diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-03-04T16·08+0100 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-03-04T16·45+0100 |
commit | af7cdb1096dd12f0ca06d78f5e5a3f5e9f57b3a8 (patch) | |
tree | 1b8ff00a1183f12cd5d8f8b8ea445ec7d34c1d72 | |
parent | 42bc395b63260e13f42e4bf348823799e78e445f (diff) |
BinaryCacheStore: Remove publicKeyFile argument
The public key can be derived from the secret key, so there's no need for the user to supply it separately.
-rw-r--r-- | src/libstore/binary-cache-store.cc | 9 | ||||
-rw-r--r-- | src/libstore/binary-cache-store.hh | 3 | ||||
-rw-r--r-- | src/libstore/crypto.cc | 11 | ||||
-rw-r--r-- | src/libstore/crypto.hh | 12 | ||||
-rw-r--r-- | src/libstore/http-binary-cache-store.cc | 7 | ||||
-rw-r--r-- | src/libstore/local-binary-cache-store.cc | 19 | ||||
-rw-r--r-- | src/libstore/store-api.hh | 3 |
7 files changed, 39 insertions, 25 deletions
diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc index 01d937f2e56a..5ded16d028b0 100644 --- a/src/libstore/binary-cache-store.cc +++ b/src/libstore/binary-cache-store.cc @@ -14,16 +14,13 @@ namespace nix { BinaryCacheStore::BinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile) + const Path & secretKeyFile) : localStore(localStore) { - if (secretKeyFile != "") + if (secretKeyFile != "") { secretKey = std::unique_ptr<SecretKey>(new SecretKey(readFile(secretKeyFile))); - - if (publicKeyFile != "") { publicKeys = std::unique_ptr<PublicKeys>(new PublicKeys); - auto key = PublicKey(readFile(publicKeyFile)); - publicKeys->emplace(key.name, key); + publicKeys->emplace(secretKey->name, secretKey->toPublicKey()); } StringSink sink; diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/binary-cache-store.hh index 6feb84cd2b10..c99556f33692 100644 --- a/src/libstore/binary-cache-store.hh +++ b/src/libstore/binary-cache-store.hh @@ -31,8 +31,7 @@ private: protected: - BinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile); + BinaryCacheStore(std::shared_ptr<Store> localStore, const Path & secretKeyFile); [[noreturn]] void notImpl(); diff --git a/src/libstore/crypto.cc b/src/libstore/crypto.cc index c1b57e51d9b4..53e94e1f5997 100644 --- a/src/libstore/crypto.cc +++ b/src/libstore/crypto.cc @@ -55,6 +55,17 @@ std::string SecretKey::signDetached(const std::string & data) const #endif } +PublicKey SecretKey::toPublicKey() const +{ +#if HAVE_SODIUM + unsigned char pk[crypto_sign_PUBLICKEYBYTES]; + crypto_sign_ed25519_sk_to_pk(pk, (unsigned char *) key.data()); + return PublicKey(name, std::string((char *) pk, crypto_sign_PUBLICKEYBYTES)); +#else + noSodium(); +#endif +} + PublicKey::PublicKey(const string & s) : Key(s) { diff --git a/src/libstore/crypto.hh b/src/libstore/crypto.hh index a1489e753649..33b79cb2e8fe 100644 --- a/src/libstore/crypto.hh +++ b/src/libstore/crypto.hh @@ -15,19 +15,31 @@ struct Key ‘<name>:<key-in-base64>’. */ Key(const std::string & s); +protected: + Key(const std::string & name, const std::string & key) + : name(name), key(key) { } }; +struct PublicKey; + struct SecretKey : Key { SecretKey(const std::string & s); /* Return a detached signature of the given string. */ std::string signDetached(const std::string & s) const; + + PublicKey toPublicKey() const; }; struct PublicKey : Key { PublicKey(const std::string & data); + +private: + PublicKey(const std::string & name, const std::string & key) + : Key(name, key) { } + friend class SecretKey; }; typedef std::map<std::string, PublicKey> PublicKeys; diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index 78f4497e7665..861e13c7fe39 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -14,9 +14,8 @@ private: public: HttpBinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & _cacheUri) - : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile) + const Path & secretKeyFile, const Path & _cacheUri) + : BinaryCacheStore(localStore, secretKeyFile) , cacheUri(_cacheUri) , downloader(makeDownloader()) { @@ -66,7 +65,7 @@ static RegisterStoreImplementation regStore([](const std::string & uri) -> std:: if (std::string(uri, 0, 7) != "http://" && std::string(uri, 0, 8) != "https://") return 0; auto store = std::make_shared<HttpBinaryCacheStore>(std::shared_ptr<Store>(0), - "", "", // FIXME: allow the signing key to be set + "", // FIXME: allow the signing key to be set uri); store->init(); return store; diff --git a/src/libstore/local-binary-cache-store.cc b/src/libstore/local-binary-cache-store.cc index 8590aea185d4..6adabaf9f1ca 100644 --- a/src/libstore/local-binary-cache-store.cc +++ b/src/libstore/local-binary-cache-store.cc @@ -11,8 +11,7 @@ private: public: LocalBinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir); + const Path & secretKeyFile, const Path & binaryCacheDir); void init() override; @@ -27,9 +26,8 @@ protected: }; LocalBinaryCacheStore::LocalBinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir) - : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile) + const Path & secretKeyFile, const Path & binaryCacheDir) + : BinaryCacheStore(localStore, secretKeyFile) , binaryCacheDir(binaryCacheDir) { } @@ -66,19 +64,18 @@ std::string LocalBinaryCacheStore::getFile(const std::string & path) } ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir) + const Path & secretKeyFile, const Path & binaryCacheDir) { - auto store = std::make_shared<LocalBinaryCacheStore>( - localStore, secretKeyFile, publicKeyFile, binaryCacheDir); + auto store = make_ref<LocalBinaryCacheStore>( + localStore, secretKeyFile, binaryCacheDir); store->init(); - return ref<Store>(std::shared_ptr<Store>(store)); + return store; } static RegisterStoreImplementation regStore([](const std::string & uri) -> std::shared_ptr<Store> { if (std::string(uri, 0, 7) != "file://") return 0; return openLocalBinaryCacheStore(std::shared_ptr<Store>(0), - "", "", // FIXME: allow the signing key to be set + "", // FIXME: allow the signing key to be set std::string(uri, 7)); }); diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh index 9825d45db102..adec0fb788c8 100644 --- a/src/libstore/store-api.hh +++ b/src/libstore/store-api.hh @@ -454,8 +454,7 @@ ref<Store> openStore(); ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir); + const Path & secretKeyFile, const Path & binaryCacheDir); /* Store implementation registration. */ |