 43    sourceRoot = "${pname}-${version}/${cargoRoot}";
 44    name = "${pname}-${version}";
 45    hash = "sha256-gFfDTc2QWBWHBCycVH1dYlCsWQMVcRZfOBIau+njtDU=";
 46  };
 47
 48  postPatch = ''
 49    substituteInPlace pyproject.toml \
 50      --replace "--benchmark-disable" ""
 51  '';
 52
 53  cargoRoot = "src/rust";
 54
 55  nativeBuildInputs = lib.optionals (!isPyPy) [
 56    cffi
 57    pkg-config
 58  ] ++ [
 59    rustPlatform.cargoSetupHook
 60    setuptools-rust
 61    cargo
 62    rustc
 63  ];
 64
 65  buildInputs = [ openssl ]
 66    ++ lib.optionals stdenv.isDarwin [ Security libiconv ]
 67    ++ lib.optionals (pythonOlder "3.9") [ libxcrypt ];
 68
 69  propagatedBuildInputs = lib.optionals (!isPyPy) [
 70    cffi
 71  ];
 72
 73  nativeCheckInputs = [
 74    cryptography-vectors
 75    # "hypothesis" indirectly depends on cryptography to build its documentation
 76    (hypothesis.override { enableDocumentation = false; })
 77    iso8601
 78    pretend
 79    py
 80    pytestCheckHook
 81    pytest-subtests
 82    pytz
 83  ];
 84
 85  pytestFlagsArray = [
 86    "--disable-pytest-warnings"
 87  ];
 88
 89  disabledTestPaths = [
 90    # save compute time by not running benchmarks
 91    "tests/bench"
 92  ] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [
 93    # aarch64-darwin forbids W+X memory, but this tests depends on it:
 94    # * https://cffi.readthedocs.io/en/latest/using.html#callbacks
 95    "tests/hazmat/backends/test_openssl_memleak.py"
 96  ];
 97
 98  meta = with lib; {
 99    description = "A package which provides cryptographic recipes and primitives";
100    longDescription = ''
101      Cryptography includes both high level recipes and low level interfaces to
102      common cryptographic algorithms such as symmetric ciphers, message
103      digests, and key derivation functions.
104      Our goal is for it to be your "cryptographic standard library". It
105      supports Python 2.7, Python 3.5+, and PyPy 5.4+.
106    '';
107    homepage = "https://github.com/pyca/cryptography";
108    changelog = "https://cryptography.io/en/latest/changelog/#v"
109      + replaceStrings [ "." ] [ "-" ] version;
110    license = with licenses; [ asl20 bsd3 psfl ];
111    maintainers = with maintainers; [ SuperSandro2000 ];
112  };
113}