ostree: enable ed25519 support

This was omitted in the latest update.

Only adds ~400 KB.

It required adding openssl to tests so I tacked on some cleanups.
In particular, the GI_TYPELIB_PATH was already being set in the wrapper
so we can remove it from the module (not sure why Gtk was even there).

Also switched away from using pkgconfig and docbook_xsl aliases
and reordered the expression a bit.

nixos/tests/installed-tests/ostree.nix

@@ -3,21 +3,10 @@
 makeInstalledTest {
   tested = pkgs.ostree;
 
-  # TODO: Wrap/patch the tests directly in the package
   testConfig = {
     environment.systemPackages = with pkgs; [
-      (python3.withPackages (p: with p; [ pyyaml ]))
       gnupg
       ostree
     ];
-
-    # for GJS tests
-    environment.variables.GI_TYPELIB_PATH = lib.makeSearchPath "lib/girepository-1.0" (with pkgs; [
-      gtk3
-      pango.out
-      ostree
-      gdk-pixbuf
-      atk
-    ]);
   };
 }

pkgs/tools/misc/ostree/default.nix

@@ -2,7 +2,7 @@
 , fetchurl
 , fetchpatch
 , substituteAll
-, pkgconfig
+, pkg-config
 , gtk-doc
 , gobject-introspection
 , gjs
@@ -21,13 +21,15 @@
 , fuse
 , utillinuxMinimal
 , libselinux
+, libsodium
 , libarchive
 , libcap
 , bzip2
 , yacc
 , libxslt
-, docbook_xsl
+, docbook-xsl-nons
 , docbook_xml_dtd_42
+, openssl
 , python3
 }:
 
@@ -59,21 +61,22 @@ in stdenv.mkDerivation rec {
     (substituteAll {
       src = ./fix-test-paths.patch;
       python3 = testPython.interpreter;
+      openssl = "${openssl}/bin/openssl";
     })
   ];
 
   nativeBuildInputs = [
     autoconf
     automake
     libtool
-    pkgconfig
+    pkg-config
     gtk-doc
     gobject-introspection
     which
     makeWrapper
     yacc
     libxslt
-    docbook_xsl
+    docbook-xsl-nons
     docbook_xml_dtd_42
   ];
 
@@ -85,6 +88,7 @@ in stdenv.mkDerivation rec {
     gpgme
     fuse
     libselinux
+    libsodium
     libcap
     libarchive
     bzip2
@@ -96,23 +100,24 @@ in stdenv.mkDerivation rec {
     gjs
   ];
 
-  preConfigure = ''
-    env NOCONFIGURE=1 ./autogen.sh
-  '';
-
   enableParallelBuilding = true;
 
   configureFlags = [
     "--with-systemdsystemunitdir=${placeholder "out"}/lib/systemd/system"
     "--with-systemdsystemgeneratordir=${placeholder "out"}/lib/systemd/system-generators"
     "--enable-installed-tests"
+    "--with-ed25519-libsodium"
   ];
 
   makeFlags = [
     "installed_testdir=${placeholder "installedTests"}/libexec/installed-tests/libostree"
     "installed_test_metadir=${placeholder "installedTests"}/share/installed-tests/libostree"
   ];
 
+  preConfigure = ''
+    env NOCONFIGURE=1 ./autogen.sh
+  '';
+
   postFixup = let
     typelibPath = stdenv.lib.makeSearchPath "/lib/girepository-1.0" [
       (placeholder "out")

pkgs/tools/misc/ostree/fix-test-paths.patch

@@ -1,3 +1,32 @@
+diff --git a/tests/libtest.sh b/tests/libtest.sh
+index ca457fa2..c0a529ff 100755
+--- a/tests/libtest.sh
++++ b/tests/libtest.sh
+@@ -709,12 +709,12 @@ gen_ed25519_keys ()
+ {
+   # Generate private key in PEM format
+   pemfile="$(mktemp -p ${test_tmpdir} ed25519_XXXXXX.pem)"
+-  openssl genpkey -algorithm ed25519 -outform PEM -out "${pemfile}"
++  @openssl@ genpkey -algorithm ed25519 -outform PEM -out "${pemfile}"
+
+   # Based on: http://openssl.6102.n7.nabble.com/ed25519-key-generation-td73907.html
+   # Extract the private and public parts from generated key.
+-  ED25519PUBLIC="$(openssl pkey -outform DER -pubout -in ${pemfile} | tail -c 32 | base64)"
+-  ED25519SEED="$(openssl pkey -outform DER -in ${pemfile} | tail -c 32 | base64)"
++  ED25519PUBLIC="$(@openssl@ pkey -outform DER -pubout -in ${pemfile} | tail -c 32 | base64)"
++  ED25519SEED="$(@openssl@ pkey -outform DER -in ${pemfile} | tail -c 32 | base64)"
+   # Secret key is concantination of SEED and PUBLIC
+   ED25519SECRET="$(echo ${ED25519SEED}${ED25519PUBLIC} | base64 -d | base64 -w 0)"
+
+@@ -725,7 +725,7 @@ gen_ed25519_keys ()
+
+ gen_ed25519_random_public()
+ {
+-  openssl genpkey -algorithm ED25519 | openssl pkey -outform DER | tail -c 32 | base64
++  @openssl@ genpkey -algorithm ED25519 | @openssl@ pkey -outform DER | tail -c 32 | base64
+ }
+
+ is_bare_user_only_repo () {
 diff --git a/tests/test-basic-user-only.sh b/tests/test-basic-user-only.sh
 index f65094fd..105be893 100755
 --- a/tests/test-basic-user-only.sh