summary refs log tree commit diff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/admin.scm1
-rw-r--r--gnu/packages/backup.scm1
-rw-r--r--gnu/packages/crypto.scm1
-rw-r--r--gnu/packages/finance.scm1
-rw-r--r--gnu/packages/irc.scm3
-rw-r--r--gnu/packages/jrnl.scm3
-rw-r--r--gnu/packages/messaging.scm1
-rw-r--r--gnu/packages/openstack.scm1
-rw-r--r--gnu/packages/python-crypto.scm507
-rw-r--r--gnu/packages/python-web.scm1
-rw-r--r--gnu/packages/python.scm464
-rw-r--r--gnu/packages/tls.scm1
-rw-r--r--gnu/packages/xorg.scm1
14 files changed, 522 insertions, 465 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 84483da999..54d1ac91c9 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -341,6 +341,7 @@ GNU_SYSTEM_MODULES =				\
   %D%/packages/protobuf.scm			\
   %D%/packages/pv.scm				\
   %D%/packages/python.scm			\
+  %D%/packages/python-crypto.scm		\
   %D%/packages/python-web.scm			\
   %D%/packages/tryton.scm			\
   %D%/packages/qt.scm				\
diff --git a/gnu/packages/admin.scm b/gnu/packages/admin.scm
index bed313b266..58ef7d7253 100644
--- a/gnu/packages/admin.scm
+++ b/gnu/packages/admin.scm
@@ -69,6 +69,7 @@
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages popt)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages python-web)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages groff)
diff --git a/gnu/packages/backup.scm b/gnu/packages/backup.scm
index 70dfb30c03..23b5b49ed4 100644
--- a/gnu/packages/backup.scm
+++ b/gnu/packages/backup.scm
@@ -49,6 +49,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages python-web)
   #:use-module (gnu packages rsync)
   #:use-module (gnu packages ssh)
diff --git a/gnu/packages/crypto.scm b/gnu/packages/crypto.scm
index dce7d3534c..a821258aa8 100644
--- a/gnu/packages/crypto.scm
+++ b/gnu/packages/crypto.scm
@@ -44,6 +44,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages perl-check)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages readline)
   #:use-module (gnu packages search)
   #:use-module (gnu packages serialization)
diff --git a/gnu/packages/finance.scm b/gnu/packages/finance.scm
index 2a83921d6a..e123434201 100644
--- a/gnu/packages/finance.scm
+++ b/gnu/packages/finance.scm
@@ -45,6 +45,7 @@
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages protobuf)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages qt)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages textutils)
diff --git a/gnu/packages/irc.scm b/gnu/packages/irc.scm
index 5f031e3983..afa5f60eec 100644
--- a/gnu/packages/irc.scm
+++ b/gnu/packages/irc.scm
@@ -1,7 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013 Cyril Roelandt <tipecaml@gmail.com>
 ;;; Copyright © 2014 Kevin Lemonnier <lemonnierk@ulrar.net>
-;;; Copyright © 2015 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2015, 2017 Ludovic Courtès <ludo@gnu.org>
 ;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
 ;;; Copyright © 2016 ng0 <ng0@libertad.pw>
 ;;; Copyright © 2017 Marius Bakke <mbakke@fastmail.com>
@@ -51,6 +51,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages ruby)
   #:use-module (gnu packages qt)
   #:use-module (gnu packages tcl)
diff --git a/gnu/packages/jrnl.scm b/gnu/packages/jrnl.scm
index f26de0d4ab..a2ba7b8b9f 100644
--- a/gnu/packages/jrnl.scm
+++ b/gnu/packages/jrnl.scm
@@ -23,7 +23,8 @@
   #:use-module (guix licenses)
   #:use-module (guix download)
   #:use-module (guix build-system python)
-  #:use-module (gnu packages python))
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto))
 
 (define-public jrnl
   (package
diff --git a/gnu/packages/messaging.scm b/gnu/packages/messaging.scm
index 72dbbcd1e9..c0db36585b 100644
--- a/gnu/packages/messaging.scm
+++ b/gnu/packages/messaging.scm
@@ -69,6 +69,7 @@
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages glib)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages tcl)
diff --git a/gnu/packages/openstack.scm b/gnu/packages/openstack.scm
index 410a205849..5f15b01032 100644
--- a/gnu/packages/openstack.scm
+++ b/gnu/packages/openstack.scm
@@ -21,6 +21,7 @@
 (define-module (gnu packages openstack)
   #:use-module (gnu packages gnupg)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages python-web)
   #:use-module (gnu packages ssh)
   #:use-module (gnu packages tls)
diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
new file mode 100644
index 0000000000..8e4616b188
--- /dev/null
+++ b/gnu/packages/python-crypto.scm
@@ -0,0 +1,507 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2015 Eric Dvorsak <eric@dvorsak.fr>
+;;; Copyright © 2015, 2016, 2017 Efraim Flashner <efraim@flashner.co.il>
+;;; Copyright © 2015, 2016, 2017 Leo Famulari <leo@famulari.name>
+;;; Copyright © 2016, 2017 Marius Bakke <mbakke@fastmail.com>
+;;; Copyright © 2017 Ben Sturmfels <ben@sturm.com.au>
+;;; Copyright © 2016 Sou Bunnbu <iyzsong@gmail.com>
+;;; Copyright © 2015 Cyril Roelandt <tipecaml@gmail.com>
+;;; Copyright © 2014, 2017 Eric Bavier <bavier@member.fsf.org>
+;;; Copyright © 2015, 2016 David Thompson <davet@gnu.org>
+;;; Copyright © 2016, 2017 Tobias Geerinckx-Rice <me@tobias.gr>
+;;; Copyright © 2016, 2017 ng0 <ng0@infotropique.org>
+;;; Copyright © 2014, 2015 Mark H Weaver <mhw@netris.org>
+;;; Copyright © 2015, 2016, 2017 Ricardo Wurmus <rekado@elephly.net>
+;;; Copyright © 2016 Danny Milosavljevic <dannym+a@scratchpost.org>
+;;; Copyright © 2016, 2017 Arun Isaac <arunisaac@systemreboot.net>
+;;; Copyright © 2017 Carlo Zancanaro <carlo@zancanaro.id.au>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages python-crypto)
+  #:use-module (guix packages)
+  #:use-module (guix download)
+  #:use-module (guix git-download)
+  #:use-module (guix build-system python)
+  #:use-module (gnu packages)
+  #:use-module (gnu packages crypto)              ;XXX: Move python-* here?
