about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2016-03-04T16·08+0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2016-03-04T16·45+0100
commitaf7cdb1096dd12f0ca06d78f5e5a3f5e9f57b3a8 (patch)
tree1b8ff00a1183f12cd5d8f8b8ea445ec7d34c1d72
parent42bc395b63260e13f42e4bf348823799e78e445f (diff)
BinaryCacheStore: Remove publicKeyFile argument
The public key can be derived from the secret key, so there's no need
for the user to supply it separately.
-rw-r--r--src/libstore/binary-cache-store.cc9
-rw-r--r--src/libstore/binary-cache-store.hh3
-rw-r--r--src/libstore/crypto.cc11
-rw-r--r--src/libstore/crypto.hh12
-rw-r--r--src/libstore/http-binary-cache-store.cc7
-rw-r--r--src/libstore/local-binary-cache-store.cc19
-rw-r--r--src/libstore/store-api.hh3
7 files changed, 39 insertions, 25 deletions
diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc
index 01d937f2e56a..5ded16d028b0 100644
--- a/src/libstore/binary-cache-store.cc
+++ b/src/libstore/binary-cache-store.cc
@@ -14,16 +14,13 @@
 namespace nix {
 
 BinaryCacheStore::BinaryCacheStore(std::shared_ptr<Store> localStore,
-    const Path & secretKeyFile, const Path & publicKeyFile)
+    const Path & secretKeyFile)
     : localStore(localStore)
 {
-    if (secretKeyFile != "")
+    if (secretKeyFile != "") {
         secretKey = std::unique_ptr<SecretKey>(new SecretKey(readFile(secretKeyFile)));
-
-    if (publicKeyFile != "") {
         publicKeys = std::unique_ptr<PublicKeys>(new PublicKeys);
-        auto key = PublicKey(readFile(publicKeyFile));
-        publicKeys->emplace(key.name, key);
+        publicKeys->emplace(secretKey->name, secretKey->toPublicKey());
     }
 
     StringSink sink;
diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/binary-cache-store.hh
index 6feb84cd2b10..c99556f33692 100644
--- a/src/libstore/binary-cache-store.hh
+++ b/src/libstore/binary-cache-store.hh
@@ -31,8 +31,7 @@ private:
 
 protected:
 
-    BinaryCacheStore(std::shared_ptr<Store> localStore,
-        const Path & secretKeyFile, const Path & publicKeyFile);
+    BinaryCacheStore(std::shared_ptr<Store> localStore, const Path & secretKeyFile);
 
     [[noreturn]] void notImpl();
 
diff --git a/src/libstore/crypto.cc b/src/libstore/crypto.cc
index c1b57e51d9b4..53e94e1f5997 100644
--- a/src/libstore/crypto.cc
+++ b/src/libstore/crypto.cc
@@ -55,6 +55,17 @@ std::string SecretKey::signDetached(const std::string & data) const
 #endif
 }
 
+PublicKey SecretKey::toPublicKey() const
+{
+#if HAVE_SODIUM
+    unsigned char pk[crypto_sign_PUBLICKEYBYTES];
+    crypto_sign_ed25519_sk_to_pk(pk, (unsigned char *) key.data());
+    return PublicKey(name, std::string((char *) pk, crypto_sign_PUBLICKEYBYTES));
+#else
+    noSodium();
+#endif
+}
+
 PublicKey::PublicKey(const string & s)
     : Key(s)
 {
diff --git a/src/libstore/crypto.hh b/src/libstore/crypto.hh
index a1489e753649..33b79cb2e8fe 100644
--- a/src/libstore/crypto.hh
+++ b/src/libstore/crypto.hh
@@ -15,19 +15,31 @@ struct Key
        ‘<name>:<key-in-base64>’. */
     Key(const std::string & s);
 
+protected:
+    Key(const std::string & name, const std::string & key)
+        : name(name), key(key) { }
 };
 
+struct PublicKey;
+
 struct SecretKey : Key
 {
     SecretKey(const std::string & s);
 
