summary refs log tree commit diff
path: root/gnu/packages/python-crypto.scm
diff options
context:
space:
mode:
authorMarius Bakke <mbakke@fastmail.com>2017-11-19 15:01:00 +0100
committerMarius Bakke <mbakke@fastmail.com>2017-11-19 15:01:00 +0100
commit2dd12924cf4a30a96262b6d392fcde58c9f10d4b (patch)
tree3f74f5426ff214a02b8f6652f6516979657a7f98 /gnu/packages/python-crypto.scm
parent259b4f34ba2eaefeafdb7c9f9eb56ee77f16010c (diff)
parenta93447b89a5b132221072e729d13a3f17391b8c2 (diff)
downloadguix-2dd12924cf4a30a96262b6d392fcde58c9f10d4b.tar.gz
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/python-crypto.scm')
-rw-r--r--gnu/packages/python-crypto.scm637
1 files changed, 637 insertions, 0 deletions
diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
new file mode 100644
index 0000000000..98a869d055
--- /dev/null
+++ b/gnu/packages/python-crypto.scm
@@ -0,0 +1,637 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
+;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
+;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
+;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
+;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
+;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages python-crypto)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix git-download)
+  #:use-module (guix build-system python)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages check)
+  #:use-module (gnu packages crypto)
+  #:use-module (gnu packages libffi)
+  #:use-module (gnu packages multiprecision)
+  #:use-module (gnu packages protobuf)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages time)
+  #:use-module (gnu packages tls)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (srfi srfi-1))
+
+(define-public python-passlib
+  (package
+    (name "python-passlib")
+    (version "1.7.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "passlib" version))
+       (sha256
+        (base32
+         "1q2khqpj9rlcgdmkypjdq1kswvhjf72bq0zk2cv669cc2dj8z51x"))))
+    (build-system python-build-system)
+    (native-inputs
+     `(("python-nose" ,python-nose)))
+    (propagated-inputs
+     `(("python-py-bcrypt" ,python-py-bcrypt)))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'check 'set-PYTHON_EGG_CACHE
+           ;; some tests require access to "$HOME/.cython"
+           (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
+    (home-page "https://bitbucket.org/ecollins/passlib")
+    (synopsis
+     "Comprehensive password hashing framework")
+    (description
+     "Passlib is a password hashing library for Python 2 & 3, which provides
+cross-platform implementations of over 30 password hashing algorithms, as well
+as a framework for managing existing password hashes.  It's designed to be
+useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
+to providing full-strength password hashing for multi-user application.")
+    (license license:bsd-3)))
+
+(define-public python2-passlib
+  (package-with-python2 python-passlib))
+
+(define-public python-py-bcrypt
+  (package
+    (name "python-py-bcrypt")
+    (version "0.4")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://pypi.python.org/packages/source/p/py-bcrypt/py-bcrypt-"
+             version
+             ".tar.gz"))
+       (sha256
+        (base32
+         "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
+    (build-system python-build-system)
+    (home-page "https://code.google.com/p/py-bcrypt")
+    (synopsis
+     "Bcrypt password hashing and key derivation")
+    (description
+     "A python wrapper of OpenBSD's Blowfish password hashing code.  This
+system hashes passwords using a version of Bruce Schneier's Blowfish block
+cipher with modifications designed to raise the cost of off-line password
+cracking and frustrate fast hardware implementation.  The computation cost of
+the algorithm is parametised, so it can be increased as computers get faster.
+The intent is to make a compromise of a password database less likely to
+result in an attacker gaining knowledge of the plaintext passwords (e.g. using
+John the Ripper).")
+    ;; "sha2.c" is under BSD-3;
+    ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
+    ;; the rest is under ISC.