+  #:use-module (gnu packages libffi)
+  #:use-module (gnu packages multiprecision)
+  #:use-module (gnu packages protobuf)
+  #:use-module (gnu packages python)
+  #:use-module (gnu packages tls)
+  #:use-module ((guix licenses) #:prefix license:)
+  #:use-module (srfi srfi-1))
+
+(define-public python-passlib
+  (package
+    (name "python-passlib")
+    (version "1.7.1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "passlib" version))
+       (sha256
+        (base32
+         "1q2khqpj9rlcgdmkypjdq1kswvhjf72bq0zk2cv669cc2dj8z51x"))))
+    (build-system python-build-system)
+    (native-inputs
+     `(("python-nose" ,python-nose)))
+    (propagated-inputs
+     `(("python-py-bcrypt" ,python-py-bcrypt)))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'check 'set-PYTHON_EGG_CACHE
+           ;; some tests require access to "$HOME/.cython"
+           (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
+    (home-page "https://bitbucket.org/ecollins/passlib")
+    (synopsis
+     "Comprehensive password hashing framework")
+    (description
+     "Passlib is a password hashing library for Python 2 & 3, which provides
+cross-platform implementations of over 30 password hashing algorithms, as well
+as a framework for managing existing password hashes.  It's designed to be
+useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
+to providing full-strength password hashing for multi-user application.")
+    (license license:bsd-3)))
+
+(define-public python2-passlib
+  (package-with-python2 python-passlib))
+
+(define-public python-py-bcrypt
+  (package
+    (name "python-py-bcrypt")
+    (version "0.4")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://pypi.python.org/packages/source/p/py-bcrypt/py-bcrypt-"
+             version
+             ".tar.gz"))
+       (sha256
+        (base32
+         "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
+    (build-system python-build-system)
+    (home-page "https://code.google.com/p/py-bcrypt")
+    (synopsis
+     "Bcrypt password hashing and key derivation")
+    (description
+     "A python wrapper of OpenBSD's Blowfish password hashing code.  This
+system hashes passwords using a version of Bruce Schneier's Blowfish block
+cipher with modifications designed to raise the cost of off-line password
+cracking and frustrate fast hardware implementation.  The computation cost of
+the algorithm is parametised, so it can be increased as computers get faster.
+The intent is to make a compromise of a password database less likely to
+result in an attacker gaining knowledge of the plaintext passwords (e.g. using
+John the Ripper).")
+    ;; "sha2.c" is under BSD-3;
+    ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
+    ;; the rest is under ISC.
+    (license (list license:isc license:bsd-3 license:bsd-4))))
+
+(define-public python2-py-bcrypt
+  (package-with-python2 python-py-bcrypt))
+
+(define-public python-paramiko
+  (package
+    (name "python-paramiko")
+    (version "2.1.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "paramiko" version))
+       (sha256
+        (base32
+         "04734n0wy3hxk6rij4fr29in5jmr70nxpc7pqi2ksbjysfz4kbjz"))))
+    (build-system python-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (replace 'check
+           (lambda _
+             (zero? (system* "python" "test.py")))))))
+    (propagated-inputs
+     `(("python-pyasn1" ,python-pyasn1)
+       ("python-cryptography" ,python-cryptography)))
+    (home-page "http://www.paramiko.org/")
+    (synopsis "SSHv2 protocol library")
+    (description "Paramiko is a python implementation of the SSHv2 protocol,
+providing both client and server functionality.  While it leverages a Python C
+extension for low level cryptography (PyCrypto), Paramiko itself is a pure
+Python interface around SSH networking concepts.")
+    (license license:lgpl2.1+)))
+
+(define-public python2-paramiko
+  (package-with-python2 python-paramiko))
+
+(define-public python-ecdsa
+  (package
+    (name "python-ecdsa")
+    (version "0.13")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://pypi.python.org/packages/source/e/ecdsa/ecdsa-"
+             version
+             ".tar.gz"))
+       (sha256
+        (base32
+         "1yj31j0asmrx4an9xvsaj2icdmzy6pw0glfpqrrkrphwdpi1xkv4"))))
+    (build-system python-build-system)
+    (inputs
+     `(("openssl" ,openssl)))
+    (home-page
+     "https://github.com/warner/python-ecdsa")
+    (synopsis
+     "ECDSA cryptographic signature library (pure python)")
+    (description
+     "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
+Curve Digital Signature Algorithm), implemented purely in Python.  With this
+library, you can quickly create keypairs (signing key and verifying key), sign
+messages, and verify the signatures.  The keys and signatures are very short,
+making them easy to handle and incorporate into other protocols.")
