botan3: 3.6.1 -> 3.8.1 (2b4f6265) · Commits · nix / nixpkgs

pkgs/development/libraries/botan/default.nix

+36 −3

Original line number	Diff line number	Diff line
		@@ -7,9 +7,23 @@
		bzip2,
		zlib,
		jitterentropy,
		darwin,
		esdm,
		tpm2-tss,
		static ? stdenv.hostPlatform.isStatic, # generates static libraries only

		# build ESDM RNG plugin
		with_esdm ? false,
		# useful, but have to disable tests for now, as /dev/tpmrm0 is not accessible
		with_tpm2 ? false,
		# only allow BSI approved algorithms, FFI and SHAKE for XMSS
		with_bsi_policy ? false,
		# only allow NIST approved algorithms
		with_fips140_policy ? false,
		}:

		assert (!with_bsi_policy && !with_fips140_policy) \|\| (with_bsi_policy != with_fips140_policy);

		let
		common =
		{
		@@ -50,9 +64,14 @@ let
		bzip2
		zlib
		]

		++ lib.optionals (stdenv.hostPlatform.isLinux && with_tpm2) [
		tpm2-tss
		]
		++ lib.optionals (lib.versionAtLeast version "3.6.0") [
		jitterentropy
		]
		++ lib.optionals (lib.versionAtLeast version "3.7.0" && with_esdm) [
		esdm
		];

		buildTargets =
		@@ -77,8 +96,22 @@ let
		++ lib.optionals stdenv.cc.isClang [
		"--cc=clang"
		]
		++ lib.optionals (stdenv.hostPlatform.isLinux && with_tpm2) [
		"--with-tpm2"
		]
		++ lib.optionals (lib.versionAtLeast version "3.6.0") [
		"--enable-modules=jitter_rng"
		]
		++ lib.optionals (lib.versionAtLeast version "3.7.0" && with_esdm) [
		"--enable-modules=esdm_rng"
		]
		++ lib.optionals (lib.versionAtLeast version "3.8.0" && with_bsi_policy) [
		"--module-policy=bsi"
		"--enable-module=ffi"
		"--enable-module=shake"
		]
		++ lib.optionals (lib.versionAtLeast version "3.8.0" && with_fips140_policy) [
		"--module-policy=fips140"
		];

		configurePhase = ''
		@@ -115,8 +148,8 @@ let
		in
		{
		botan3 = common {
		version = "3.6.1";
		hash = "sha256-fLhXXYjSMsdxdHadf54ku0REQWBYWYbuvWbnScuakIk=";
		version = "3.8.1";
		hash = "sha256-sDloHUuGGi9YU3Rti6gG9VPiOGntctie2/o8Pb+hfmg=";
		};

		botan2 = common {