+    (license (list license:isc license:bsd-3 license:bsd-4))))
+
+(define-public python2-py-bcrypt
+  (package-with-python2 python-py-bcrypt))
+
+(define-public python-paramiko
+  (package
+    (name "python-paramiko")
+    (version "2.1.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "paramiko" version))
+       (sha256
+        (base32
+         "04734n0wy3hxk6rij4fr29in5jmr70nxpc7pqi2ksbjysfz4kbjz"))))
+    (build-system python-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (replace 'check
+           (lambda _
+             (zero? (system* "python" "test.py")))))))
+    (propagated-inputs
+     `(("python-pyasn1" ,python-pyasn1)
+       ("python-cryptography" ,python-cryptography)))
+    (home-page "http://www.paramiko.org/")
+    (synopsis "SSHv2 protocol library")
+    (description "Paramiko is a python implementation of the SSHv2 protocol,
+providing both client and server functionality.  While it leverages a Python C
+extension for low level cryptography (PyCrypto), Paramiko itself is a pure
+Python interface around SSH networking concepts.")
+    (license license:lgpl2.1+)))
+
+(define-public python2-paramiko
+  (package-with-python2 python-paramiko))
+
+(define-public python-ecdsa
+  (package
+    (name "python-ecdsa")
+    (version "0.13")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://pypi.python.org/packages/source/e/ecdsa/ecdsa-"
+             version
+             ".tar.gz"))
+       (sha256
+        (base32
+         "1yj31j0asmrx4an9xvsaj2icdmzy6pw0glfpqrrkrphwdpi1xkv4"))))
+    (build-system python-build-system)
+    (inputs
+     `(("openssl" ,openssl)))
+    (home-page
+     "https://github.com/warner/python-ecdsa")
+    (synopsis
+     "ECDSA cryptographic signature library (pure python)")
+    (description
+     "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
+Curve Digital Signature Algorithm), implemented purely in Python.  With this
+library, you can quickly create keypairs (signing key and verifying key), sign
+messages, and verify the signatures.  The keys and signatures are very short,
+making them easy to handle and incorporate into other protocols.")
+    (license license:expat)))
+
+(define-public python2-ecdsa
+  (package-with-python2 python-ecdsa))
+
+;;; Pycrypto is abandoned upstream:
+;;;
+;;; https://github.com/dlitz/pycrypto/issues/173
+;;;
+;;; TODO Remove this package from GNU Guix.
+(define-public python-pycrypto
+  (package
+    (name "python-pycrypto")
+    (version "2.6.1")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (pypi-uri "pycrypto" version))
+      (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"))
+      (sha256
+       (base32
+        "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
+    (build-system python-build-system)
+    (inputs
+     `(("python" ,python)
+       ("gmp" ,gmp)))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'set-build-env
+           ;; pycrypto runs an autoconf configure script behind the scenes
+           (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
+    (home-page "http://www.pycrypto.org/")
+    (synopsis "Cryptographic modules for Python")
+    (description
+     "Pycrypto is a collection of both secure hash functions (such as SHA256
+and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
+etc.).  The package is structured to make adding new modules easy.")
+    (license license:public-domain)))
+
+(define-public python2-pycrypto
+  (let ((pycrypto (package-with-python2 python-pycrypto)))
+    (package (inherit pycrypto)
+      (inputs
+       `(("python" ,python-2)
+         ,@(alist-delete
+            "python"
+            (package-inputs pycrypto)))))))
+
+(define-public python-keyring
+  (package
+    (name "python-keyring")
+    (version "8.7")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (pypi-uri "keyring" version))
+      (sha256
+       (base32
+        "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
+    (build-system python-build-system)
+    (native-inputs
+     `(("python-setuptools-scm" ,python-setuptools-scm)))
+    (propagated-inputs
+     `(("python-pycrypto" ,python-pycrypto)))
+    (arguments
+     `(#:tests? #f))                      ;TODO: tests require pytest
+    (home-page "https://github.com/jaraco/keyring")
+    (synopsis "Store and access your passwords safely")
+    (description
+     "The Python keyring lib provides a easy way to access the system keyring
+service from python.  It can be used in any application that needs safe
+password storage.")