+    (license license:expat)))
+
+(define-public python2-ecdsa
+  (package-with-python2 python-ecdsa))
+
+;;; Pycrypto is abandoned upstream:
+;;;
+;;; https://github.com/dlitz/pycrypto/issues/173
+;;;
+;;; TODO Remove this package from GNU Guix.
+(define-public python-pycrypto
+  (package
+    (name "python-pycrypto")
+    (version "2.6.1")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (pypi-uri "pycrypto" version))
+      (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"))
+      (sha256
+       (base32
+        "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
+    (build-system python-build-system)
+    (inputs
+     `(("python" ,python)
+       ("gmp" ,gmp)))
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'set-build-env
+           ;; pycrypto runs an autoconf configure script behind the scenes
+           (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
+    (home-page "http://www.pycrypto.org/")
+    (synopsis "Cryptographic modules for Python")
+    (description
+     "Pycrypto is a collection of both secure hash functions (such as SHA256
+and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
+etc.).  The package is structured to make adding new modules easy.")
+    (license license:public-domain)))
+
+(define-public python2-pycrypto
+  (let ((pycrypto (package-with-python2 python-pycrypto)))
+    (package (inherit pycrypto)
+      (inputs
+       `(("python" ,python-2)
+         ,@(alist-delete
+            "python"
+            (package-inputs pycrypto)))))))
+
+(define-public python-keyring
+  (package
+    (name "python-keyring")
+    (version "8.7")
+    (source
+     (origin
+      (method url-fetch)
+      (uri (pypi-uri "keyring" version))
+      (sha256
+       (base32
+        "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
+    (build-system python-build-system)
+    (native-inputs
+     `(("python-setuptools-scm" ,python-setuptools-scm)))
+    (propagated-inputs
+     `(("python-pycrypto" ,python-pycrypto)))
+    (arguments
+     `(#:tests? #f))                      ;TODO: tests require pytest
+    (home-page "https://github.com/jaraco/keyring")
+    (synopsis "Store and access your passwords safely")
+    (description
+     "The Python keyring lib provides a easy way to access the system keyring
+service from python.  It can be used in any application that needs safe
+password storage.")
+    ;; "MIT" and PSF dual license
+    (license license:x11)))
+
+(define-public python2-keyring
+  (package-with-python2 python-keyring))
+
+(define-public python-certifi
+  (package
+    (name "python-certifi")
+    (version "2017.1.23")
+    (source (origin
+              (method url-fetch)
+              (uri (pypi-uri "certifi" version))
+              (sha256
+               (base32
+                "1klrzl3hgvcf2mjk00g0k3kk1p2z27vzwnxivwar4vhjmjvpz1w1"))))
+    (build-system python-build-system)
+    (home-page "https://certifi.io/")
+    (synopsis "Python CA certificate bundle")
+    (description
+     "Certifi is a Python library that contains a CA certificate bundle, which
+is used by the Requests library to verify HTTPS requests.")
+    (license license:asl2.0)))
+
+(define-public python2-certifi
+  (package-with-python2 python-certifi))
+
+(define-public python-cryptography-vectors
+  (package
+    (name "python-cryptography-vectors")
+    (version "2.0.3")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "cryptography_vectors" version))
+       (sha256
+        (base32
+         "1qa117fs1yd50zn2cfxh7d9l999ds0z4h83m9m7j4fk6ffm33f5y"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/pyca/cryptography")
+    (synopsis "Test vectors for the cryptography package")
+    (description
+      "This package contains test vectors for the cryptography package.")
+    ;; Distributed under either BSD-3 or ASL2.0
+    (license (list license:bsd-3 license:asl2.0))))
+
+(define-public python2-cryptography-vectors
+  (package-with-python2 python-cryptography-vectors))
+
+(define-public python-cryptography
+  (package
+    (name "python-cryptography")
+    (version "2.0.3")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "cryptography" version))
+       (sha256
+        (base32
+         "0fnck37zyvbzmccbp7w3jy27jgmij1992j5wyy3gxhw6a11b4jyh"))))
+    (build-system python-build-system)
+    (inputs
+     `(("openssl" ,openssl)))
+    (propagated-inputs
+     `(("python-asn1crypto" ,python-asn1crypto)
+       ("python-cffi" ,python-cffi)
+       ("python-six" ,python-six)
+       ("python-idna" ,python-idna)
+       ("python-iso8601" ,python-iso8601)))
+    (native-inputs
+     `(("python-cryptography-vectors" ,python-cryptography-vectors)
+       ("python-hypothesis" ,python-hypothesis)
+       ("python-pretend" ,python-pretend)
+       ("python-pytz" ,python-pytz)
+       ("python-pytest" ,python-pytest-3.0)))
+    (home-page "https://github.com/pyca/cryptography")
+    (synopsis "Cryptographic recipes and primitives for Python")
+    (description
+      "cryptography is a package which provides cryptographic recipes and
+primitives to Python developers.  It aims to be the “cryptographic standard
+library” for Python.  The package includes both high level recipes, and low
+level interfaces to common cryptographic algorithms such as symmetric ciphers,
+message digests and key derivation functions.")
