diff --git a/pkgs/development/python-modules/pyhanko-certvalidator/default.nix b/pkgs/development/python-modules/pyhanko-certvalidator/default.nix new file mode 100644 index 000000000000..4675e48a5646 --- /dev/null +++ b/pkgs/development/python-modules/pyhanko-certvalidator/default.nix @@ -0,0 +1,73 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pythonOlder +, aiohttp +, asn1crypto +, cryptography +, oscrypto +, requests +, uritools +, openssl +, pytestCheckHook +}: + +buildPythonPackage rec { + pname = "pyhanko-certvalidator"; + version = "0.19.5"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; + + # Tests are only available on GitHub + src = fetchFromGitHub { + owner = "MatthiasValvekens"; + repo = "certvalidator"; + rev = version; + sha256 = "sha256-UxlBggKgqvbKioG98UaKvhW0YgEa6PqV913nqYvTx1I="; + }; + + propagatedBuildInputs = [ + asn1crypto + cryptography + oscrypto + requests + uritools + ]; + + checkInputs = [ + aiohttp + pytestCheckHook + ]; + + disabledTestPaths = [ + # Test looks for libcrypto.so.1.1 + "dev/stress_test.py" + # Requests + "tests/test_crl_client.py" + ]; + + disabledTests = [ + # Look for nonexisting certificates + "test_basic_certificate_validator_tls" + # Failed to fetch OCSP response from http://ocsp.digicert.com + "test_fetch_ocsp_aiohttp" + "test_fetch_ocsp_requests" + "test_fetch_ocsp_err_requests" + # Unable to build a validation path for the certificate "%s" - no issuer matching "%s" was found + "test_revocation_mode_hard_aiohttp_autofetch" + # The path could not be validated because no revocation information could be found for intermediate certificate 1 + "test_revocation_mode_hard" + ]; + + pythonImportsCheck = [ + "pyhanko_certvalidator" + ]; + + meta = with lib; { + description = "Python library for validating X.509 certificates and paths"; + homepage = "https://github.com/MatthiasValvekens/certvalidator"; + license = licenses.mit; + maintainers = with maintainers; [ wolfangaukang ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 49b0d981d7d9..a6524cd8e64c 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -7159,6 +7159,8 @@ in { pyhamcrest = callPackage ../development/python-modules/pyhamcrest { }; + pyhanko-certvalidator = callPackage ../development/python-modules/pyhanko-certvalidator { }; + pyhaversion = callPackage ../development/python-modules/pyhaversion { }; pyhcl = callPackage ../development/python-modules/pyhcl { };