commit 8de7d7073223f15b2a7a47b35105d5ac34f46248 · pyrox.dev/nixpkgs

+31 -22

pkgs/development/libraries/botan/default.nix

···

       2
       2
        
         lib,

     

       3
       3
        
         stdenv,

     

       4
       4
        
         fetchurl,

     

       5
       5
       +
         pkgsStatic,

     

       5
       6
        
         python3,

     

       6
       7
        
         docutils,

     

       7
       8
        
         bzip2,

     
···

       13
       14
        
         static ? stdenv.hostPlatform.isStatic, # generates static libraries *only*

     

       14
       15
        
       

     

       15
       16
        
         # build ESDM RNG plugin

     

       16
       16
       -
         with_esdm ? false,

     

       17
       17
       +
         withEsdm ? false,

     

       17
       18
        
         # useful, but have to disable tests for now, as /dev/tpmrm0 is not accessible

     

       18
       18
       -
         with_tpm2 ? false,

     

       19
       19
       -
         # only allow BSI approved algorithms, FFI and SHAKE for XMSS

     

       20
       20
       -
         with_bsi_policy ? false,

     

       21
       21
       -
         # only allow NIST approved algorithms

     

       22
       22
       -
         with_fips140_policy ? false,

     

       19
       19
       +
         withTpm2 ? false,

     

       20
       20
       +
         policy ? null,

     

       23
       21
        
       }:

     

       24
       22
        
       

     

       25
       25
       -
       assert (!with_bsi_policy && !with_fips140_policy) || (with_bsi_policy != with_fips140_policy);

     

       23
       23
       +
       assert lib.assertOneOf "policy" policy [

     

       24
       24
       +
         # no explicit policy is given. The defaults by the library are used

     

       25
       25
       +
         null

     

       26
       26
       +
         # only allow BSI approved algorithms, FFI and SHAKE for XMSS

     

       27
       27
       +
         "bsi"

     

       28
       28
       +
         # only allow NIST approved algorithms in FIPS 140

     

       29
       29
       +
         "fips140"

     

       30
       30
       +
         # only allow "modern" algorithms

     

       31
       31
       +
         "modern"

     

       32
       32
       +
       ];

     

       26
       33
        
       

     

       27
       34
        
       let

     

       28
       35
        
         common =

     
···

       64
       71
        
                 bzip2

     

       65
       72
        
                 zlib

     

       66
       73
        
               ]

     

       67
       67
       -
               ++ lib.optionals (stdenv.hostPlatform.isLinux && with_tpm2) [

     

       74
       74
       +
               ++ lib.optionals (stdenv.hostPlatform.isLinux && withTpm2) [

     

       68
       75
        
                 tpm2-tss

     

       69
       76
        
               ]

     

       70
       77
        
               ++ lib.optionals (lib.versionAtLeast version "3.6.0") [

     

       71
       78
        
                 jitterentropy

     

       72
       79
        
               ]

     

       73
       73
       -
               ++ lib.optionals (lib.versionAtLeast version "3.7.0" && with_esdm) [

     

       80
       80
       +
               ++ lib.optionals (lib.versionAtLeast version "3.7.0" && withEsdm) [

     

       74
       81
        
                 esdm

     

       75
       82
        
               ];

     

       76
       83
        
       

     

       77
       84
        
             buildTargets =

     

       78
       78
       -
               lib.optionals finalAttrs.finalPackage.doCheck [ "tests" ]

     

       85
       85
       +
               [ "cli" ]

     

       86
       86
       +
               ++ lib.optionals finalAttrs.finalPackage.doCheck [ "tests" ]

     

       79
       87
        
               ++ lib.optionals static [ "static" ]

     

       80
       80
       -
               ++ lib.optionals (!static) [

     

       81
       81
       -
                 "cli"

     

       82
       82
       -
                 "shared"

     

       83
       83
       -
               ];

     

       88
       88
       +
               ++ lib.optionals (!static) [ "shared" ];

     

       84
       89
        
       