+    ;; Distributed under either BSD-3 or ASL2.0
+    (license (list license:bsd-3 license:asl2.0))
+    (properties `((python2-variant . ,(delay python2-cryptography))))))
+
+(define-public python2-cryptography
+  (let ((crypto (package-with-python2
+                 (strip-python2-variant python-cryptography))))
+    (package (inherit crypto)
+      (propagated-inputs
+       `(("python2-ipaddress" ,python2-ipaddress)
+         ("python2-backport-ssl-match-hostname"
+          ,python2-backport-ssl-match-hostname)
+         ("python2-enum34" ,python2-enum34)
+         ,@(package-propagated-inputs crypto))))))
+
+(define-public python-pyopenssl
+  (package
+    (name "python-pyopenssl")
+    (version "17.3.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pyOpenSSL" version))
+       (sha256
+        (base32
+         "0xkc1wfnpg6abzllivg3ylhc63npjdy1v81f4kc08bm8cj80nqr9"))))
+    (build-system python-build-system)
+    (arguments
+     '(#:phases
+       (modify-phases %standard-phases
+         (delete 'check)
+         (add-after 'install 'check
+           (lambda* (#:key inputs outputs #:allow-other-keys)
+             (add-installed-pythonpath inputs outputs)
+             (zero? (system* "py.test" "-v" "-k"
+                             (string-append
+                              ;; This test tries to look up certificates from
+                              ;; the compiled-in default path in OpenSSL, which
+                              ;; does not exist in the build environment.
+                              "not test_fallback_default_verify_paths "
+                              ;; This test attempts to make a connection to
+                              ;; an external web service.
+                              "and not test_set_default_verify_paths"))))))))
+    (propagated-inputs
+     `(("python-cryptography" ,python-cryptography)
+       ("python-six" ,python-six)))
+    (inputs
+     `(("openssl" ,openssl)))
+    (native-inputs
+     `(("python-flaky" ,python-flaky)
+       ("python-pretend" ,python-pretend)
+       ("python-pytest" ,python-pytest-3.0)))
+    (home-page "https://github.com/pyca/pyopenssl")
+    (synopsis "Python wrapper module around the OpenSSL library")
+    (description
+      "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
+library.")
+    (license license:asl2.0)))
+
+(define-public python2-pyopenssl
+  (package-with-python2 python-pyopenssl))
+
+(define-public python-axolotl-curve25519
+  (package
+    (name "python-axolotl-curve25519")
+    (version "0.1")
+    (source
+     (origin
+       (method git-fetch)
+       (uri (git-reference
+             (url "https://github.com/tgalal/python-axolotl-curve25519")
+             (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2")))
+       (file-name (string-append name "-" version "-checkout"))
+       (sha256
+        (base32
+         "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra"))))
+    (build-system python-build-system)
+    (arguments
+     `(;; Prevent creation of the egg. This works around
+       ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765
+       #:configure-flags '("--root=/")))
+    (home-page "https://github.com/tgalal/python-axolotl-curve25519")
+    (synopsis "Python wrapper for curve25519 library")
+    (description "This is a python wrapper for the curve25519 library
+with ed25519 signatures.  The C code was pulled from
+libaxolotl-android.  At the moment this wrapper is meant for use by
+python-axolotl.")
+    (license (list license:gpl3    ; Most files
+                   license:bsd-3)))) ; curve/curve25519-donna.c
+
+(define-public python2-axolotl-curve25519
+  (package-with-python2 python-axolotl-curve25519))
+
+(define-public python-axolotl
+  (package
+    (name "python-axolotl")
+    (version "0.1.35")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (string-append
+             "https://github.com/tgalal/python-axolotl/archive/"
+             version ".tar.gz"))
+       (file-name (string-append name "-" version ".tar.gz"))
+       (sha256
+        (base32 "1z8d89p7v40p4bwywjm9h4z28fdvra79ddw06azlkrfjbl7dxmz8"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         ;; Don't install tests
+         (add-before 'install 'remove-tests
+           (lambda _
+             (for-each delete-file-recursively
+                       '("axolotl/tests" "build/lib/axolotl/tests"))
+             #t)))))
+    (propagated-inputs
+     `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
+       ("python-dateutil" ,python-dateutil)
+       ("python-protobuf" ,python-protobuf)
+       ("python-pycrypto" ,python-pycrypto)))
+    (home-page "https://github.com/tgalal/python-axolotl")
+    (synopsis "Python port of libaxolotl-android")
+    (description "This is a python port of libaxolotl-android.  This
+is a ratcheting forward secrecy protocol that works in synchronous and
+asynchronous messaging environments.")
+    (license license:gpl3)))
+
+(define-public python2-axolotl
+  (package-with-python2 python-axolotl))
+
+;; SlowAES isn't compatible with Python 3.
+(define-public python2-slowaes
+  (package
+    (name "python2-slowaes")
+    (version "0.1a1")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "slowaes" version))
+       (sha256
+        (base32
+         "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
+    (build-system python-build-system)
+    (arguments `(#:python ,python-2))
+    (home-page "http://code.google.com/p/slowaes/")
+    (synopsis "Implementation of AES in Python")
+    (description "This package contains an implementation of AES in Python.
