646b892680
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
73 lines
2.0 KiB
Nix
73 lines
2.0 KiB
Nix
{
|
|
lib,
|
|
stdenv,
|
|
fetchurl,
|
|
}:
|
|
|
|
stdenv.mkDerivation rec {
|
|
pname = "bearssl";
|
|
version = "0.6";
|
|
|
|
src = fetchurl {
|
|
url = "https://www.bearssl.org/bearssl-${version}.tar.gz";
|
|
sha256 = "057zhgy9w4y8z2996r0pq5k2k39lpvmmvz4df8db8qa9f6hvn1b7";
|
|
};
|
|
|
|
outputs = [
|
|
"bin"
|
|
"lib"
|
|
"dev"
|
|
"out"
|
|
];
|
|
|
|
enableParallelBuilding = true;
|
|
|
|
makeFlags = [
|
|
"AR=${stdenv.cc.targetPrefix}ar"
|
|
"CC=${stdenv.cc.targetPrefix}cc"
|
|
"LD=${stdenv.cc.targetPrefix}cc"
|
|
"LDDLL=${stdenv.cc.targetPrefix}cc"
|
|
]
|
|
++ lib.optional stdenv.hostPlatform.isStatic "DLL=no";
|
|
|
|
installPhase = ''
|
|
runHook preInstall
|
|
install -D build/brssl $bin/brssl
|
|
install -D build/testcrypto $bin/testcrypto
|
|
install -Dm644 -t $lib/lib build/libbearssl.*
|
|
install -Dm644 -t $dev/include inc/*.h
|
|
touch $out
|
|
runHook postInstall
|
|
'';
|
|
|
|
meta = {
|
|
homepage = "https://www.bearssl.org/";
|
|
description = "Implementation of the SSL/TLS protocol written in C";
|
|
longDescription = ''
|
|
BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
|
|
written in C. It aims at offering the following features:
|
|
|
|
* Be correct and secure. In particular, insecure protocol versions and
|
|
choices of algorithms are not supported, by design; cryptographic
|
|
algorithm implementations are constant-time by default.
|
|
|
|
* Be small, both in RAM and code footprint. For instance, a minimal
|
|
server implementation may fit in about 20 kilobytes of compiled code
|
|
and 25 kilobytes of RAM.
|
|
|
|
* Be highly portable. BearSSL targets not only “big” operating systems
|
|
like Linux and Windows, but also small embedded systems and even
|
|
special contexts like bootstrap code.
|
|
|
|
* Be feature-rich and extensible. SSL/TLS has many defined cipher
|
|
suites and extensions; BearSSL should implement most of them, and
|
|
allow extra algorithm implementations to be added afterwards,
|
|
possibly from third parties.
|
|
'';
|
|
license = lib.licenses.mit;
|
|
platforms = lib.platforms.all;
|
|
maintainers = [ ];
|
|
};
|
|
|
|
}
|