+    ;; "MIT" and PSF dual license
+    (license license:x11)))
+
+(define-public python2-keyring
+  (package-with-python2 python-keyring))
+
+(define-public python-certifi
+  (package
+    (name "python-certifi")
+    (version "2017.1.23")
+    (source (origin
+              (method url-fetch)
+              (uri (pypi-uri "certifi" version))
+              (sha256
+               (base32
+                "1klrzl3hgvcf2mjk00g0k3kk1p2z27vzwnxivwar4vhjmjvpz1w1"))))
+    (build-system python-build-system)
+    (home-page "https://certifi.io/")
+    (synopsis "Python CA certificate bundle")
+    (description
+     "Certifi is a Python library that contains a CA certificate bundle, which
+is used by the Requests library to verify HTTPS requests.")
+    (license license:asl2.0)))
+
+(define-public python2-certifi
+  (package-with-python2 python-certifi))
+
+(define-public python-cryptography-vectors
+  (package
+    (name "python-cryptography-vectors")
+    (version "2.0.3")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "cryptography_vectors" version))
+       (sha256
+        (base32
+         "1qa117fs1yd50zn2cfxh7d9l999ds0z4h83m9m7j4fk6ffm33f5y"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/pyca/cryptography")
+    (synopsis "Test vectors for the cryptography package")
+    (description
+      "This package contains test vectors for the cryptography package.")
+    ;; Distributed under either BSD-3 or ASL2.0
+    (license (list license:bsd-3 license:asl2.0))))
+
+(define-public python2-cryptography-vectors
+  (package-with-python2 python-cryptography-vectors))
+
+(define-public python-cryptography
+  (package
+    (name "python-cryptography")
+    (version "2.0.3")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "cryptography" version))
+       (sha256
+        (base32
+         "0fnck37zyvbzmccbp7w3jy27jgmij1992j5wyy3gxhw6a11b4jyh"))))
+    (build-system python-build-system)
+    (inputs
+     `(("openssl" ,openssl)))
+    (propagated-inputs
+     `(("python-asn1crypto" ,python-asn1crypto)
+       ("python-cffi" ,python-cffi)
+       ("python-six" ,python-six)
+       ("python-idna" ,python-idna)
+       ("python-iso8601" ,python-iso8601)))
+    (native-inputs
+     `(("python-cryptography-vectors" ,python-cryptography-vectors)
+       ("python-hypothesis" ,python-hypothesis)
+       ("python-pretend" ,python-pretend)
+       ("python-pytz" ,python-pytz)
+       ("python-pytest" ,python-pytest)))
+    (home-page "https://github.com/pyca/cryptography")
+    (synopsis "Cryptographic recipes and primitives for Python")
+    (description
+      "cryptography is a package which provides cryptographic recipes and
+primitives to Python developers.  It aims to be the “cryptographic standard
+library” for Python.  The package includes both high level recipes, and low
+level interfaces to common cryptographic algorithms such as symmetric ciphers,
+message digests and key derivation functions.")
+    ;; Distributed under either BSD-3 or ASL2.0
+    (license (list license:bsd-3 license:asl2.0))
+    (properties `((python2-variant . ,(delay python2-cryptography))))))
+
+(define-public python2-cryptography
+  (let ((crypto (package-with-python2
+                 (strip-python2-variant python-cryptography))))
+    (package (inherit crypto)
+      (propagated-inputs
+       `(("python2-ipaddress" ,python2-ipaddress)
+         ("python2-backport-ssl-match-hostname"
+          ,python2-backport-ssl-match-hostname)
+         ("python2-enum34" ,python2-enum34)
+         ,@(package-propagated-inputs crypto))))))
+
+(define-public python-pyopenssl
+  (package
+    (name "python-pyopenssl")
+    (version "17.3.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pyOpenSSL" version))
+       (sha256
+        (base32
+         "0xkc1wfnpg6abzllivg3ylhc63npjdy1v81f4kc08bm8cj80nqr9"))))
+    (build-system python-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (delete 'check)
+         (add-after 'install 'check
+           (lambda* (#:key inputs outputs #:allow-other-keys)
+             (add-installed-pythonpath inputs outputs)
+             (zero? (system* "py.test" "-v" "-k"
+                             (string-append
+                              ;; This test tries to look up certificates from
+                              ;; the compiled-in default path in OpenSSL, which
+                              ;; does not exist in the build environment.