+This implementation is slow (hence the project name) but still useful when
+faster ones are not available.")
+    (license license:asl2.0)))
+
+(define-public python-pyaes
+  (package
+    (name "python-pyaes")
+    (version "1.6.0")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pyaes" version))
+       (sha256
+        (base32
+         "0bp9bjqy1n6ij1zb86wz9lqa1dhla8qr1d7w2kxyn7jbj56sbmcw"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/ricmoo/pyaes")
+    (synopsis "Implementation of AES in Python")
+    (description "This package contains a pure-Python implementation of the
+AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
+ECB and OFB).")
+    (license license:expat)))
+
+(define-public python2-pyaes
+  (package-with-python2 python-pyaes))
diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm
index 84bd10b68c..664c1b8cdc 100644
--- a/gnu/packages/python-web.scm
+++ b/gnu/packages/python-web.scm
@@ -46,6 +46,7 @@
   #:use-module (gnu packages django)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages xml)
   #:use-module ((guix licenses) #:prefix license:)
   #:use-module (srfi srfi-1))
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 0d5c09b86b..d8de3192c2 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -99,7 +99,7 @@
   #:use-module (gnu packages pcre)
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
-  #:use-module (gnu packages protobuf)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages python-web)
   #:use-module (gnu packages qt)
   #:use-module (gnu packages readline)
@@ -468,143 +468,6 @@ pidof, tty, taskset, pmap.")
 (define-public python2-psutil
   (package-with-python2 python-psutil))
 
-(define-public python-passlib
-  (package
-    (name "python-passlib")
-    (version "1.7.1")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "passlib" version))
-       (sha256
-        (base32
-         "1q2khqpj9rlcgdmkypjdq1kswvhjf72bq0zk2cv669cc2dj8z51x"))))
-    (build-system python-build-system)
-    (native-inputs
-     `(("python-nose" ,python-nose)))
-    (propagated-inputs
-     `(("python-py-bcrypt" ,python-py-bcrypt)))
-    (arguments
-     `(#:phases
-       (modify-phases %standard-phases
-         (add-before 'check 'set-PYTHON_EGG_CACHE
-           ;; some tests require access to "$HOME/.cython"
-           (lambda* _ (setenv "PYTHON_EGG_CACHE" "/tmp") #t)))))
-    (home-page "https://bitbucket.org/ecollins/passlib")
-    (synopsis
-     "Comprehensive password hashing framework")
-    (description
-     "Passlib is a password hashing library for Python 2 & 3, which provides
-cross-platform implementations of over 30 password hashing algorithms, as well
-as a framework for managing existing password hashes.  It's designed to be
-useful for a wide range of tasks, from verifying a hash found in /etc/shadow,
-to providing full-strength password hashing for multi-user application.")
-    (license license:bsd-3)))
-
-(define-public python2-passlib
-  (package-with-python2 python-passlib))
-
-(define-public python-py-bcrypt
-  (package
-    (name "python-py-bcrypt")
-    (version "0.4")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (string-append
-             "https://pypi.python.org/packages/source/p/py-bcrypt/py-bcrypt-"
-             version
-             ".tar.gz"))
-       (sha256
-        (base32
-         "0y6smdggwi5s72v6p1nn53dg6w05hna3d264cq6kas0lap73p8az"))))
-    (build-system python-build-system)
-    (home-page "https://code.google.com/p/py-bcrypt")
-    (synopsis
-     "Bcrypt password hashing and key derivation")
-    (description
-     "A python wrapper of OpenBSD's Blowfish password hashing code.  This
-system hashes passwords using a version of Bruce Schneier's Blowfish block
-cipher with modifications designed to raise the cost of off-line password
-cracking and frustrate fast hardware implementation.  The computation cost of
-the algorithm is parametised, so it can be increased as computers get faster.
-The intent is to make a compromise of a password database less likely to
-result in an attacker gaining knowledge of the plaintext passwords (e.g. using
-John the Ripper).")
-    ;; "sha2.c" is under BSD-3;
-    ;; "blowfish.c" and "bcrypt.c" are under BSD-4;
-    ;; the rest is under ISC.
-    (license (list license:isc license:bsd-3 license:bsd-4))))
-
-(define-public python2-py-bcrypt
-  (package-with-python2 python-py-bcrypt))
-
-
-(define-public python-paramiko
-  (package
-    (name "python-paramiko")
-    (version "2.1.2")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "paramiko" version))
-       (sha256
-        (base32
-         "04734n0wy3hxk6rij4fr29in5jmr70nxpc7pqi2ksbjysfz4kbjz"))))
-    (build-system python-build-system)
-    (arguments
-     '(#:phases
-       (modify-phases %standard-phases
-         (replace 'check
-           (lambda _
-             (zero? (system* "python" "test.py")))))))
-    (propagated-inputs
-     `(("python-pyasn1" ,python-pyasn1)
-       ("python-cryptography" ,python-cryptography)))
-    (home-page "http://www.paramiko.org/")
-    (synopsis "SSHv2 protocol library")
-    (description "Paramiko is a python implementation of the SSHv2 protocol,
-providing both client and server functionality.  While it leverages a Python C
-extension for low level cryptography (PyCrypto), Paramiko itself is a pure
-Python interface around SSH networking concepts.")
