age-plugin-tpm: 0.2.0 -> 0.3.0 (#382630)

    github = "josephsurin";

    githubId = 14977484;

  };

  josh = {

    name = "Joshua Peek";

    email = "josh@joshpeek.com";

    github = "josh";

    githubId = 137;

  };

  joshainglis = {

    name = "Josha Inglis";

    email = "joshainglis@gmail.com";

{ pkgs, lib, ... }:

{

  name = "age-plugin-tpm-decrypt";

  meta = with lib.maintainers; {

    maintainers = [

      sgo

      josh

    ];

  };

  nodes.machine =

    { pkgs, ... }:

    {

      virtualisation.tpm.enable = true;

      environment.systemPackages = with pkgs; [

        age

        age-plugin-tpm

      ];

    };

  testScript = ''

    machine.start()

    machine.succeed("age-plugin-tpm --generate --output identity.txt")

    machine.succeed("age-plugin-tpm --convert identity.txt --output recipient.txt")

    machine.succeed("echo -n 'Hello World' >data.txt")

    machine.succeed("age --encrypt --recipients-file recipient.txt --output data.age data.txt")

    data = machine.succeed("age --decrypt --identity identity.txt data.age")

    assert data == "Hello World"

  '';

}

  aesmd = runTestOn ["x86_64-linux"] ./aesmd.nix;

  agate = runTest ./web-servers/agate.nix;

  agda = handleTest ./agda.nix {};

  age-plugin-tpm-decrypt = runTest ./age-plugin-tpm-decrypt.nix;

  agorakit = runTest ./web-apps/agorakit.nix;

  airsonic = handleTest ./airsonic.nix {};

  akkoma = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./akkoma.nix {};

{

  lib,

  callPackage,

  buildGoModule,

  fetchFromGitHub,

  nixosTests,

  swtpm,

  openssl,

  age,

}:

buildGoModule rec {

  pname = "age-plugin-tpm";

  version = "0.2.0";

  version = "0.3.0";

  src = fetchFromGitHub {

    owner = "Foxboron";

    repo = "age-plugin-tpm";

    rev = "v${version}";

    hash = "sha256-oTvK8U5j+llHgoChhGb+vcUrUf9doVYxd3d5MEuCNz8=";

    tag = "v${version}";

    hash = "sha256-yr1PSSmcUoOrQ8VMQEoaCLNvDO+3+6N7XXdNUyYVz9M=";

  };

  proxyVendor = true;

  vendorHash = "sha256-veduD0K3Onkqvyg9E5v854a6/8UIRQZEH098lUepRNU=";

  vendorHash = "sha256-VEx6qP02QcwETOQUkMsrqVb+cOElceXcTDaUr480ngs=";

  nativeCheckInputs = [

    age

    swtpm

  ];

    "-w"

  ];

  passthru.tests = {

    encrypt = callPackage ./tests/encrypt.nix { };

    decrypt = nixosTests.age-plugin-tpm-decrypt;

  };

  meta = with lib; {

    description = "TPM 2.0 plugin for age (This software is experimental, use it at your own risk)";

    mainProgram = "age-plugin-tpm";

    homepage = "https://github.com/Foxboron/age-plugin-tpm";

    license = licenses.mit;

    platforms = platforms.linux;

    platforms = platforms.all;

    maintainers = with maintainers; [

      kranzes

      sgo

{

  runCommand,

  age,

  age-plugin-tpm,

}:

runCommand "age-plugin-tpm-encrypt"

  {

    nativeBuildInputs = [

      age

      age-plugin-tpm

    ];

    # example pubkey from Foxboron/age-plugin-tpm README

    env.AGE_RECIPIENT = "age1tpm1qg86fn5esp30u9h6jy6zvu9gcsvnac09vn8jzjxt8s3qtlcv5h2x287wm36";

  }

  ''

    echo "Hello World" | age --encrypt --armor --recipient "$AGE_RECIPIENT"

    touch $out

  ''