depot/third_party/nixpkgs/pkgs/by-name/rn/rng-tools/package.nix

{
  lib,
  stdenv,
  fetchFromGitHub,
  autoreconfHook,
  libtool,
  pkg-config,
  psmisc,
  argp-standalone,
  openssl,
  libcap,
  jitterentropy,
  withJitterEntropy ? true,
  # WARNING: DO NOT USE BEACON GENERATED VALUES AS SECRET CRYPTOGRAPHIC KEYS
  # https://www.nist.gov/programs-projects/nist-randomness-beacon
  curl,
  jansson,
  libxml2,
  withNistBeacon ? false,
  libp11,
  opensc,
  withPkcs11 ? true,
  rtl-sdr,
  withRtlsdr ? true,
  withQrypt ? false,
}:

stdenv.mkDerivation rec {
  pname = "rng-tools";
  version = "6.17";

  src = fetchFromGitHub {
    owner = "nhorman";
    repo = pname;
    rev = "v${version}";
    hash = "sha256-wqJvLvxmNG2nb5P525w25Y8byUUJi24QIHNJomCKeG8=";
  };

  nativeBuildInputs = [
    autoreconfHook
    libtool
    pkg-config
  ];

  configureFlags = [
    (lib.enableFeature (withJitterEntropy) "jitterentropy")
    (lib.withFeature (withNistBeacon) "nistbeacon")
    (lib.withFeature (withPkcs11) "pkcs11")
    (lib.withFeature (withRtlsdr) "rtlsdr")
    (lib.withFeature (withQrypt) "qrypt")
  ];

  buildInputs =
    [
      openssl
      libcap
    ]
    ++ lib.optionals stdenv.hostPlatform.isMusl [ argp-standalone ]
    ++ lib.optionals withJitterEntropy [ jitterentropy ]
    ++ lib.optionals withNistBeacon [
      curl
      jansson
      libxml2
    ]
    ++ lib.optionals withPkcs11 [
      libp11
      libp11.passthru.openssl
    ]
    ++ lib.optionals withRtlsdr [ rtl-sdr ]
    ++ lib.optionals withQrypt [
      curl
      jansson
    ];

  enableParallelBuilding = true;

  makeFlags =
    [
      "AR:=$(AR)" # For cross-compilation
    ]
    ++ lib.optionals withPkcs11 [
      "PKCS11_ENGINE=${opensc}/lib/opensc-pkcs11.so" # Overrides configure script paths
    ];

  doCheck = true;
  preCheck = ''
    patchShebangs tests/*.sh
    export RNGD_JITTER_TIMEOUT=10
  '';
  # After updating to jitterentropy 3.4.1 jitterentropy initialization seams
  # to have increased. On some system rng-tools fail therefore to initialize the
  # jitterentropy entropy source. You can increase the init timeout with a command-line
  # option (-O jitter:timeout:SECONDS). The environment variable above only has effect
  # for the test cases.
  # Patching the timeout to a larger value was declined upstream,
  # see (https://github.com/nhorman/rng-tools/pull/178).
  nativeCheckInputs = [ psmisc ]; # rngtestjitter.sh needs killall

  doInstallCheck = true;
  installCheckPhase = ''
    runHook preInstallCheck
    set -o pipefail
    $out/bin/rngtest --version | grep $version
    runHook postInstallCheck
  '';

  meta = with lib; {
    description = "Random number generator daemon";
    homepage = "https://github.com/nhorman/rng-tools";
    changelog = "https://github.com/nhorman/rng-tools/releases/tag/v${version}";
    license = licenses.gpl2Plus;
    platforms = platforms.linux;
    maintainers = with maintainers; [
      johnazoidberg
      c0bw3b
    ];
  };
}