yubikey-manager-qt: Depend on yubikey-manager4

author: Alexis Hildebrandt <afh@surryhill.net> 2022-11-03 11:02:14 +0100
committer: Alexis Hildebrandt <afh@surryhill.net> 2022-11-04 11:15:34 +0100
commit: 41af17cf5f9402d0f04910e33965a2325c8e65fc (patch)
tree: f7b1ca9a9b9a27e48e7d3a92e260fb8e958debfc /pkgs/tools/misc/yubikey-manager
parent: ad428205444e8303183ca345ae61e9fffa17ffbc (diff)
2 files changed, 114 insertions, 0 deletions
diff --git a/pkgs/tools/misc/yubikey-manager/4.nix b/pkgs/tools/misc/yubikey-manager/4.nix
new file mode 100644
index 0000000000000..5e0f0b1d92e34
--- /dev/null
+++ b/pkgs/tools/misc/yubikey-manager/4.nix
@@ -0,0 +1,73 @@
+{ python3Packages, fetchFromGitHub, lib, yubikey-personalization, libu2f-host, libusb1, procps
+, stdenv, pyOpenSSLSupport ? !(stdenv.isDarwin && stdenv.isAarch64) }:
+
+python3Packages.buildPythonPackage rec {
+  pname = "yubikey-manager";
+  version = "4.0.9";
+  format = "pyproject";
+
+  src = fetchFromGitHub {
+    repo = "yubikey-manager";
+    rev = "refs/tags/${version}";
+    owner = "Yubico";
+    sha256 = "sha256-MwM/b1QP6pkyBjz/r6oC4sW1mKC0CKMay45a0wCktk0=";
+  };
+
+  patches = lib.optionals (!pyOpenSSLSupport) [
+    ./remove-pyopenssl-tests.patch
+  ];
+
+  postPatch = ''
+    substituteInPlace pyproject.toml \
+      --replace 'fido2 = ">=0.9, <1.0"' 'fido2 = ">*"'
+    substituteInPlace "ykman/pcsc/__init__.py" \
+      --replace 'pkill' '${if stdenv.isLinux then "${procps}" else "/usr"}/bin/pkill'
+  '';
+
+  nativeBuildInputs = with python3Packages; [ poetry-core ];
+
+  propagatedBuildInputs =
+    with python3Packages; ([
+      click
+      cryptography
+      pyscard
+      pyusb
+      six
+      fido2
+    ] ++ lib.optionals pyOpenSSLSupport [
+      pyopenssl
+    ]) ++ [
+      libu2f-host
+      libusb1
+      yubikey-personalization
+    ];
+
+  makeWrapperArgs = [
+    "--prefix" "LD_LIBRARY_PATH" ":"
+    (lib.makeLibraryPath [ libu2f-host libusb1 yubikey-personalization ])
+  ];
+
+  postInstall = ''
+    mkdir -p "$out/man/man1"
+    cp man/ykman.1 "$out/man/man1"
+
+    mkdir -p $out/share/bash-completion/completions
+    _YKMAN_COMPLETE=source $out/bin/ykman > $out/share/bash-completion/completions/ykman || :
+    mkdir -p $out/share/zsh/site-functions/
+    _YKMAN_COMPLETE=source_zsh "$out/bin/ykman" > "$out/share/zsh/site-functions/_ykman" || :
+    substituteInPlace "$out/share/zsh/site-functions/_ykman" \
+      --replace 'compdef _ykman_completion ykman;' '_ykman_completion "$@"'
+  '';
+
+  checkInputs = with python3Packages; [ pytestCheckHook makefun ];
+
+  meta = with lib; {
+    homepage = "https://developers.yubico.com/yubikey-manager";
+    description = "Previous release of command line tool for configuring any YubiKey over all USB transports";
+
+    license = licenses.bsd2;
+    platforms = platforms.unix;
+    maintainers = with maintainers; [ benley lassulus pinpox ];
+    mainProgram = "ykman";
+  };
+}
diff --git a/pkgs/tools/misc/yubikey-manager/remove-pyopenssl-tests.patch b/pkgs/tools/misc/yubikey-manager/remove-pyopenssl-tests.patch
new file mode 100644
index 0000000000000..5be08f4ddbb98
--- /dev/null
+++ b/pkgs/tools/misc/yubikey-manager/remove-pyopenssl-tests.patch
@@ -0,0 +1,41 @@
+diff --git a/pyproject.toml b/pyproject.toml
+index 65a5943..e6932e0 100644
+--- a/pyproject.toml
++++ b/pyproject.toml
+@@ -30,7 +30,6 @@ packages = [
+ python = "^3.6"
+ dataclasses = {version = "^0.8", python = "<3.7"}
+ cryptography = ">=2.1, <39"
+-pyOpenSSL = {version = ">=0.15.1", optional = true}
+ pyscard = "^1.9 || ^2.0"
+ fido2 = ">=0.9, <2.0"
+ click = "^7.0 || ^8.0"
+diff --git a/tests/test_util.py b/tests/test_util.py
+index 6ccda6c..b4460e4 100644
+--- a/tests/test_util.py
++++ b/tests/test_util.py
+@@ -8,7 +8,6 @@ from ykman.util import _parse_pkcs12_pyopenssl, _parse_pkcs12_cryptography
+ from ykman.otp import format_oath_code, generate_static_pw, time_challenge
+ from .util import open_file
+ from cryptography.hazmat.primitives.serialization import pkcs12
+-from OpenSSL import crypto
+ 
+ import unittest
+ 
+@@ -114,16 +113,6 @@ class TestUtilityFunctions(unittest.TestCase):
+         ) as rsa_2048_key_cert_encrypted_pfx:
+             self.assertTrue(is_pkcs12(rsa_2048_key_cert_encrypted_pfx.read()))
+ 
+-    def test_parse_pkcs12(self):
+-        with open_file("rsa_2048_key_cert.pfx") as rsa_2048_key_cert_pfx:
+-            data = rsa_2048_key_cert_pfx.read()
+-
+-        key1, certs1 = _parse_pkcs12_cryptography(pkcs12, data, None)
+-        key2, certs2 = _parse_pkcs12_pyopenssl(crypto, data, None)
+-        self.assertEqual(key1.private_numbers(), key2.private_numbers())
+-        self.assertEqual(1, len(certs1))
+-        self.assertEqual(certs1, certs2)
+-
+     def test_is_pem(self):
+         self.assertFalse(is_pem(b"just a byte string"))
+         self.assertFalse(is_pem(None))
author	Alexis Hildebrandt <afh@surryhill.net>	2022-11-03 11:02:14 +0100
committer	Alexis Hildebrandt <afh@surryhill.net>	2022-11-04 11:15:34 +0100
commit	41af17cf5f9402d0f04910e33965a2325c8e65fc (patch)
tree	f7b1ca9a9b9a27e48e7d3a92e260fb8e958debfc /pkgs/tools/misc/yubikey-manager
parent	ad428205444e8303183ca345ae61e9fffa17ffbc (diff)