pkgs/development/libraries/botan/default.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / libraries / botan / default.nix
at master 176 lines 4.4 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  fetchurl,
  5  pkgsStatic,
  6  python3,
  7  docutils,
  8  bzip2,
  9  zlib,
 10  jitterentropy,
 11  darwin,
 12  esdm,
 13  tpm2-tss,
 14  static ? stdenv.hostPlatform.isStatic, # generates static libraries *only*
 15  windows,
 16
 17  # build ESDM RNG plugin
 18  withEsdm ? false,
 19  # useful, but have to disable tests for now, as /dev/tpmrm0 is not accessible
 20  withTpm2 ? false,
 21  policy ? null,
 22}:
 23
 24assert lib.assertOneOf "policy" policy [
 25  # no explicit policy is given. The defaults by the library are used
 26  null
 27  # only allow BSI approved algorithms, FFI and SHAKE for XMSS
 28  "bsi"
 29  # only allow NIST approved algorithms in FIPS 140
 30  "fips140"
 31  # only allow "modern" algorithms
 32  "modern"
 33];
 34
 35let
 36  common =
 37    {
 38      version,
 39      hash,
 40      patches ? [ ],
 41    }:
 42    stdenv.mkDerivation (finalAttrs: {
 43      pname = "botan";
 44      inherit version;
 45
 46      __structuredAttrs = true;
 47      enableParallelBuilding = true;
 48      strictDeps = true;
 49
 50      outputs = [
 51        "bin"
 52        "out"
 53        "dev"
 54        "doc"
 55        "man"
 56      ];
 57
 58      src = fetchurl {
 59        url = "http://botan.randombit.net/releases/Botan-${finalAttrs.version}.tar.xz";
 60        inherit hash;
 61      };
 62
 63      inherit patches;
 64
 65      nativeBuildInputs = [
 66        python3
 67        docutils
 68      ];
 69
 70      buildInputs = [
 71        bzip2
 72        zlib
 73      ]
 74      ++ lib.optionals (stdenv.hostPlatform.isLinux && withTpm2) [
 75        tpm2-tss
 76      ]
 77      ++ lib.optionals (lib.versionAtLeast version "3.6.0" && !stdenv.hostPlatform.isMinGW) [
 78        jitterentropy
 79      ]
 80      ++ lib.optionals (lib.versionAtLeast version "3.7.0" && withEsdm && !stdenv.hostPlatform.isMinGW) [
 81        esdm
 82      ]
 83      ++ lib.optionals (stdenv.hostPlatform.isMinGW) [
 84        windows.pthreads
 85      ];
 86
 87      buildTargets = [
 88        "cli"
 89      ]
 90      ++ lib.optionals finalAttrs.finalPackage.doCheck [ "tests" ]
 91      ++ lib.optionals static [ "static" ]
 92      ++ lib.optionals (!static) [ "shared" ];
 93
 94      botanConfigureFlags = [
 95        "--prefix=${placeholder "out"}"
 96        "--bindir=${placeholder "bin"}/bin"
 97        "--docdir=${placeholder "doc"}/share/doc"
 98        "--mandir=${placeholder "man"}/share/man"
 99        "--no-install-python-module"
100        "--build-targets=${lib.concatStringsSep "," finalAttrs.buildTargets}"
101        "--with-bzip2"
102        "--with-zlib"
103        "--with-rst2man"
104        "--cpu=${stdenv.hostPlatform.parsed.cpu.name}"
105      ]
106      ++ lib.optionals stdenv.cc.isClang [
107        "--cc=clang"
108      ]
109      ++ lib.optionals (stdenv.hostPlatform.isLinux && withTpm2) [
110        "--with-tpm2"
111      ]
112      ++ lib.optionals (lib.versionAtLeast version "3.6.0" && !stdenv.hostPlatform.isMinGW) [
113        "--enable-modules=jitter_rng"
114      ]
115      ++ lib.optionals (lib.versionAtLeast version "3.7.0" && withEsdm && !stdenv.hostPlatform.isMinGW) [
116        "--enable-modules=esdm_rng"
117      ]
118      ++ lib.optionals (lib.versionAtLeast version "3.8.0" && policy != null) [
119        "--module-policy=${policy}"
120      ]
121      ++ lib.optionals (lib.versionAtLeast version "3.8.0" && policy == "bsi") [
122        "--enable-module=ffi"
123        "--enable-module=shake"
124      ]
125      ++ lib.optionals (stdenv.hostPlatform.isMinGW) [
126        "--os=mingw"
127      ];
128
129      configurePhase = ''
130        runHook preConfigure
131        python configure.py ''${botanConfigureFlags[@]}
132        runHook postConfigure
133      '';
134
135      preInstall = ''
136        if [ -d src/scripts ]; then
137          patchShebangs src/scripts
138        fi
139      '';
140
141      postInstall = ''
142        cd "$out"/lib/pkgconfig
143        ln -s botan-*.pc botan.pc || true
144      '';
145
146      doCheck = true;
147
148      passthru.tests = lib.optionalAttrs (lib.versionAtLeast version "3") {
149        static = pkgsStatic.botan3;
150      };
151
152      meta = with lib; {
153        description = "Cryptographic algorithms library";
154        homepage = "https://botan.randombit.net";
155        mainProgram = "botan";
156        maintainers = with maintainers; [
157          raskin
158          thillux
159          nikstur
160        ];
161        platforms = platforms.unix ++ lib.optionals (lib.versionAtLeast version "3.0") platforms.windows;
162        license = licenses.bsd2;
163      };
164    });
165in
166{
167  botan3 = common {
168    version = "3.9.0";
169    hash = "sha256-jD8oS1jd1C6OQ+n6hqcSnYfqfD93aoDT2mPsIHIrCIM=";
170  };
171
172  botan2 = common {
173    version = "2.19.5";
174    hash = "sha256-3+6g4KbybWckxK8B2pp7iEh62y2Bunxy/K9S21IsmtQ=";
175  };
176}