-    (license license:lgpl2.1+)))
-
-(define-public python2-paramiko
-  (package-with-python2 python-paramiko))
-
-
-(define-public python-ecdsa
-  (package
-    (name "python-ecdsa")
-    (version "0.13")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (string-append
-             "https://pypi.python.org/packages/source/e/ecdsa/ecdsa-"
-             version
-             ".tar.gz"))
-       (sha256
-        (base32
-         "1yj31j0asmrx4an9xvsaj2icdmzy6pw0glfpqrrkrphwdpi1xkv4"))))
-    (build-system python-build-system)
-    (inputs
-     `(("openssl" ,openssl)))
-    (home-page
-     "https://github.com/warner/python-ecdsa")
-    (synopsis
-     "ECDSA cryptographic signature library (pure python)")
-    (description
-     "This is an easy-to-use implementation of ECDSA cryptography (Elliptic
-Curve Digital Signature Algorithm), implemented purely in Python.  With this
-library, you can quickly create keypairs (signing key and verifying key), sign
-messages, and verify the signatures.  The keys and signatures are very short,
-making them easy to handle and incorporate into other protocols.")
-    (license license:expat)))
-
-(define-public python2-ecdsa
-  (package-with-python2 python-ecdsa))
-
 (define-public python-ccm
   (package
     (name "python-ccm")
@@ -1034,50 +897,6 @@ multiple Unicode code points, e.g. \"G\" + acute-accent)
 (define-public python2-uniseg
   (package-with-python2 python-uniseg))
 
-;;; Pycrypto is abandoned upstream:
-;;;
-;;; https://github.com/dlitz/pycrypto/issues/173
-;;;
-;;; TODO Remove this package from GNU Guix.
-(define-public python-pycrypto
-  (package
-    (name "python-pycrypto")
-    (version "2.6.1")
-    (source
-     (origin
-      (method url-fetch)
-      (uri (pypi-uri "pycrypto" version))
-      (patches (search-patches "python-pycrypto-CVE-2013-7459.patch"))
-      (sha256
-       (base32
-        "0g0ayql5b9mkjam8hym6zyg6bv77lbh66rv1fyvgqb17kfc1xkpj"))))
-    (build-system python-build-system)
-    (inputs
-     `(("python" ,python)
-       ("gmp" ,gmp)))
-    (arguments
-     `(#:phases
-       (modify-phases %standard-phases
-         (add-before 'build 'set-build-env
-           ;; pycrypto runs an autoconf configure script behind the scenes
-           (lambda _ (setenv "CONFIG_SHELL" (which "bash")) #t)))))
-    (home-page "http://www.pycrypto.org/")
-    (synopsis "Cryptographic modules for Python")
-    (description
-     "Pycrypto is a collection of both secure hash functions (such as SHA256
-and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal,
-etc.).  The package is structured to make adding new modules easy.")
-    (license license:public-domain)))
-
-(define-public python2-pycrypto
-  (let ((pycrypto (package-with-python2 python-pycrypto)))
-    (package (inherit pycrypto)
-      (inputs
-       `(("python" ,python-2)
-         ,@(alist-delete
-            "python"
-            (package-inputs pycrypto)))))))
-
 (define-public python-humanfriendly
   (package
     (name "python-humanfriendly")
@@ -1228,36 +1047,6 @@ from the Python interpreter, or as a small part of a larger application.")
        `(("python2-enum34" ,python2-enum34)
          ,@(package-propagated-inputs base))))))
 
-(define-public python-keyring
-  (package
-    (name "python-keyring")
-    (version "8.7")
-    (source
-     (origin
-      (method url-fetch)
-      (uri (pypi-uri "keyring" version))
-      (sha256
-       (base32
-        "0482rmi2x6p78wl2kz8qzyq21xz1sbbfwnv5x7dggar4vkwxhzfx"))))
-    (build-system python-build-system)
-    (native-inputs
-     `(("python-setuptools-scm" ,python-setuptools-scm)))
-    (propagated-inputs
-     `(("python-pycrypto" ,python-pycrypto)))
-    (arguments
-     `(#:tests? #f))                      ;TODO: tests require pytest
-    (home-page "https://github.com/jaraco/keyring")
-    (synopsis "Store and access your passwords safely")
-    (description
-     "The Python keyring lib provides a easy way to access the system keyring
-service from python.  It can be used in any application that needs safe
-password storage.")
-    ;; "MIT" and PSF dual license
-    (license license:x11)))
-
-(define-public python2-keyring
-  (package-with-python2 python-keyring))
-
 (define-public python-six
   (package
     (name "python-six")
@@ -2669,27 +2458,6 @@ files.")
 (define-public python2-pyld
   (package-with-python2 python-pyld))
 
-(define-public python-certifi
-  (package
-    (name "python-certifi")
-    (version "2017.1.23")
-    (source (origin
-              (method url-fetch)
-              (uri (pypi-uri "certifi" version))
-              (sha256
-               (base32
-                "1klrzl3hgvcf2mjk00g0k3kk1p2z27vzwnxivwar4vhjmjvpz1w1"))))
-    (build-system python-build-system)
-    (home-page "https://certifi.io/")
-    (synopsis "Python CA certificate bundle")
-    (description
-     "Certifi is a Python library that contains a CA certificate bundle, which
-is used by the Requests library to verify HTTPS requests.")