+                              "not test_fallback_default_verify_paths "
+                              ;; This test attempts to make a connection to
+                              ;; an external web service.
+                              "and not test_set_default_verify_paths"))))))))
+    (propagated-inputs
+     `(("python-cryptography" ,python-cryptography)
+       ("python-six" ,python-six)))
+    (inputs
+     `(("openssl" ,openssl)))
+    (native-inputs
+     `(("python-flaky" ,python-flaky)
+       ("python-pretend" ,python-pretend)
+       ("python-pytest" ,python-pytest)))
+    (home-page "https://github.com/pyca/pyopenssl")
+    (synopsis "Python wrapper module around the OpenSSL library")
+    (description
+      "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
+library.")
+    (license license:asl2.0)))
+
+(define-public python2-pyopenssl
+  (package-with-python2 python-pyopenssl))
+
+(define-public python-axolotl-curve25519
+  (package
+    (name "python-axolotl-curve25519")
+    (version "0.1")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/tgalal/python-axolotl-curve25519")
+             (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2")))
+       (file-name (string-append name "-" version "-checkout"))
+       (sha256
+        (base32
+         "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra"))))
+    (build-system python-build-system)
+    (arguments
+     `(;; Prevent creation of the egg. This works around
+       ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765
+       #:configure-flags '("--root=/")))
+    (home-page "https://github.com/tgalal/python-axolotl-curve25519")
+    (synopsis "Python wrapper for curve25519 library")
+    (description "This is a python wrapper for the curve25519 library
+with ed25519 signatures.  The C code was pulled from
+libaxolotl-android.  At the moment this wrapper is meant for use by
+python-axolotl.")
+    (license (list license:gpl3    ; Most files
+                   license:bsd-3)))) ; curve/curve25519-donna.c
+
+(define-public python2-axolotl-curve25519
+  (package-with-python2 python-axolotl-curve25519))
+
+(define-public python-axolotl
+  (package
+    (name "python-axolotl")
+    (version "0.1.35")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://github.com/tgalal/python-axolotl/archive/"
+             version ".tar.gz"))
+       (file-name (string-append name "-" version ".tar.gz"))
+       (sha256
+        (base32 "1z8d89p7v40p4bwywjm9h4z28fdvra79ddw06azlkrfjbl7dxmz8"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; Don't install tests
+         (add-before 'install 'remove-tests
+           (lambda _
+             (for-each delete-file-recursively
+                       '("axolotl/tests" "build/lib/axolotl/tests"))
+             #t)))))
+    (propagated-inputs
+     `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
+       ("python-dateutil" ,python-dateutil)
+       ("python-protobuf" ,python-protobuf)
+       ("python-pycrypto" ,python-pycrypto)))
+    (home-page "https://github.com/tgalal/python-axolotl")
+    (synopsis "Python port of libaxolotl-android")
+    (description "This is a python port of libaxolotl-android.  This
+is a ratcheting forward secrecy protocol that works in synchronous and
+asynchronous messaging environments.")
+    (license license:gpl3)))
+
+(define-public python2-axolotl
+  (package-with-python2 python-axolotl))
+
+;; SlowAES isn't compatible with Python 3.
+(define-public python2-slowaes
+  (package
+    (name "python2-slowaes")
+    (version "0.1a1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "slowaes" version))
+       (sha256
+        (base32
+         "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
+    (build-system python-build-system)
+    (arguments `(#:python ,python-2))
+    (home-page "http://code.google.com/p/slowaes/")
+    (synopsis "Implementation of AES in Python")
+    (description "This package contains an implementation of AES in Python.
+This implementation is slow (hence the project name) but still useful when
+faster ones are not available.")
+    (license license:asl2.0)))
+
+(define-public python-pyaes
+  (package
+    (name "python-pyaes")
+    (version "1.6.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pyaes" version))
+       (sha256
+        (base32
+         "0bp9bjqy1n6ij1zb86wz9lqa1dhla8qr1d7w2kxyn7jbj56sbmcw"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/ricmoo/pyaes")
+    (synopsis "Implementation of AES in Python")
+    (description "This package contains a pure-Python implementation of the
+AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
+ECB and OFB).")
