about summary refs log tree commit diff
path: root/src/libstore/nar-info.hh
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2016-02-16T15·38+0100
committerEelco Dolstra <eelco.dolstra@logicblox.com>2016-02-16T15·38+0100
commitc4d22997f364a7fc2e5a8150c0a4a55590a92df5 (patch)
tree8167aef94ba86e0650a423fe21180fff42ccb118 /src/libstore/nar-info.hh
parent5ac27053e9bc4722dde5bd3243488d8e9a0b4623 (diff)
Add C++ functions for .narinfo processing / signing
This is currently only used by the Hydra queue runner rework, but like
eff5021eaa6dc69f65ea1a8abe8f3ab11ef5eb0a it presumably will be useful
for the C++ rewrite of nix-push and
download-from-binary-cache. (@shlevy)
Diffstat (limited to 'src/libstore/nar-info.hh')
-rw-r--r--src/libstore/nar-info.hh43
1 files changed, 43 insertions, 0 deletions
diff --git a/src/libstore/nar-info.hh b/src/libstore/nar-info.hh
new file mode 100644
index 000000000000..22e27cb42ebf
--- /dev/null
+++ b/src/libstore/nar-info.hh
@@ -0,0 +1,43 @@
+#pragma once
+
+#include "types.hh"
+#include "hash.hh"
+#include "store-api.hh"
+
+namespace nix {
+
+struct NarInfo : ValidPathInfo
+{
+    std::string url;
+    std::string compression;
+    Hash fileHash;
+    uint64_t fileSize = 0;
+    std::string system;
+    std::string sig; // FIXME: support multiple signatures
+
+    NarInfo() { }
+    NarInfo(const ValidPathInfo & info) : ValidPathInfo(info) { }
+    NarInfo(const std::string & s, const std::string & whence);
+
+    std::string to_string() const;
+
+    /*  Return a fingerprint of the store path to be used in binary
+        cache signatures. It contains the store path, the base-32
+        SHA-256 hash of the NAR serialisation of the path, the size of
+        the NAR, and the sorted references. The size field is strictly
+        speaking superfluous, but might prevent endless/excessive data
+        attacks. */
+    std::string fingerprint() const;
+
+    void sign(const SecretKey & secretKey);
+
+    /* Return true iff this .narinfo is signed by one of the specified
+       keys. */
+    bool checkSignature(const PublicKeys & publicKeys) const;
+
+private:
+
+    Strings shortRefs() const;
+};
+
+}