about summary refs log tree commit diff
path: root/tvix/nix-compat
diff options
context:
space:
mode:
Diffstat (limited to 'tvix/nix-compat')
-rw-r--r--tvix/nix-compat/src/store_path/mod.rs13
-rw-r--r--tvix/nix-compat/src/store_path/utils.rs9
2 files changed, 17 insertions, 5 deletions
diff --git a/tvix/nix-compat/src/store_path/mod.rs b/tvix/nix-compat/src/store_path/mod.rs
index c744f1a46afe..3638ce6e87df 100644
--- a/tvix/nix-compat/src/store_path/mod.rs
+++ b/tvix/nix-compat/src/store_path/mod.rs
@@ -215,10 +215,21 @@ impl<'a> StorePathRef<'a> {
     }
 
     /// Construct a [StorePathRef] from a name and digest.
+    /// The name is validated, and the digest checked for size.
     pub fn from_name_and_digest(name: &'a str, digest: &[u8]) -> Result<Self, Error> {
+        let digest_fixed = digest.try_into().map_err(|_| Error::InvalidLength)?;
+        Self::from_name_and_digest_fixed(name, digest_fixed)
+    }
+
+    /// Construct a [StorePathRef] from a name and digest of correct length.
+    /// The name is validated.
+    pub fn from_name_and_digest_fixed(
+        name: &'a str,
+        digest: [u8; DIGEST_SIZE],
+    ) -> Result<Self, Error> {
         Ok(Self {
             name: validate_name(name.as_bytes())?,
-            digest: digest.try_into().map_err(|_| Error::InvalidLength)?,
+            digest,
         })
     }
 
diff --git a/tvix/nix-compat/src/store_path/utils.rs b/tvix/nix-compat/src/store_path/utils.rs
index d060e0eac925..d6f390db85c2 100644
--- a/tvix/nix-compat/src/store_path/utils.rs
+++ b/tvix/nix-compat/src/store_path/utils.rs
@@ -1,6 +1,6 @@
 use crate::nixbase32;
 use crate::nixhash::{CAHash, NixHash};
-use crate::store_path::{Error, StorePathRef, DIGEST_SIZE, STORE_DIR};
+use crate::store_path::{Error, StorePathRef, STORE_DIR};
 use data_encoding::HEXLOWER;
 use sha2::{Digest, Sha256};
 use thiserror;
@@ -154,10 +154,11 @@ fn build_store_path_from_fingerprint_parts<'a>(
         "{ty}:sha256:{}:{STORE_DIR}:{name}",
         HEXLOWER.encode(inner_digest)
     );
-    let digest: [u8; DIGEST_SIZE] = compress_hash(&Sha256::new_with_prefix(fingerprint).finalize());
-
     // name validation happens in here.
-    StorePathRef::from_name_and_digest(name, &digest)
+    StorePathRef::from_name_and_digest_fixed(
+        name,
+        compress_hash(&Sha256::new_with_prefix(fingerprint).finalize()),
+    )
 }
 
 /// This contains the Nix logic to create "text hash strings", which are used