ghidra: add findcrypt extension

[BonusPlay]

Description of changes

Ghidra FindCrypt is a plugin to aid in locating cryptographic constants within analyzed binaries.
There are multiple plugins with this functionality, so I've chosen the most recent and up-to-date one.
I have been using this extension for the past ~2 months, so I've decided to upstream it to nixpkgs.

Things done

• Built on platform(s)
  • x86_64-linux
  • aarch64-linux
  • x86_64-darwin
  • aarch64-darwin
• For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
  • sandbox = relaxed
  • sandbox = true
• Tested, as applicable:
  • NixOS test(s) (look inside nixos/tests)
  • and/or package tests
  • or, for functions and "core" functionality, tests in lib/tests or pkgs/test
  • made sure NixOS tests are linked to the relevant packages
• Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
• Tested basic functionality of all binary files (usually in ./result/bin/)
• 24.11 Release Notes (or backporting 23.11 and 24.05 Release notes)
  • (Package updates) Added a release notes entry if the change is major or breaking
  • (Module updates) Added a release notes entry if the change is significant
  • (Module addition) Added a release notes entry if adding a new NixOS module
• Fits CONTRIBUTING.md.

---

Add a 👍 reaction to pull requests you find important.

[h7x4]

Neat 👍

[BonusPlay]

Sorry for the mess, needed to dust off my git-foo.

[vringar]

Hey,
Thanks for upstreaming this!
Two quick things that should be easy to fix

[vringar]

When running nixpkgs-review pr 343256 I get the following error:

error: hash mismatch in fixed-output derivation '/nix/store/wzbbrnzzp451b6yh6lgb3ayz2w72q3a7-source.drv':
         specified: sha256-FSRuZtVEErEo4z134XRSsYcIccs/F41R2ydnBy+992o=
            got:    sha256-/KA95NdoQFvR6XSGCHkX+ySKfftK84hJ8zjAvt0+O0o=
error: 1 dependencies of derivation '/nix/store/361dj78gzjgryg3hrd0llhhhvd1hx6jj-findcrypt-3.0.1.drv' failed to build
error: 1 dependencies of derivation '/nix/store/6ml1yhx46paibb6nvk27mircn1ca1f08-review-shell.drv' failed to build

Can you reproduce this?

[BonusPlay]

No, not really.

$ nix-shell -p nixpkgs-review --run "nixpkgs-review pr 343256"
$ git -c fetch.prune=false fetch --no-tags --force https://github.com/NixOS/nixpkgs master:refs/nixpkgs-review/0 pull/343256/head:refs/nixpkgs-review/1
$ git worktree add /home/bonus/.cache/nixpkgs-review/pr-343256-1/nixpkgs 9a0f009815f30d0753f1e4dda4274bcb70f255ad
Preparing worktree (detached HEAD 9a0f009815f3)
Updating files: 100% (43351/43351), done.
HEAD is now at 9a0f009815f3 ibus-engines.mozc-ut: init at 2.30.5544.102 (#314248)
$ git merge --no-commit --no-ff 4bbf4b95431fde921db405ad7f7bd4a71b563a51
Auto-merging maintainers/maintainer-list.nix
Automatic merge went well; stopped before committing as requested
$ nix build --file /nix/store/kz30bnfvzwl476hwq5fgbyfalm2ynhi1-nixpkgs-review-2.10.4/lib/python3.11/site-packages/nixpkgs_review/nix/review-shell.nix --nix-path nixpkgs=/home/bonus/.cache/nixpkgs-review/pr-343256-1/nixpkgs nixpkgs-overlays=/tmp/tmp7iw3by83 --extra-experimental-features nix-command no-url-literals --no-link --keep-going --no-allow-import-from-derivation --option build-use-sandbox relaxed --argstr system x86_64-linux --argstr nixpkgs-path /home/bonus/.cache/nixpkgs-review/pr-343256-1/nixpkgs --argstr nixpkgs-config-path /tmp/tmptxd_b6ul.nix --argstr attrs-path /home/bonus/.cache/nixpkgs-review/pr-343256-1/attrs.nix

Link to currently reviewing PR:
https://github.com/NixOS/nixpkgs/pull/343256

1 package built:
ghidra-extensions.findcrypt

$ /nix/store/5q78686d7y90zlfb9jj03q8wgj36im4g-nix-2.18.5/bin/nix-shell --argstr system x86_64-linux --argstr nixpkgs-path /home/bonus/.cache/nixpkgs-review/pr-343256-1/nixpkgs --argstr nixpkgs-config-path /tmp/tmptxd_b6ul.nix --argstr attrs-path /home/bonus/.cache/nixpkgs-review/pr-343256-1/attrs.nix --nix-path nixpkgs=/home/bonus/.cache/nixpkgs-review/pr-343256-1/nixpkgs nixpkgs-overlays=/tmp/tmp7iw3by83 /nix/store/kz30bnfvzwl476hwq5fgbyfalm2ynhi1-nixpkgs-review-2.10.4/lib/python3.11/site-packages/nixpkgs_review/nix/review-shell.nix

[BonusPlay]

However, running

$ nix run nixpkgs#nix-prefetch-github -- --nix antoniovazquezblanco GhidraFindcrypt --rev v3.0.1
let
  pkgs = import <nixpkgs> {};
in
  pkgs.fetchFromGitHub {
    owner = "antoniovazquezblanco";
    repo = "GhidraFindcrypt";
    rev = "06731313669c706fccf35fa8b9f9da5e79588bf0";
    hash = "sha256-/KA95NdoQFvR6XSGCHkX+ySKfftK84hJ8zjAvt0+O0o=";
  }

shows that something weird is going on...

Update: managed to reproduce it on my end. I currently have this package build, but if I try to re-build it manually, then it fails with incorrect src hash. This would indicate, that repository contents changed from yesterday? Yet the v3.0.1 is "supposed" to be unchanged for 3 months now...

I'll try to do some forensics on git repo to see if there may be force-push shenanigan going on. I wouldn't merge it until we figure out why the hash has changed.

[h7x4]

@BonusPlay Maybe you have an existing FOD with the previous hash? Try building without the hash once more and see what it reports as expected

[BonusPlay]

Ok, apparently something got lost somewhere in translation, the sha256-FSRuZtVEErEo4z134XRSsYcIccs/F41R2ydnBy+992o= hash is for the latest commit 4699bce02b1aafa85ee4a7ab96d5dcbf0d7cc7eb from main branch. Honestly, I have no idea how this could have happened, as the derivation built correctly before:

$ nix-build -E "with import <nixpkgs> {}; callPackage ./ghidra-findcrypt.nix {}"
/nix/store/x57w4yvacdqwzmw7hji3jr29fprmjwy0-findcrypt-11.0.3

I've updated this PR with correct hash for the v3.0.1 release.

[vringar]

Builds and works for me :)