-    (license license:asl2.0)))
-
-(define-public python2-certifi
-  (package-with-python2 python-certifi))
-
 (define-public python-click
   (package
     (name "python-click")
@@ -7616,124 +7384,6 @@ responses, rather than doing any computation.")
 (define-public python2-pretend
   (package-with-python2 python-pretend))
 
-(define-public python-cryptography-vectors
-  (package
-    (name "python-cryptography-vectors")
-    (version "2.0.3")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "cryptography_vectors" version))
-       (sha256
-        (base32
-         "1qa117fs1yd50zn2cfxh7d9l999ds0z4h83m9m7j4fk6ffm33f5y"))))
-    (build-system python-build-system)
-    (home-page "https://github.com/pyca/cryptography")
-    (synopsis "Test vectors for the cryptography package")
-    (description
-      "This package contains test vectors for the cryptography package.")
-    ;; Distributed under either BSD-3 or ASL2.0
-    (license (list license:bsd-3 license:asl2.0))))
-
-(define-public python2-cryptography-vectors
-  (package-with-python2 python-cryptography-vectors))
-
-(define-public python-cryptography
-  (package
-    (name "python-cryptography")
-    (version "2.0.3")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "cryptography" version))
-       (sha256
-        (base32
-         "0fnck37zyvbzmccbp7w3jy27jgmij1992j5wyy3gxhw6a11b4jyh"))))
-    (build-system python-build-system)
-    (inputs
-     `(("openssl" ,openssl)))
-    (propagated-inputs
-     `(("python-asn1crypto" ,python-asn1crypto)
-       ("python-cffi" ,python-cffi)
-       ("python-six" ,python-six)
-       ("python-idna" ,python-idna)
-       ("python-iso8601" ,python-iso8601)))
-    (native-inputs
-     `(("python-cryptography-vectors" ,python-cryptography-vectors)
-       ("python-hypothesis" ,python-hypothesis)
-       ("python-pretend" ,python-pretend)
-       ("python-pytz" ,python-pytz)
-       ("python-pytest" ,python-pytest-3.0)))
-    (home-page "https://github.com/pyca/cryptography")
-    (synopsis "Cryptographic recipes and primitives for Python")
-    (description
-      "cryptography is a package which provides cryptographic recipes and
-primitives to Python developers.  It aims to be the “cryptographic standard
-library” for Python.  The package includes both high level recipes, and low
-level interfaces to common cryptographic algorithms such as symmetric ciphers,
-message digests and key derivation functions.")
-    ;; Distributed under either BSD-3 or ASL2.0
-    (license (list license:bsd-3 license:asl2.0))
-    (properties `((python2-variant . ,(delay python2-cryptography))))))
-
-(define-public python2-cryptography
-  (let ((crypto (package-with-python2
-                 (strip-python2-variant python-cryptography))))
-    (package (inherit crypto)
-      (propagated-inputs
-       `(("python2-ipaddress" ,python2-ipaddress)
-         ("python2-backport-ssl-match-hostname"
-          ,python2-backport-ssl-match-hostname)
-         ("python2-enum34" ,python2-enum34)
-         ,@(package-propagated-inputs crypto))))))
-
-(define-public python-pyopenssl
-  (package
-    (name "python-pyopenssl")
-    (version "17.3.0")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "pyOpenSSL" version))
-       (sha256
-        (base32
-         "0xkc1wfnpg6abzllivg3ylhc63npjdy1v81f4kc08bm8cj80nqr9"))))
-    (build-system python-build-system)
-    (arguments
-     '(#:phases
-       (modify-phases %standard-phases
-         (delete 'check)
-         (add-after 'install 'check
-           (lambda* (#:key inputs outputs #:allow-other-keys)
-             (add-installed-pythonpath inputs outputs)
-             (zero? (system* "py.test" "-v" "-k"
-                             (string-append
-                              ;; This test tries to look up certificates from
-                              ;; the compiled-in default path in OpenSSL, which
-                              ;; does not exist in the build environment.
-                              "not test_fallback_default_verify_paths "
-                              ;; This test attempts to make a connection to
-                              ;; an external web service.
-                              "and not test_set_default_verify_paths"))))))))
-    (propagated-inputs
-     `(("python-cryptography" ,python-cryptography)
-       ("python-six" ,python-six)))
-    (inputs
-     `(("openssl" ,openssl)))
-    (native-inputs
-     `(("python-flaky" ,python-flaky)
-       ("python-pretend" ,python-pretend)
-       ("python-pytest" ,python-pytest-3.0)))
-    (home-page "https://github.com/pyca/pyopenssl")
-    (synopsis "Python wrapper module around the OpenSSL library")
-    (description
-      "PyOpenSSL is a high-level wrapper around a subset of the OpenSSL
-library.")
-    (license license:asl2.0)))
-
-(define-public python2-pyopenssl
-  (package-with-python2 python-pyopenssl))
-
 (define-public python-pip
   (package
     (name "python-pip")
@@ -12197,75 +11847,6 @@ PNG, JPEG, JPEG2000 and GIF files in pure Python.")
