1 files changed, 16 insertions, 5 deletions

diff --git a/pkgs/tools/security/softhsm/default.nix b/pkgs/tools/security/softhsm/default.nix
index 5cc7dbac5da..61afb9082d0 100644
--- a/pkgs/tools/security/softhsm/default.nix
+++ b/pkgs/tools/security/softhsm/default.nix
@@ -1,18 +1,18 @@
-{ stdenv, fetchurl, botan, libobjc, Security }:
+{ stdenv, fetchurl, botan2, libobjc, Security }:
 
 stdenv.mkDerivation rec {
 
   pname = "softhsm";
-  version = "2.5.0";
+  version = "2.6.1";
 
   src = fetchurl {
     url = "https://dist.opendnssec.org/source/${pname}-${version}.tar.gz";
-    sha256 = "1cijq78jr3mzg7jj11r0krawijp99p253f4qdqr94n728p7mdalj";
+    hash = "sha256:1wkmyi6n3z2pak1cj5yk6v6bv9w0m24skycya48iikab0mrr8931";
   };
 
   configureFlags = [
     "--with-crypto-backend=botan"
-    "--with-botan=${botan}"
+    "--with-botan=${botan2}"
     "--sysconfdir=$out/etc"
     "--localstatedir=$out/var"
     ];
@@ -20,13 +20,24 @@ stdenv.mkDerivation rec {
   propagatedBuildInputs =
     stdenv.lib.optionals stdenv.isDarwin [ libobjc Security ];
 
-  buildInputs = [ botan ];
+  buildInputs = [ botan2 ];
 
   postInstall = "rm -rf $out/var";
 
   meta = with stdenv.lib; {
     homepage = "https://www.opendnssec.org/softhsm";
     description = "Cryptographic store accessible through a PKCS #11 interface";
+    longDescription = "
+      SoftHSM provides a software implementation of a generic
+      cryptographic device with a PKCS#11 interface, which is of
+      course especially useful in environments where a dedicated hardware
+      implementation of such a device - for instance a Hardware
+      Security Module (HSM) or smartcard - is not available.
+
+      SoftHSM follows the OASIS PKCS#11 standard, meaning it should be
+      able to work with many cryptographic products. SoftHSM is a
+      programme of The Commons Conservancy.
+    ";
     license = licenses.bsd2;
     maintainers = [ maintainers.leenaars ];
     platforms = platforms.unix;