1 { stdenv, lib, fetchFromGitHub, substituteAll
2 , pkg-config, autoreconfHook, autoconf-archive, makeWrapper, patchelf
3 , tpm2-tss, tpm2-tools, opensc, openssl, sqlite, python3, glibc, libyaml
4 , abrmdSupport ? true, tpm2-abrmd ? null
8 stdenv.mkDerivation rec {
12 src = fetchFromGitHub {
13 owner = "tpm2-software";
16 sha256 = "sha256-SoHtgZRIYNJg4/w1MIocZAM26mkrM+UOQ+RKCh6nwCk=";
21 ./graceful-fapi-fail.patch
24 # The preConfigure phase doesn't seem to be working here
25 # ./bootstrap MUST be executed as the first step, before all
26 # of the autoreconfHook stuff
28 echo ${version} > VERSION
32 configureFlags = lib.optionals (!fapiSupport) [
33 # Note: this will be renamed to with-fapi in next release.
38 pkg-config autoreconfHook autoconf-archive makeWrapper patchelf
41 tpm2-tss tpm2-tools opensc openssl sqlite libyaml
42 (python3.withPackages (ps: with ps; [ packaging pyyaml cryptography pyasn1-modules tpm2-pytss ]))
45 outputs = [ "out" "bin" "dev" ];
50 # To be able to use the userspace resource manager, the RUNPATH must
51 # explicitly include the tpm2-abrmd shared libraries.
53 rpath = lib.makeLibraryPath (
54 (lib.optional abrmdSupport tpm2-abrmd)
65 --set-rpath ${rpath} \
66 ${lib.optionalString abrmdSupport "--add-needed ${lib.makeLibraryPath [tpm2-abrmd]}/libtss2-tcti-tabrmd.so"} \
67 --add-needed ${lib.makeLibraryPath [tpm2-tss]}/libtss2-tcti-device.so \
68 $out/lib/libtpm2_pkcs11.so.0.0.0
72 mkdir -p $bin/bin/ $bin/share/tpm2_pkcs11/
73 mv ./tools/* $bin/share/tpm2_pkcs11/
74 makeWrapper $bin/share/tpm2_pkcs11/tpm2_ptool.py $bin/bin/tpm2_ptool \
75 --prefix PATH : ${lib.makeBinPath [ tpm2-tools ]}
79 description = "PKCS#11 interface for TPM2 hardware";
80 homepage = "https://github.com/tpm2-software/tpm2-pkcs11";
81 license = licenses.bsd2;
82 platforms = platforms.linux;
84 mainProgram = "tpm2_ptool";