ghidra: init at 10.1.1

1 files changed, 150 insertions, 0 deletions

diff --git a/pkgs/tools/security/ghidra/build.nix b/pkgs/tools/security/ghidra/build.nix
new file mode 100644
index 00000000000..f92ccce2f7e
--- /dev/null
+++ b/pkgs/tools/security/ghidra/build.nix
@@ -0,0 +1,150 @@
+{ stdenv
+, fetchzip
+, fetchurl
+, fetchFromGitHub
+, lib
+, gradle
+, perl
+, makeWrapper
+, openjdk11
+, unzip
+, makeDesktopItem
+, autoPatchelfHook
+, icoutils
+}:
+
+let
+  pkg_path = "$out/lib/ghidra";
+  pname = "ghidra";
+  version = "10.1.1";
+
+  src = fetchFromGitHub {
+    owner = "NationalSecurityAgency";
+    repo = "Ghidra";
+    rev = "Ghidra_${version}_build";
+    sha256 = "sha256-0hj9IVvTxgStCbfnTzqeKD+Q5GnGowDsIkMvk2GqJqY=";
+  };
+
+  desktopItem = makeDesktopItem {
+    name = "ghidra";
+    exec = "ghidra";
+    icon = "ghidra";
+    desktopName = "Ghidra";
+    genericName = "Ghidra Software Reverse Engineering Suite";
+    categories = "Development;";
+  };
+
+  # fake build to pre-download deps into fixed-output derivation
+  # Taken from mindustry derivation.
+  deps = stdenv.mkDerivation {
+    pname = "${pname}-deps";
+    inherit version src;
+
+    nativeBuildInputs = [ gradle perl ];
+    buildPhase = ''
+    cat >>build.gradle <<HERE
+task resolveDependencies {
+  doLast {
+    project.rootProject.allprojects.each { subProject ->
+      subProject.buildscript.configurations.each { configuration ->
+        resolveConfiguration(subProject, configuration, "buildscript config \''${configuration.name}")
+      }
+      subProject.configurations.each { configuration ->
+        resolveConfiguration(subProject, configuration, "config \''${configuration.name}")
+      }
+    }
+  }
+}
+void resolveConfiguration(subProject, configuration, name) {
+  if (configuration.canBeResolved) {
+    logger.info("Resolving project {} {}", subProject.name, name)
+    configuration.resolve()
+  }
+}
+HERE
+      export GRADLE_USER_HOME=$(mktemp -d)
+
+      # First, fetch the static dependencies.
+      gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk11} -I gradle/support/fetchDependencies.gradle init
+
+      # Then, fetch the maven dependencies.
+      gradle --no-daemon --info -Dorg.gradle.java.home=${openjdk11} resolveDependencies
+    '';
+    # perl code mavenizes pathes (com.squareup.okio/okio/1.13.0/a9283170b7305c8d92d25aff02a6ab7e45d06cbe/okio-1.13.0.jar -> com/squareup/okio/okio/1.13.0/okio-1.13.0.jar)
+    installPhase = ''
+      find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \
+        | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/maven/$x/$3/$4/$5" #e' \
+        | sh
+      find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.exe' \
+        | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm555 $1 \$out/maven/$x/$3/$4/$5" #e' \
+        | sh
+      cp -r dependencies $out/dependencies
+    '';
+    outputHashAlgo = "sha256";
+    outputHashMode = "recursive";
+    outputHash = "sha256-tiJpctga2ddPJbO9qvYQBpDmpEn6ncCjfDIxg8YWs5U=";
+  };
+
+  fixedDeps = stdenv.mkDerivation {
+    pname = "${pname}-fixeddeps";
+    inherit version;
+
+    nativeBuildInputs = [ autoPatchelfHook ];
+    src = deps;
+    installPhase = ''
+    cp -r . $out
+    '';
+  };
+
+in stdenv.mkDerivation rec {
+  inherit pname version src;
+
+  nativeBuildInputs = [
+    gradle unzip makeWrapper icoutils
+  ];
+
+  dontStrip = true;
+
+  buildPhase = ''
+    ln -s ${fixedDeps}/dependencies dependencies
+
+    sed -ie "s#mavenLocal()#mavenLocal(); maven { url '${fixedDeps}/maven' }#g" build.gradle
+    gradle --offline --no-daemon --info -Dorg.gradle.java.home=${openjdk11} buildGhidra
+  '';
+
+  installPhase = ''
+    mkdir -p "${pkg_path}" "$out/share/applications"
+
+    ZIP=build/dist/$(ls build/dist)
+    echo $ZIP
+    unzip $ZIP -d ${pkg_path}
+    f=("${pkg_path}"/*)
+    mv "${pkg_path}"/*/* "${pkg_path}"
+    rmdir "''${f[@]}"
+
+    ln -s ${desktopItem}/share/applications/* $out/share/applications
+
+    icotool -x "Ghidra/RuntimeScripts/Windows/support/ghidra.ico"
+    rm ghidra_4_40x40x32.png
+    for f in ghidra_*.png; do
+      res=$(basename "$f" ".png" | cut -d"_" -f3 | cut -d"x" -f1-2)
+      mkdir -pv "$out/share/icons/hicolor/$res/apps"
+      mv "$f" "$out/share/icons/hicolor/$res/apps/ghidra.png"
+    done;
+  '';
+
+  postFixup = ''
+    mkdir -p "$out/bin"
+    ln -s "${pkg_path}/ghidraRun" "$out/bin/ghidra"
+    wrapProgram "${pkg_path}/support/launch.sh" \
+      --prefix PATH : ${lib.makeBinPath [ openjdk11 ]}
+  '';
+
+  meta = with lib; {
+    description = "A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission";
+    homepage = "https://ghidra-sre.org/";
+    platforms = [ "x86_64-linux" "x86_64-darwin" ];
+    license = licenses.asl20;
+  };
+
+}