pkgs/development/python-modules/tpm2-pytss/default.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / pkgs / development / python-modules / tpm2-pytss / default.nix
at master 2.8 kB view raw
  1{
  2  lib,
  3  stdenv,
  4  replaceVars,
  5  buildPythonPackage,
  6  fetchPypi,
  7  fetchpatch,
  8  pythonOlder,
  9  asn1crypto,
 10  cffi,
 11  cryptography,
 12  pkgconfig, # see nativeBuildInputs
 13  pkg-config, # see nativeBuildInputs
 14  pytestCheckHook,
 15  pyyaml,
 16  setuptools-scm,
 17  tpm2-tss,
 18  tpm2-tools,
 19  swtpm,
 20}:
 21
 22let
 23  isCross = (stdenv.buildPlatform != stdenv.hostPlatform);
 24in
 25buildPythonPackage rec {
 26  pname = "tpm2-pytss";
 27  version = "2.3.0";
 28  format = "setuptools";
 29
 30  disabled = pythonOlder "3.7";
 31
 32  src = fetchPypi {
 33    inherit pname version;
 34    hash = "sha256-IAcRKTeWVvXzw7wW02RhJnKxR9gRkftOufn/n77khBA=";
 35  };
 36
 37  patches = [
 38    # Fix hardcoded `fapi-config.json` configuration path
 39    ./fapi-config.patch
 40    # libtpms (underneath swtpm) bumped the TPM revision
 41    # https://github.com/tpm2-software/tpm2-pytss/pull/593
 42    (fetchpatch {
 43      url = "https://github.com/tpm2-software/tpm2-pytss/pull/593.patch";
 44      hash = "sha256-CNJnSIvUQ0Yvy0o7GdVfFZ7kHJd2hBt5Zv1lqgOeoks=";
 45    })
 46    # support cryptography >= 45.0.0
 47    # https://github.com/tpm2-software/tpm2-pytss/pull/643
 48    (fetchpatch {
 49      url = "https://github.com/tpm2-software/tpm2-pytss/commit/6ab4c74e6fb3da7cd38e97c1f8e92532312f8439.patch";
 50      hash = "sha256-01Qe4qpD2IINc5Z120iVdPitiLBwdr8KNBjLFnGgE7E=";
 51    })
 52  ]
 53  ++ lib.optionals isCross [
 54    # pytss will regenerate files from headers of tpm2-tss.
 55    # Those headers are fed through a compiler via pycparser. pycparser expects `cpp`
 56    # to be in the path.
 57    # This is put in the path via stdenv when not cross-compiling, but this is absent
 58    # when cross-compiling is turned on.
 59    # This patch changes the call to pycparser.preprocess_file to provide the name
 60    # of the cross-compiling cpp
 61    (replaceVars ./cross.patch {
 62      crossPrefix = stdenv.hostPlatform.config;
 63    })
 64  ];
 65
 66  postPatch = ''
 67    sed -i "s#@TPM2_TSS@#${tpm2-tss.out}#" src/tpm2_pytss/FAPI.py
 68  '';
 69
 70  # Hardening has to be disabled
 71  # due to pycparsing handling it poorly.
 72  # See https://github.com/NixOS/nixpkgs/issues/252023
 73  # for more details.
 74  hardeningDisable = [ "fortify" ];
 75
 76  nativeBuildInputs = [
 77    cffi
 78    pkgconfig # this is the Python module
 79    pkg-config # this is the actual pkg-config tool
 80    setuptools-scm
 81  ];
 82
 83  buildInputs = [ tpm2-tss ];
 84
 85  propagatedBuildInputs = [
 86    cffi
 87    asn1crypto
 88    cryptography
 89    pyyaml
 90  ];
 91
 92  nativeCheckInputs = [
 93    pytestCheckHook
 94    tpm2-tools
 95    swtpm
 96  ];
 97
 98  pythonImportsCheck = [ "tpm2_pytss" ];
 99
100  meta = with lib; {
101    homepage = "https://github.com/tpm2-software/tpm2-pytss";
102    changelog = "https://github.com/tpm2-software/tpm2-pytss/blob/${version}/CHANGELOG.md";
103    description = "TPM2 TSS Python bindings for Enhanced System API (ESYS)";
104    license = licenses.bsd2;
105    maintainers = with maintainers; [ baloo ];
106  };
107}