     /* Return a detached signature of the given string. */
     std::string signDetached(const std::string & s) const;
+
+    PublicKey toPublicKey() const;
 };
 
 struct PublicKey : Key
 {
     PublicKey(const std::string & data);
+
+private:
+    PublicKey(const std::string & name, const std::string & key)
+        : Key(name, key) { }
+    friend class SecretKey;
 };
 
 typedef std::map<std::string, PublicKey> PublicKeys;
diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc
index 78f4497e7665..861e13c7fe39 100644
--- a/src/libstore/http-binary-cache-store.cc
+++ b/src/libstore/http-binary-cache-store.cc
@@ -14,9 +14,8 @@ private:
 public:
 
     HttpBinaryCacheStore(std::shared_ptr<Store> localStore,
-        const Path & secretKeyFile, const Path & publicKeyFile,
-        const Path & _cacheUri)
-        : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile)
+        const Path & secretKeyFile, const Path & _cacheUri)
+        : BinaryCacheStore(localStore, secretKeyFile)
         , cacheUri(_cacheUri)
         , downloader(makeDownloader())
     {
@@ -66,7 +65,7 @@ static RegisterStoreImplementation regStore([](const std::string & uri) -> std::
     if (std::string(uri, 0, 7) != "http://" &&
         std::string(uri, 0, 8) != "https://") return 0;
     auto store = std::make_shared<HttpBinaryCacheStore>(std::shared_ptr<Store>(0),
-        "", "", // FIXME: allow the signing key to be set
+        "", // FIXME: allow the signing key to be set
         uri);
     store->init();
     return store;
diff --git a/src/libstore/local-binary-cache-store.cc b/src/libstore/local-binary-cache-store.cc
index 8590aea185d4..6adabaf9f1ca 100644
--- a/src/libstore/local-binary-cache-store.cc
+++ b/src/libstore/local-binary-cache-store.cc
@@ -11,8 +11,7 @@ private:
 public:
 
     LocalBinaryCacheStore(std::shared_ptr<Store> localStore,
-        const Path & secretKeyFile, const Path & publicKeyFile,
-        const Path & binaryCacheDir);
+        const Path & secretKeyFile, const Path & binaryCacheDir);
 
     void init() override;
 
@@ -27,9 +26,8 @@ protected:
 };
 
 LocalBinaryCacheStore::LocalBinaryCacheStore(std::shared_ptr<Store> localStore,
-    const Path & secretKeyFile, const Path & publicKeyFile,
-    const Path & binaryCacheDir)
-    : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile)
+    const Path & secretKeyFile, const Path & binaryCacheDir)
+    : BinaryCacheStore(localStore, secretKeyFile)
     , binaryCacheDir(binaryCacheDir)
 {
 }
@@ -66,19 +64,18 @@ std::string LocalBinaryCacheStore::getFile(const std::string & path)
 }
 
 ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore,
-    const Path & secretKeyFile, const Path & publicKeyFile,
-    const Path & binaryCacheDir)
+    const Path & secretKeyFile, const Path & binaryCacheDir)
 {
-    auto store = std::make_shared<LocalBinaryCacheStore>(
-        localStore, secretKeyFile, publicKeyFile, binaryCacheDir);
+    auto store = make_ref<LocalBinaryCacheStore>(
+        localStore, secretKeyFile, binaryCacheDir);
     store->init();
-    return ref<Store>(std::shared_ptr<Store>(store));
+    return store;
 }
 
 static RegisterStoreImplementation regStore([](const std::string & uri) -> std::shared_ptr<Store> {
     if (std::string(uri, 0, 7) != "file://") return 0;
     return openLocalBinaryCacheStore(std::shared_ptr<Store>(0),
-        "", "", // FIXME: allow the signing key to be set
+        "", // FIXME: allow the signing key to be set
         std::string(uri, 7));
 });
 
diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh
index 9825d45db102..adec0fb788c8 100644
--- a/src/libstore/store-api.hh
+++ b/src/libstore/store-api.hh
@@ -454,8 +454,7 @@ ref<Store> openStore();
 
 
 ref<Store> openLocalBinaryCacheStore(std::shared_ptr<Store> localStore,
-    const Path & secretKeyFile, const Path & publicKeyFile,
-    const Path & binaryCacheDir);
+    const Path & secretKeyFile, const Path & binaryCacheDir);
 
 
 /* Store implementation registration. */