tjh.dev
1{
2 lib,
3 fetchFromGitHub,
4 gcc,
5 go,
6 makeWrapper,
7 nix-update-script,
8 openssl,
9 pcsclite,
10 pkg-config,
11 podman,
12 rustPlatform,
13 rustc,
14 sequoia-sq,
15 shared-mime-info,
16 versionCheckHook,
17 xz, # for liblzma
18 zstd,
19}:
20
21rustPlatform.buildRustPackage (finalAttrs: {
22 pname = "sh4d0wup";
23 version = "0.11.0";
24
25 src = fetchFromGitHub {
26 owner = "kpcyrd";
27 repo = "sh4d0wup";
28 tag = "v${finalAttrs.version}";
29 hash = "sha256-gzkh+JYwuYvdNljB6agEVd7WxqJ5lI3sseY3BlkLmXs=";
30 };
31
32 cargoHash = "sha256-FjRlKlOX78QClzhhFhkZuaOLA6XpFziSghJltlRPt20=";
33
34 nativeBuildInputs = [
35 makeWrapper
36 pkg-config
37 ];
38 buildInputs = [
39 openssl
40 pcsclite
41 xz
42 zstd
43 ];
44 postInstall = ''
45 wrapProgram $out/bin/sh4d0wup \
46 --prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
47 '';
48
49 checkInputs = [ sequoia-sq ];
50 preCheck = ''
51 export XDG_DATA_DIRS=$XDG_DATA_DIRS:${shared-mime-info}/share
52 '';
53
54 doInstallCheck = true;
55 nativeInstallCheckInputs = [ versionCheckHook ];
56 passthru.updateScript = nix-update-script { };
57
58 env = {
59 OPENSSL_NO_VENDOR = 1;
60 SH4D0WUP_GCC_BINARY = lib.getExe gcc;
61 SH4D0WUP_GO_BINARY = lib.getExe go;
62 SH4D0WUP_PODMAN_BINARY = lib.getExe podman;
63 SH4D0WUP_RUSTC_BINARY = lib.getExe' rustc "rustc";
64 SH4D0WUP_SQ_BINARY = lib.getExe sequoia-sq;
65 };
66
67 meta = {
68 description = "Signing-key abuse and update exploitation framework";
69 homepage = "https://github.com/kpcyrd/sh4d0wup";
70 changelog = "https://github.com/kpcyrd/sh4d0wup/releases/tag/v${finalAttrs.version}";
71 mainProgram = "sh4d0wup";
72 license = with lib.licenses; [ gpl3Plus ];
73 maintainers = with lib.maintainers; [ kpcyrd ];
74 platforms = lib.platforms.all;
75 };
76})