gnu: Move Python packages from crypto to python-crypto.

* gnu/packages/crypto.scm (python-asn1crypto, python2-asn1crypto)
(python-pynacl, python2-roca-detect): Move to python-crypto.scm.
* gnu/packages/gnupg.scm (python2-pgpdump): Move to python-crypto.scm.
* gnu/packages/python-crypto.scm (python-asn1crypto, python2-asn1crypto)
(python-pynacl, python2-pgpdump, python2-roca-detect): New variables.

1 files changed, 129 insertions, 1 deletions

diff --git a/gnu/packages/python-crypto.scm b/gnu/packages/python-crypto.scm
index 8e4616b188..158384c1d7 100644
--- a/gnu/packages/python-crypto.scm
+++ b/gnu/packages/python-crypto.scm
@@ -37,7 +37,7 @@
   #:use-module (guix git-download)
   #:use-module (guix build-system python)
   #:use-module (gnu packages)
-  #:use-module (gnu packages crypto)              ;XXX: Move python-* here?
+  #:use-module (gnu packages crypto)
   #:use-module (gnu packages libffi)
   #:use-module (gnu packages multiprecision)
   #:use-module (gnu packages protobuf)
@@ -505,3 +505,131 @@ ECB and OFB).")
 
 (define-public python2-pyaes
   (package-with-python2 python-pyaes))
+
+(define-public python-asn1crypto
+  (package
+    (name "python-asn1crypto")
+    (version "0.22.0")
+    (source
+      (origin
+        (method url-fetch)
+        (uri (string-append "https://github.com/wbond/asn1crypto/archive/"
+                            version ".tar.gz"))
+        (sha256
+         (base32
+          "1kn910896l3knmilla1c9ly20q181s43w1ah08lzkbm1h3j6pcz0"))))
+    (build-system python-build-system)
+    (home-page "https://github.com/wbond/asn1crypto")
+    (synopsis "ASN.1 parser and serializer in Python")
+    (description "asn1crypto is an ASN.1 parser and serializer with definitions
+for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7,
+PKCS#8, PKCS#12, PKCS#5, X.509 and TSP.")
+    (license license:expat)))
+
+(define-public python2-asn1crypto
+  (package-with-python2 python-asn1crypto))
+
+(define-public python-pynacl
+  (package
+    (name "python-pynacl")
+    (version "1.1.2")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "PyNaCl" version))
+       (modules '((guix build utils)))
+       ;; Remove bundled libsodium
+       (snippet '(delete-file-recursively "src/libsodium"))
+       (sha256
+        (base32
+         "135gz0020fqx8fbr9izpwyq49aww202nkqacq0cw61xz99sjpx9j"))))
+    (build-system python-build-system)
+    (arguments
+     `(#:phases
+       (modify-phases %standard-phases
+         (add-before 'build 'use-system-sodium
+           (lambda _
+             (setenv "SODIUM_INSTALL" "system")
+             #t)))))
+    (native-inputs
+     `(("python-pytest" ,python-pytest)))
+    (propagated-inputs
+     `(("python-cffi" ,python-cffi)
+       ("python-six" ,python-six)
+       ("libsodium" ,libsodium)))
+    (home-page "https://github.com/pyca/pynacl/")
+    (synopsis "Python bindings to libsodium")
+    (description
+     "PyNaCl is a Python binding to libsodium, which is a fork of the
+Networking and Cryptography library.  These libraries have a stated goal
+of improving usability, security and speed.")
+    (license license:asl2.0)))
+
+(define-public python2-pgpdump
+  (package
+    (name "python2-pgpdump")
+    (version "1.5")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "pgpdump" version))
+       (sha256
+        (base32
+         "0s4nh8h7qsdj2yf29bspjs1zvxd4lcd11r6g11dp7fppgf2h0iqw"))))
+    (build-system python-build-system)
+
+    ;; Currently fails to build with Python 3.
+    (arguments `(#:python ,python-2))
+
+    (home-page "https://github.com/toofishes/python-pgpdump")
+    (synopsis "Python library for parsing PGP packets")
+    (description
+     "Python-pgpdump is an OpenPGP packet parser based on
+@uref{http://www.mew.org/~kazu/proj/pgpdump/, pgpdump}.  It notably supports:
+
+@itemize
+@item signature packets;
+@item public key packets;
+@item secret key packets;
+@item trust, user ID, and user attribute packets;
+@item ASCII-armor decoding and CRC check.
+@end itemize\n")
+    (license license:bsd-3)))
+
+(define-public python2-roca-detect
+  (package
+    (name "python2-roca-detect")
+    (version "1.0.8")
+    (source
+     (origin
+       (method url-fetch)
+       (uri (pypi-uri "roca-detect" version))
+       (sha256
+        (base32
+         "1di4akyw2lf5r8zfwvyhkilz8jv8g4b66rgaqwfabmjwma6gnw27"))))
+    (build-system python-build-system)
+    (native-inputs
+     ;; TODO: apk_parse_ph4, pyjks
+     `(("python2-dateutil" ,python2-dateutil)
+       ("python2-six" ,python2-six)
+       ("python2-cryptography" ,python2-cryptography)
+       ("python2-future" ,python2-future)
+       ("python2-coloredlogs" ,python2-coloredlogs)
+       ("python2-pgpdump" ,python2-pgpdump)))
+    (arguments
+     `(;; Basic testing routine is quite simple and works with Py3
+       ;; but the rest of the code that processes the different
+       ;; key formats and extracts the modulus for inspection is
+       ;; not yet fully py3 ready.
+       #:python ,python-2))
+    (home-page "https://github.com/crocs-muni/roca")
+    (synopsis "ROCA detection tool")
+    (description
+     "This tool is related to the paper entitled @i{Return of the
+Coppersmith’s Attack: Practical Factorization of Widely Used RSA Moduli}.  It
+enables you to test public RSA keys for a presence of the described
+vulnerability.  Currently the tool supports the following key formats: X.509
+Certificate (DER encoded, PEM encoded), RSA PEM (encoded private key, public
+key), SSH public key, ASC-encoded OpenPGP key, APK Android application, LDIFF
+file, and more.")
+    (license license:gpl3)))