 (define-public python2-imagesize
  (package-with-python2 python-imagesize))
 
-(define-public python-axolotl-curve25519
-  (package
-    (name "python-axolotl-curve25519")
-    (version "0.1")
-    (source
-     (origin
-       (method git-fetch)
-       (uri (git-reference
-             (url "https://github.com/tgalal/python-axolotl-curve25519")
-             (commit "e4a9c4de0eae27223200579c58d1f8f6d20637e2")))
-       (file-name (string-append name "-" version "-checkout"))
-       (sha256
-        (base32
-         "0agap5q0hmvf6cwzjqc05kw53pjgf6942pcivpazksmg1vk400ra"))))
-    (build-system python-build-system)
-    (arguments
-     `(;; Prevent creation of the egg. This works around
-       ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=20765
-       #:configure-flags '("--root=/")))
-    (home-page "https://github.com/tgalal/python-axolotl-curve25519")
-    (synopsis "Python wrapper for curve25519 library")
-    (description "This is a python wrapper for the curve25519 library
-with ed25519 signatures.  The C code was pulled from
-libaxolotl-android.  At the moment this wrapper is meant for use by
-python-axolotl.")
-    (license (list license:gpl3    ; Most files
-                   license:bsd-3)))) ; curve/curve25519-donna.c
-
-(define-public python2-axolotl-curve25519
-  (package-with-python2 python-axolotl-curve25519))
-
-(define-public python-axolotl
-  (package
-    (name "python-axolotl")
-    (version "0.1.35")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (string-append
-             "https://github.com/tgalal/python-axolotl/archive/"
-             version ".tar.gz"))
-       (file-name (string-append name "-" version ".tar.gz"))
-       (sha256
-        (base32 "1z8d89p7v40p4bwywjm9h4z28fdvra79ddw06azlkrfjbl7dxmz8"))))
-    (build-system python-build-system)
-    (arguments
-     `(#:phases
-       (modify-phases %standard-phases
-         ;; Don't install tests
-         (add-before 'install 'remove-tests
-           (lambda _
-             (for-each delete-file-recursively
-                       '("axolotl/tests" "build/lib/axolotl/tests"))
-             #t)))))
-    (propagated-inputs
-     `(("python-axolotl-curve25519" ,python-axolotl-curve25519)
-       ("python-dateutil" ,python-dateutil)
-       ("python-protobuf" ,python-protobuf)
-       ("python-pycrypto" ,python-pycrypto)))
-    (home-page "https://github.com/tgalal/python-axolotl")
-    (synopsis "Python port of libaxolotl-android")
-    (description "This is a python port of libaxolotl-android.  This
-is a ratcheting forward secrecy protocol that works in synchronous and
-asynchronous messaging environments.")
-    (license license:gpl3)))
-
-(define-public python2-axolotl
-  (package-with-python2 python-axolotl))
-
 (define-public python-termstyle
   (package
     (name "python-termstyle")
@@ -12565,27 +12146,6 @@ console.")
 (define-public python2-qrcode
   (package-with-python2 python-qrcode))
 
-;; SlowAES isn't compatible with Python 3.
-(define-public python2-slowaes
-  (package
-    (name "python2-slowaes")
-    (version "0.1a1")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "slowaes" version))
-       (sha256
-        (base32
-         "02dzajm83a7lqgxf6r3hgj64wfmcxz8gs4nvgxpvj5n19kjqlrc3"))))
-    (build-system python-build-system)
-    (arguments `(#:python ,python-2))
-    (home-page "http://code.google.com/p/slowaes/")
-    (synopsis "Implementation of AES in Python")
-    (description "This package contains an implementation of AES in Python.
-This implementation is slow (hence the project name) but still useful when
-faster ones are not available.")
-    (license license:asl2.0)))
-
 (define-public python-rst2ansi
   (package
     (name "python-rst2ansi")
@@ -14616,28 +14176,6 @@ version of @code{SocksiPy} with bug fixes and extra features.")
 (define-public python2-pysocks
   (package-with-python2 python-pysocks))
 
-(define-public python-pyaes
-  (package
-    (name "python-pyaes")
-    (version "1.6.0")
-    (source
-     (origin
-       (method url-fetch)
-       (uri (pypi-uri "pyaes" version))
-       (sha256
-        (base32
-         "0bp9bjqy1n6ij1zb86wz9lqa1dhla8qr1d7w2kxyn7jbj56sbmcw"))))
-    (build-system python-build-system)
-    (home-page "https://github.com/ricmoo/pyaes")
-    (synopsis "Implementation of AES in Python")
-    (description "This package contains a pure-Python implementation of the
-AES block cipher algorithm and the common modes of operation (CBC, CFB, CTR,
-ECB and OFB).")
-    (license license:expat)))
-
-(define-public python2-pyaes
-  (package-with-python2 python-pyaes))
-
 (define-public python-pydiff
   (package
     (name "python-pydiff")
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 34de680a7d..427b5dfab9 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -52,6 +52,7 @@
   #:use-module (gnu packages perl)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages python-web)
   #:use-module (gnu packages texinfo)
   #:use-module (gnu packages base)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 8435a463b4..81f4e5d103 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -67,6 +67,7 @@
   #:use-module (gnu packages perl-check)
   #:use-module (gnu packages pkg-config)
   #:use-module (gnu packages python)
+  #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages qt)
   #:use-module (gnu packages spice)
   #:use-module (gnu packages video)