     

       85
       90
        
             botanConfigureFlags =

     

       86
       91
        
               [

     
···

       98
       103
        
               ++ lib.optionals stdenv.cc.isClang [

     

       99
       104
        
                 "--cc=clang"

     

       100
       105
        
               ]

     

       101
       101
       -
               ++ lib.optionals (stdenv.hostPlatform.isLinux && with_tpm2) [

     

       106
       106
       +
               ++ lib.optionals (stdenv.hostPlatform.isLinux && withTpm2) [

     

       102
       107
        
                 "--with-tpm2"

     

       103
       108
        
               ]

     

       104
       109
        
               ++ lib.optionals (lib.versionAtLeast version "3.6.0") [

     

       105
       110
        
                 "--enable-modules=jitter_rng"

     

       106
       111
        
               ]

     

       107
       107
       -
               ++ lib.optionals (lib.versionAtLeast version "3.7.0" && with_esdm) [

     

       112
       112
       +
               ++ lib.optionals (lib.versionAtLeast version "3.7.0" && withEsdm) [

     

       108
       113
        
                 "--enable-modules=esdm_rng"

     

       109
       114
        
               ]

     

       110
       110
       -
               ++ lib.optionals (lib.versionAtLeast version "3.8.0" && with_bsi_policy) [

     

       111
       111
       -
                 "--module-policy=bsi"

     

       115
       115
       +
               ++ lib.optionals (lib.versionAtLeast version "3.8.0" && policy != null) [

     

       116
       116
       +
                 "--module-policy=${policy}"

     

       117
       117
       +
               ]

     

       118
       118
       +
               ++ lib.optionals (lib.versionAtLeast version "3.8.0" && policy == "bsi") [

     

       112
       119
        
                 "--enable-module=ffi"

     

       113
       120
        
                 "--enable-module=shake"

     

       114
       114
       -
               ]

     

       115
       115
       -
               ++ lib.optionals (lib.versionAtLeast version "3.8.0" && with_fips140_policy) [

     

       116
       116
       -
                 "--module-policy=fips140"

     

       117
       121
        
               ];

     

       118
       122
        
       

     

       119
       123
        
             configurePhase = ''

     
···

       133
       137
        
               ln -s botan-*.pc botan.pc || true

     

       134
       138
        
             '';

     

       135
       139
        
       

     

       136
       136
       -
             doCheck = !static;

     

       140
       140
       +
             doCheck = true;

     

       141
       141
       +
       

     

       142
       142
       +
             passthru.tests = lib.optionalAttrs (lib.versionAtLeast version "3") {

     

       143
       143
       +
               static = pkgsStatic.botan3;

     

       144
       144
       +
             };

     

       137
       145
        
       

     

       138
       146
        
             meta = with lib; {

     

       139
       147
        
               description = "Cryptographic algorithms library";

     
···

       142
       150
        
               maintainers = with maintainers; [

     

       143
       151
        
                 raskin

     

       144
       152
        
                 thillux

     

       153
       153
       +
                 nikstur

     

       145
       154
        
               ];

     

       146
       155
        
               platforms = platforms.unix;

     

       147
       156
        
               license = licenses.bsd2;

+5 -1

pkgs/top-level/all-packages.nix

···

       7839
       7839
        
       

     

       7840
       7840
        
         boost = boost187;

     

       7841
       7841
        
       

     

       7842
       7842
       -
         inherit (callPackages ../development/libraries/botan { })

     

       7842
       7842
       +
         inherit

     

       7843
       7843
       +
           (callPackages ../development/libraries/botan {

     

       7844
       7844
       +
             # botan3 only sensibly works with libcxxStdenv when building static binaries

     

       7845
       7845
       +
             stdenv = if stdenv.hostPlatform.isStatic then buildPackages.libcxxStdenv else stdenv;

     

       7846
       7846
       +
           })

     

       7843
       7847
        
           botan2

     

       7844
       7848
        
           botan3

     

       7845
       7849
        
           ;