pkgs/development/python-modules/tpm2-pytss/default.nix at 25.11-pre · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / tpm2-pytss / default.nix
at 25.11-pre 2.6 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  replaceVars,
  5  buildPythonPackage,
  6  fetchPypi,
  7  fetchpatch,
  8  pythonOlder,
  9  asn1crypto,
 10  cffi,
 11  cryptography,
 12  pkgconfig, # see nativeBuildInputs
 13  pkg-config, # see nativeBuildInputs
 14  pytestCheckHook,
 15  pyyaml,
 16  setuptools-scm,
 17  tpm2-tss,
 18  tpm2-tools,
 19  swtpm,
 20}:
 21
 22let
 23  isCross = (stdenv.buildPlatform != stdenv.hostPlatform);
 24in
 25buildPythonPackage rec {
 26  pname = "tpm2-pytss";
 27  version = "2.3.0";
 28  format = "setuptools";
 29
 30  disabled = pythonOlder "3.7";
 31
 32  src = fetchPypi {
 33    inherit pname version;
 34    hash = "sha256-IAcRKTeWVvXzw7wW02RhJnKxR9gRkftOufn/n77khBA=";
 35  };
 36
 37  patches =
 38    [
 39      # Fix hardcoded `fapi-config.json` configuration path
 40      ./fapi-config.patch
 41      # libtpms (underneath swtpm) bumped the TPM revision
 42      # https://github.com/tpm2-software/tpm2-pytss/pull/593
 43      (fetchpatch {
 44        url = "https://github.com/tpm2-software/tpm2-pytss/pull/593.patch";
 45        hash = "sha256-CNJnSIvUQ0Yvy0o7GdVfFZ7kHJd2hBt5Zv1lqgOeoks=";
 46      })
 47    ]
 48    ++ lib.optionals isCross [
 49      # pytss will regenerate files from headers of tpm2-tss.
 50      # Those headers are fed through a compiler via pycparser. pycparser expects `cpp`
 51      # to be in the path.
 52      # This is put in the path via stdenv when not cross-compiling, but this is absent
 53      # when cross-compiling is turned on.
 54      # This patch changes the call to pycparser.preprocess_file to provide the name
 55      # of the cross-compiling cpp
 56      (replaceVars ./cross.patch {
 57        crossPrefix = stdenv.hostPlatform.config;
 58      })
 59    ];
 60
 61  postPatch = ''
 62    sed -i "s#@TPM2_TSS@#${tpm2-tss.out}#" src/tpm2_pytss/FAPI.py
 63  '';
 64
 65  # Hardening has to be disabled
 66  # due to pycparsing handling it poorly.
 67  # See https://github.com/NixOS/nixpkgs/issues/252023
 68  # for more details.
 69  hardeningDisable = [ "fortify" ];
 70
 71  nativeBuildInputs = [
 72    cffi
 73    pkgconfig # this is the Python module
 74    pkg-config # this is the actual pkg-config tool
 75    setuptools-scm
 76  ];
 77
 78  buildInputs = [ tpm2-tss ];
 79
 80  propagatedBuildInputs = [
 81    cffi
 82    asn1crypto
 83    cryptography
 84    pyyaml
 85  ];
 86
 87  nativeCheckInputs = [
 88    pytestCheckHook
 89    tpm2-tools
 90    swtpm
 91  ];
 92
 93  pythonImportsCheck = [ "tpm2_pytss" ];
 94
 95  meta = with lib; {
 96    homepage = "https://github.com/tpm2-software/tpm2-pytss";
 97    changelog = "https://github.com/tpm2-software/tpm2-pytss/blob/${version}/CHANGELOG.md";
 98    description = "TPM2 TSS Python bindings for Enhanced System API (ESYS)";
 99    license = licenses.bsd2;
100    maintainers = with maintainers; [ baloo ];
101  };
102}