summary refs log tree commit diff
path: root/pkgs/development/libraries/bearssl
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries/bearssl')
-rw-r--r--pkgs/development/libraries/bearssl/default.nix56
1 files changed, 56 insertions, 0 deletions
diff --git a/pkgs/development/libraries/bearssl/default.nix b/pkgs/development/libraries/bearssl/default.nix
new file mode 100644
index 00000000000..36873f03f7e
--- /dev/null
+++ b/pkgs/development/libraries/bearssl/default.nix
@@ -0,0 +1,56 @@
+{ lib, stdenv, fetchurl }:
+
+stdenv.mkDerivation rec {
+  pname = "bearssl";
+  version = "0.6";
+
+  src = fetchurl {
+    url = "https://www.bearssl.org/bearssl-${version}.tar.gz";
+    sha256 = "057zhgy9w4y8z2996r0pq5k2k39lpvmmvz4df8db8qa9f6hvn1b7";
+  };
+
+  outputs = [ "bin" "lib" "dev" "out" ];
+
+  enableParallelBuilding = true;
+
+  installPhase = ''
+    runHook preInstall
+    install -D build/brssl $bin/brssl
+    install -D build/testcrypto $bin/testcrypto
+    install -Dm644 build/libbearssl.so $lib/lib/libbearssl.so
+    install -Dm644 build/libbearssl.a $lib/lib/libbearssl.a
+    install -Dm644 -t $dev/include inc/*.h
+    touch $out
+    runHook postInstall
+  '';
+
+  meta = {
+    homepage = "https://www.bearssl.org/";
+    description = "An implementation of the SSL/TLS protocol written in C";
+    longDescription = ''
+      BearSSL is an implementation of the SSL/TLS protocol (RFC 5246)
+      written in C. It aims at offering the following features:
+
+      * Be correct and secure. In particular, insecure protocol versions and
+        choices of algorithms are not supported, by design; cryptographic
+        algorithm implementations are constant-time by default.
+
+      * Be small, both in RAM and code footprint. For instance, a minimal
+        server implementation may fit in about 20 kilobytes of compiled code
+        and 25 kilobytes of RAM.
+
+      * Be highly portable. BearSSL targets not only “big” operating systems
+        like Linux and Windows, but also small embedded systems and even
+        special contexts like bootstrap code.
+
+      * Be feature-rich and extensible. SSL/TLS has many defined cipher
+        suites and extensions; BearSSL should implement most of them, and
+        allow extra algorithm implementations to be added afterwards,
+        possibly from third parties.
+    '';
+    license = lib.licenses.mit;
+    platforms = lib.platforms.all;
+    maintainers = [ lib.maintainers.Profpatsch ];
+  };
+
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-30 10:53:00 +0000