swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-10-18 19:54:15 +02:00
Code Issues Packages Projects Releases Wiki Activity
nixpkgs/pkgs/development/libraries/nettle/generic.nix
Vladimír Čunát 03d69128b2
nettle: runtime selection of HW-accelerated code 
> Include multiple versions of certain functions in the library,
> and select the ones to use at run-time, depending on available
> processor features. Supported for ARM and x86_64.

The current version seems to accelerate AES and SHA families.

Size increase on x86_64 is <10k in our case.

It can make quite some performance difference; I tried
$ time ./result-dev/bin/nettle-hash -a sha256 /some/file/around/2G
And the total CPU time went down from 8.5s to 2s (single thread).
Now it matches the time of openssl
$ time openssl sha256 /some/file/around/2G
Of course, in real life it will be much harder to notice a difference...

Platforms without support for this (e.g. i686) seem to still build fine,
and ARMv7 cross-build also succeeds for me, so hopefully all is OK.
2020-02-18 12:22:51 +01:00

71 lines
2.3 KiB
Nix
Raw Blame History

{ stdenv, buildPackages, gmp, gnum4
# Version specific args
, version, src
, ...}:
stdenv.mkDerivation ({
name = "nettle-${version}";
inherit src;
outputs = [ "out" "dev" ];
outputBin = "dev";
depsBuildBuild = [ buildPackages.stdenv.cc ];
nativeBuildInputs = [ gnum4 ];
propagatedBuildInputs = [ gmp ];
configureFlags = [ "--enable-fat" ]; # runtime selection of HW-accelerated code
doCheck = (stdenv.hostPlatform.system != "i686-cygwin" && !stdenv.isDarwin);
enableParallelBuilding = true;
patches = stdenv.lib.optional (stdenv.hostPlatform.system == "i686-cygwin")
./cygwin.patch;
meta = with stdenv.lib; {
description = "Cryptographic library";
longDescription = ''
Nettle is a cryptographic library that is designed to fit
easily in more or less any context: In crypto toolkits for
object-oriented languages (C++, Python, Pike, ...), in
applications like LSH or GNUPG, or even in kernel space. In
most contexts, you need more than the basic cryptographic
algorithms, you also need some way to keep track of available
algorithms, their properties and variants. You often have
some algorithm selection process, often dictated by a protocol
you want to implement.
And as the requirements of applications differ in subtle and
not so subtle ways, an API that fits one application well can
be a pain to use in a different context. And that is why
there are so many different cryptographic libraries around.
Nettle tries to avoid this problem by doing one thing, the
low-level crypto stuff, and providing a simple but general
interface to it. In particular, Nettle doesn't do algorithm
selection. It doesn't do memory allocation. It doesn't do any
I/O.
'';
license = licenses.gpl2Plus;
homepage = http://www.lysator.liu.se/~nisse/nettle/;
platforms = platforms.all;
};
}
//
stdenv.lib.optionalAttrs stdenv.isSunOS {
# Make sure the right <gmp.h> is found, and not the incompatible
# /usr/include/mp.h from OpenSolaris. See
# <https://lists.gnu.org/archive/html/hydra-users/2012-08/msg00000.html>
# for details.
configureFlags = [ "--with-include-path=${gmp.dev}/include" ];
})
Reference in a new issue View git blame Copy permalink