diff options
| author | Karel Kočí <cynerd@email.cz> | 2022-10-03 22:21:02 +0200 |
|---|---|---|
| committer | Karel Kočí <cynerd@email.cz> | 2022-10-03 22:21:02 +0200 |
| commit | ee4cfdda0a54567735e4c30662afd3f76e1c8a61 (patch) | |
| tree | b7ee78c18115932cef8f056ee86976c69067dc91 | |
| parent | 018ea866e847e249b5ae59f8711f4b8e59c8f4ac (diff) | |
| download | nixturris-ee4cfdda0a54567735e4c30662afd3f76e1c8a61.tar.gz nixturris-ee4cfdda0a54567735e4c30662afd3f76e1c8a61.tar.bz2 nixturris-ee4cfdda0a54567735e4c30662afd3f76e1c8a61.zip | |
crypto-wrapper: add and hopefully integrate the tools
| -rw-r--r-- | flake.lock | 6 | ||||
| -rw-r--r-- | pkgs/crypto-wrapper/default.nix | 18 | ||||
| -rw-r--r-- | pkgs/default.nix | 15 |
3 files changed, 24 insertions, 15 deletions
@@ -16,11 +16,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1660817299, - "narHash": "sha256-0QZE5FYLOyTEpKobPk32gxAQBtYs/nAfGx3PK+x6bXI=", + "lastModified": 1664787379, + "narHash": "sha256-gfKKtflfRcyxUPeTQ1JwyF1vXdyVvjO6Zy7GVyDdPro=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b42e50fe36242b1b205a7d501b7911d698218086", + "rev": "2c2c0afe1b5b31ed6a559ec4687b58608fa9069d", "type": "github" }, "original": { diff --git a/pkgs/crypto-wrapper/default.nix b/pkgs/crypto-wrapper/default.nix index 3f431b2..1d4d20b 100644 --- a/pkgs/crypto-wrapper/default.nix +++ b/pkgs/crypto-wrapper/default.nix @@ -1,9 +1,15 @@ { stdenv, lib, fetchgit -, bash +, bash, openssl , makeWrapper +, libatsha204, mox-otp }: +let -stdenv.mkDerivation rec { + bins = [openssl] + ++ lib.optional (stdenv.system == "aarch64-linux") mox-otp + ++ lib.optional (stdenv.system == "armv7l-linux") libatsha204; + +in stdenv.mkDerivation rec { pname = "crypto-wrapper"; version = "0.4"; meta = with lib; { @@ -19,10 +25,12 @@ stdenv.mkDerivation rec { sha256 = "1ly37cajkmgqmlj230h5az9m2m1rgvf4r0bf94yipp80wl0z215s"; }; + nativeBuildInputs = [ makeWrapper ]; + + installPhase = '' mkdir -p $out/bin - cp crypto-wrapper.sh $out/bin/crypto-wrapper - wrapProgram $out/bin/crypto-wrapper \ - --prefix PATH : ${lib.makeBinPath [ bash openssl coreutils ]} + makeWrapper crypto-wrapper.sh $out/bin/crypto-wrapper \ + --prefix PATH : ${lib.makeBinPath bins} ''; } diff --git a/pkgs/default.nix b/pkgs/default.nix index b16795d..41c28c8 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -16,22 +16,23 @@ let # Crypto and certificates libatsha204 = callPackage ./libatsha204 { }; mox-otp = python3Packages.callPackage ./mox-otp { }; - #crypto-wrapper = callPackage ./crypto-wrapper { }; + crypto-wrapper = callPackage ./crypto-wrapper { }; #certgen = python3Packages.callPackage ./certgen { }; # NOR Firmwares - ubootTurrisMox = buildUBoot { - defconfig = "turris_mox_defconfig"; - extraMeta.platforms = ["aarch64-linux"]; - filesToInstall = ["u-boot.bin"]; - extraPatches = [ ./patches/include-configs-turris_mox-increase-space-for-the-ke.patch ]; - }; armTrustedFirmwareTurrisMox = buildArmTrustedFirmware rec { platform = "a3700"; extraMeta.platforms = ["aarch64-linux"]; extraMakeFlags = ["USE_COHERENT_MEM=0" "CM3_SYSTEM_RESET=1" "FIP_ALIGN=0x100"]; filesToInstall = ["build/${platform}/release/bl31.bin"]; }; + ubootTurrisMox = buildUBoot { + defconfig = "turris_mox_defconfig"; + extraMeta.platforms = ["aarch64-linux"]; + filesToInstall = ["u-boot.bin"]; + extraPatches = [ ./patches/include-configs-turris_mox-increase-space-for-the-ke.patch ]; + BL31 = "${armTrustedFirmwareTurrisMox}/bl31.bin"; + }; ubootTurrisOmnia = buildUBoot { defconfig = "turris_omnia_defconfig"; extraMeta.platforms = ["armv7l-linux"]; |