nixpkgs/pkgs/tools/security/rng-tools/default.nix

66 lines
2 KiB
Nix
Raw Normal View History

{ stdenv, fetchFromGitHub, libtool, autoreconfHook, pkgconfig
2018-10-22 23:48:25 +02:00
, sysfsutils
, argp-standalone
2018-10-22 23:48:25 +02:00
# WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS
# https://www.nist.gov/programs-projects/nist-randomness-beacon
, curl ? null, libxml2 ? null, openssl ? null, withNistBeacon ? false
# Systems that support RDRAND but not AES-NI require libgcrypt to use RDRAND as an entropy source
, libgcrypt ? null, withGcrypt ? true
, jitterentropy ? null, withJitterEntropy ? true
, libp11 ? null, opensc ? null, withPkcs11 ? true
2018-10-22 23:48:25 +02:00
}:
2018-10-22 23:48:25 +02:00
with stdenv.lib;
2012-11-22 07:05:45 +01:00
stdenv.mkDerivation rec {
pname = "rng-tools";
version = "6.8";
2018-10-22 23:48:25 +02:00
src = fetchFromGitHub {
owner = "nhorman";
repo = "rng-tools";
rev = "v${version}";
sha256 = "1clm9i9xg3j79q0d6vinn6dx0nwh1fvzcmkqpcbay7mwsgkknvw2";
2018-10-22 23:48:25 +02:00
};
2012-11-22 07:05:45 +01:00
postPatch = ''
${optionalString withPkcs11 ''
substituteInPlace rngd.c \
--replace /usr/lib64/opensc-pkcs11.so ${opensc}/lib/opensc-pkcs11.so
''}
'';
2012-11-22 07:05:45 +01:00
nativeBuildInputs = [ autoreconfHook libtool pkgconfig ];
2018-10-22 23:48:25 +02:00
configureFlags = [
(withFeature withGcrypt "libgcrypt")
(enableFeature withJitterEntropy "jitterentropy")
(withFeature withNistBeacon "nistbeacon")
(withFeature withPkcs11 "pkcs11")
];
2018-10-22 23:48:25 +02:00
# argp-standalone is only used when libc lacks argp parsing (musl)
2018-10-22 23:48:25 +02:00
buildInputs = [ sysfsutils ]
++ optionals stdenv.hostPlatform.isx86_64 [ argp-standalone ]
++ optionals withGcrypt [ libgcrypt ]
++ optionals withJitterEntropy [ jitterentropy ]
++ optionals withNistBeacon [ curl libxml2 openssl ]
++ optionals withPkcs11 [ libp11 openssl ];
2018-10-22 23:48:25 +02:00
enableParallelBuilding = true;
2012-11-22 07:05:45 +01:00
2018-02-27 00:17:23 +01:00
# For cross-compilation
makeFlags = [ "AR:=$(AR)" ];
doCheck = true;
preCheck = "patchShebangs tests/*.sh";
2012-11-22 07:05:45 +01:00
meta = {
description = "A random number generator daemon";
2018-10-22 23:48:25 +02:00
homepage = https://github.com/nhorman/rng-tools;
license = licenses.gpl2Plus;
platforms = platforms.linux;
maintainers = with maintainers; [ johnazoidberg c0bw3b ];
2012-11-22 07:05:45 +01:00
};
}