nixpkgs/pkgs/misc/tpm2-pkcs11/default.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

87 lines
2.4 KiB
Nix
Raw Normal View History

2019-10-27 16:06:10 +00:00
{ stdenv, lib, fetchFromGitHub, substituteAll
2021-01-17 02:30:45 +00:00
, pkg-config, autoreconfHook, autoconf-archive, makeWrapper, patchelf
2022-04-21 17:03:15 +00:00
, tpm2-tss, tpm2-tools, opensc, openssl, sqlite, python3, glibc, libyaml
2019-10-27 16:06:10 +00:00
, abrmdSupport ? true, tpm2-abrmd ? null
, fapiSupport ? true
2019-10-27 16:06:10 +00:00
}:
stdenv.mkDerivation rec {
pname = "tpm2-pkcs11";
2023-11-10 01:30:46 +00:00
version = "1.9.0";
2019-10-27 16:06:10 +00:00
src = fetchFromGitHub {
owner = "tpm2-software";
repo = pname;
rev = version;
2023-11-10 01:30:46 +00:00
sha256 = "sha256-SoHtgZRIYNJg4/w1MIocZAM26mkrM+UOQ+RKCh6nwCk=";
2019-10-27 16:06:10 +00:00
};
patches = [
./version.patch
./graceful-fapi-fail.patch
];
2019-10-27 16:06:10 +00:00
# The preConfigure phase doesn't seem to be working here
# ./bootstrap MUST be executed as the first step, before all
# of the autoreconfHook stuff
postPatch = ''
2023-11-10 01:30:46 +00:00
echo ${version} > VERSION
2019-10-27 16:06:10 +00:00
./bootstrap
'';
configureFlags = lib.optionals (!fapiSupport) [
# Note: this will be renamed to with-fapi in next release.
"--enable-fapi=no"
];
2019-10-27 16:06:10 +00:00
nativeBuildInputs = [
2021-01-17 02:30:45 +00:00
pkg-config autoreconfHook autoconf-archive makeWrapper patchelf
2019-10-27 16:06:10 +00:00
];
buildInputs = [
tpm2-tss tpm2-tools opensc openssl sqlite libyaml
2022-08-02 15:32:41 +00:00
(python3.withPackages (ps: with ps; [ packaging pyyaml cryptography pyasn1-modules tpm2-pytss ]))
2019-10-27 16:06:10 +00:00
];
outputs = [ "out" "bin" "dev" ];
dontStrip = true;
dontPatchELF = true;
# To be able to use the userspace resource manager, the RUNPATH must
# explicitly include the tpm2-abrmd shared libraries.
preFixup = let
rpath = lib.makeLibraryPath (
(lib.optional abrmdSupport tpm2-abrmd)
++ [
tpm2-tss
sqlite
openssl
glibc
libyaml
]
);
in ''
patchelf \
--set-rpath ${rpath} \
${lib.optionalString abrmdSupport "--add-needed ${lib.makeLibraryPath [tpm2-abrmd]}/libtss2-tcti-tabrmd.so"} \
--add-needed ${lib.makeLibraryPath [tpm2-tss]}/libtss2-tcti-device.so \
$out/lib/libtpm2_pkcs11.so.0.0.0
'';
postInstall = ''
mkdir -p $bin/bin/ $bin/share/tpm2_pkcs11/
mv ./tools/* $bin/share/tpm2_pkcs11/
makeWrapper $bin/share/tpm2_pkcs11/tpm2_ptool.py $bin/bin/tpm2_ptool \
--prefix PATH : ${lib.makeBinPath [ tpm2-tools ]}
'';
meta = with lib; {
description = "A PKCS#11 interface for TPM2 hardware";
2020-03-10 12:27:03 +00:00
homepage = "https://github.com/tpm2-software/tpm2-pkcs11";
2019-10-27 16:06:10 +00:00
license = licenses.bsd2;
platforms = platforms.linux;
maintainers = with maintainers; [ matthiasbeyer ];
2023-11-23 21:09:35 +00:00
mainProgram = "tpm2_ptool";
2019-10-27 16:06:10 +00:00
};
}