+    (license license:expat)))
+
+(define-public python2-pyaes
+  (package-with-python2 python-pyaes))
+
+(define-public python-asn1crypto
+  (package
+    (name "python-asn1crypto")
+    (version "0.22.0")
+    (source
+      (origin
+        (method url-fetch)
+        (uri (string-append "https://github.com/wbond/asn1crypto/archive/"
+                            version ".tar.gz"))
+        (sha256
+         (base32
+          "1kn910896l3knmilla1c9ly20q181s43w1ah08lzkbm1h3j6pcz0"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/wbond/asn1crypto")
+    (synopsis "ASN.1 parser and serializer in Python")
+    (description "asn1crypto is an ASN.1 parser and serializer with definitions
+for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
+PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
+    (license license:expat)))
+
+(define-public python2-asn1crypto
+  (package-with-python2 python-asn1crypto))
+
+(define-public python-pynacl
+  (package
+    (name "python-pynacl")
+    (version "1.1.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "PyNaCl" version))
+       (modules '((guix build utils)))
+       ;; Remove bundled libsodium
+       (snippet '(delete-file-recursively "src/libsodium"))
+       (sha256
+        (base32
+         "135gz0020fqx8fbr9izpwyq49aww202nkqacq0cw61xz99sjpx9j"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'use-system-sodium
+           (lambda _
+             (setenv "SODIUM_INSTALL" "system")
+             #t)))))
+    (native-inputs
+     `(("python-pytest" ,python-pytest)))
+    (propagated-inputs
+     `(("python-cffi" ,python-cffi)
+       ("python-six" ,python-six)
+       ("libsodium" ,libsodium)))
+    (home-page "https://github.com/pyca/pynacl/")
+    (synopsis "Python bindings to libsodium")
+    (description
+     "PyNaCl is a Python binding to libsodium, which is a fork of the
+Networking and Cryptography library.  These libraries have a stated goal
+of improving usability, security and speed.")
+    (license license:asl2.0)))
+
+(define-public python2-pgpdump
+  (package
+    (name "python2-pgpdump")
+    (version "1.5")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pgpdump" version))
+       (sha256
+        (base32
+         "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
+    (build-system python-build-system)
+
+    ;; Currently fails to build with Python 3.
+    (arguments `(#:python ,python-2))
+
+    (home-page "https://github.com/toofishes/python-pgpdump")
+    (synopsis "Python library for parsing PGP packets")
+    (description
+     "Python-pgpdump is an OpenPGP packet parser based on
+@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}.  It notably supports:
+
+@itemize
+@item signature packets;
+@item public key packets;
+@item secret key packets;
+@item trust, user ID, and user attribute packets;
+@item ASCII-armor decoding and CRC check.
+@end itemize\n")
+    (license license:bsd-3)))
+
+(define-public python2-roca-detect
+  (package
+    (name "python2-roca-detect")
+    (version "1.0.8")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "roca-detect" version))
+       (sha256
+        (base32
+         "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
+    (build-system python-build-system)
+    (native-inputs
+     ;; TODO: apk_parse_ph4, pyjks
+     `(("python2-dateutil" ,python2-dateutil)
+       ("python2-six" ,python2-six)
+       ("python2-cryptography" ,python2-cryptography)
+       ("python2-future" ,python2-future)
+       ("python2-coloredlogs" ,python2-coloredlogs)
+       ("python2-pgpdump" ,python2-pgpdump)))
+    (arguments
+     `(;; Basic testing routine is quite simple and works with Py3
+       ;; but the rest of the code that processes the different
+       ;; key formats and extracts the modulus for inspection is
+       ;; not yet fully py3 ready.
+       #:python ,python-2))
+    (home-page "https://github.com/crocs-muni/roca")
+    (synopsis "ROCA detection tool")
+    (description
+     "This tool is related to the paper entitled @i{Return of the
+Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}.  It
+enables you to test public RSA keys for a presence of the described
+vulnerability.  Currently the tool supports the following key formats: X.509
+Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
+key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
+file, and more.")
+    (license license:gpl3)))