pkgs/development/python-modules/tpm2-pytss/default.nix at 24.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / tpm2-pytss / default.nix
at 24.11-pre 2.6 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  fetchurl,
  5  substituteAll,
  6  buildPythonPackage,
  7  fetchPypi,
  8  pythonOlder,
  9  asn1crypto,
 10  cffi,
 11  cryptography,
 12  pkgconfig, # see nativeBuildInputs
 13  pkg-config, # see nativeBuildInputs
 14  pycparser,
 15  pytestCheckHook,
 16  python,
 17  pyyaml,
 18  setuptools-scm,
 19  tpm2-tss,
 20  tpm2-tools,
 21  swtpm,
 22}:
 23
 24let
 25  isCross = (stdenv.buildPlatform != stdenv.hostPlatform);
 26in
 27buildPythonPackage rec {
 28  pname = "tpm2-pytss";
 29  version = "2.2.1";
 30  format = "setuptools";
 31
 32  disabled = pythonOlder "3.7";
 33
 34  src = fetchPypi {
 35    inherit pname version;
 36    hash = "sha256-uPFUc0IvN39ZxyF9zRR5FlzOYt+jOTTsl2oni68unv4=";
 37  };
 38
 39  patches =
 40    [
 41      # Fix hardcoded `fapi-config.json` configuration path
 42      ./fapi-config.patch
 43      (fetchurl {
 44        url = "https://github.com/tpm2-software/tpm2-pytss/pull/571/commits/b02fdc8e259fe977c1065389c042be69e2985bdf.patch";
 45        hash = "sha256-+jZFv+s9p52JxtUcNeJx7ayzKDVtPoQSSGgyZqPDuEc=";
 46      })
 47    ]
 48    ++ lib.optionals isCross [
 49      # pytss will regenerate files from headers of tpm2-tss.
 50      # Those headers are fed through a compiler via pycparser. pycparser expects `cpp`
 51      # to be in the path.
 52      # This is put in the path via stdenv when not cross-compiling, but this is absent
 53      # when cross-compiling is turned on.
 54      # This patch changes the call to pycparser.preprocess_file to provide the name
 55      # of the cross-compiling cpp
 56      (substituteAll {
 57        src = ./cross.patch;
 58        crossPrefix = stdenv.hostPlatform.config;
 59      })
 60    ];
 61
 62  postPatch = ''
 63    sed -i "s#@TPM2_TSS@#${tpm2-tss.out}#" src/tpm2_pytss/FAPI.py
 64  '';
 65
 66  # Hardening has to be disabled
 67  # due to pycparsing handling it poorly.
 68  # See https://github.com/NixOS/nixpkgs/issues/252023
 69  # for more details.
 70  hardeningDisable = [ "fortify" ];
 71
 72  nativeBuildInputs = [
 73    cffi
 74    pkgconfig # this is the Python module
 75    pkg-config # this is the actual pkg-config tool
 76    setuptools-scm
 77  ];
 78
 79  buildInputs = [ tpm2-tss ];
 80
 81  propagatedBuildInputs = [
 82    cffi
 83    asn1crypto
 84    cryptography
 85    pyyaml
 86  ];
 87
 88  doCheck = true;
 89
 90  nativeCheckInputs = [
 91    pytestCheckHook
 92    tpm2-tools
 93    swtpm
 94  ];
 95
 96  pythonImportsCheck = [ "tpm2_pytss" ];
 97
 98  meta = with lib; {
 99    homepage = "https://github.com/tpm2-software/tpm2-pytss";
100    changelog = "https://github.com/tpm2-software/tpm2-pytss/blob/${version}/CHANGELOG.md";
101    description = "TPM2 TSS Python bindings for Enhanced System API (ESYS)";
102    license = licenses.bsd2;
103    maintainers = with maintainers; [ baloo ];
104  };
105}