Make libsodium an optional dependency

1 files changed, 10 insertions, 0 deletions

diff --git a/perl/lib/Nix/Store.xs b/perl/lib/Nix/Store.xs
index 792d2f649935..4c550cdb752c 100644
--- a/perl/lib/Nix/Store.xs
+++ b/perl/lib/Nix/Store.xs
@@ -11,7 +11,9 @@
 #include <misc.hh>
 #include <util.hh>
 
+#if HAVE_SODIUM
 #include <sodium.h>
+#endif
 
 
 using namespace nix;
@@ -228,6 +230,7 @@ SV * hashString(char * algo, int base32, char * s)
 SV * signString(SV * secretKey_, char * msg)
     PPCODE:
         try {
+#if HAVE_SODIUM
             STRLEN secretKeyLen;
             unsigned char * secretKey = (unsigned char *) SvPV(secretKey_, secretKeyLen);
             if (secretKeyLen != crypto_sign_SECRETKEYBYTES)
@@ -237,6 +240,9 @@ SV * signString(SV * secretKey_, char * msg)
             unsigned long long sigLen;
             crypto_sign_detached(sig, &sigLen, (unsigned char *) msg, strlen(msg), secretKey);
             XPUSHs(sv_2mortal(newSVpv((char *) sig, sigLen)));
+#else
+            throw Error("Nix was not compiled with libsodium, required for signed binary cache support");
+#endif
         } catch (Error & e) {
             croak(e.what());
         }
@@ -245,6 +251,7 @@ SV * signString(SV * secretKey_, char * msg)
 int checkSignature(SV * publicKey_, SV * sig_, char * msg)
     CODE:
         try {
+#if HAVE_SODIUM
             STRLEN publicKeyLen;
             unsigned char * publicKey = (unsigned char *) SvPV(publicKey_, publicKeyLen);
             if (publicKeyLen != crypto_sign_PUBLICKEYBYTES)
@@ -256,6 +263,9 @@ int checkSignature(SV * publicKey_, SV * sig_, char * msg)
                 throw Error("signature is not valid");
 
             RETVAL = crypto_sign_verify_detached(sig, (unsigned char *) msg, strlen(msg), publicKey) == 0;
+#else
+            throw Error("Nix was not compiled with libsodium, required for signed binary cache support");
+#endif
         } catch (Error & e) {
             croak(e.what());
         }