blob: 8950bd0d9b719986528bfcbb00bdb22e3f516453 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
{
lib,
buildPythonPackage,
fetchFromGitHub,
gitUpdater,
hypothesis,
openssl,
pytestCheckHook,
setuptools,
six,
}:
buildPythonPackage rec {
pname = "ecdsa";
version = "0.19.1";
pyproject = true;
src = fetchFromGitHub {
owner = "tlsfuzzer";
repo = "python-ecdsa";
tag = "python-ecdsa-${version}";
hash = "sha256-PjOjHQziQ9ohXH82Ocaowj/AtsXHMHDhatFPQNccyC8=";
};
build-system = [ setuptools ];
dependencies = [ six ];
pythonImportsCheck = [ "ecdsa" ];
nativeCheckInputs = [
hypothesis
openssl # Only needed for tests
pytestCheckHook
];
passthru.updateScript = gitUpdater {
rev-prefix = "python-ecdsa-";
};
meta = {
changelog = "https://github.com/tlsfuzzer/python-ecdsa/blob/${src.tag}/NEWS";
description = "ECDSA cryptographic signature library";
homepage = "https://github.com/warner/python-ecdsa";
license = lib.licenses.mit;
knownVulnerabilities = [
# "I don't want people to use this library in production environments.
# It's a teaching tool, it's a testing tool, it's absolutely not an
# production grade implementation."
# https://github.com/tlsfuzzer/python-ecdsa/issues/330
"CVE-2024-23342"
];
};
}
|
