From af7cdb1096dd12f0ca06d78f5e5a3f5e9f57b3a8 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 4 Mar 2016 17:08:30 +0100 Subject: [PATCH] BinaryCacheStore: Remove publicKeyFile argument The public key can be derived from the secret key, so there's no need for the user to supply it separately. --- src/libstore/binary-cache-store.cc | 9 +++------ src/libstore/binary-cache-store.hh | 3 +-- src/libstore/crypto.cc | 11 +++++++++++ src/libstore/crypto.hh | 12 ++++++++++++ src/libstore/http-binary-cache-store.cc | 7 +++---- src/libstore/local-binary-cache-store.cc | 19 ++++++++----------- src/libstore/store-api.hh | 3 +-- 7 files changed, 39 insertions(+), 25 deletions(-) diff --git a/src/libstore/binary-cache-store.cc b/src/libstore/binary-cache-store.cc index 01d937f2e..5ded16d02 100644 --- a/src/libstore/binary-cache-store.cc +++ b/src/libstore/binary-cache-store.cc @@ -14,16 +14,13 @@ namespace nix { BinaryCacheStore::BinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile) + const Path & secretKeyFile) : localStore(localStore) { - if (secretKeyFile != "") + if (secretKeyFile != "") { secretKey = std::unique_ptr(new SecretKey(readFile(secretKeyFile))); - - if (publicKeyFile != "") { publicKeys = std::unique_ptr(new PublicKeys); - auto key = PublicKey(readFile(publicKeyFile)); - publicKeys->emplace(key.name, key); + publicKeys->emplace(secretKey->name, secretKey->toPublicKey()); } StringSink sink; diff --git a/src/libstore/binary-cache-store.hh b/src/libstore/binary-cache-store.hh index 6feb84cd2..c99556f33 100644 --- a/src/libstore/binary-cache-store.hh +++ b/src/libstore/binary-cache-store.hh @@ -31,8 +31,7 @@ private: protected: - BinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile); + BinaryCacheStore(std::shared_ptr localStore, const Path & secretKeyFile); [[noreturn]] void notImpl(); diff --git a/src/libstore/crypto.cc b/src/libstore/crypto.cc index c1b57e51d..53e94e1f5 100644 --- a/src/libstore/crypto.cc +++ b/src/libstore/crypto.cc @@ -55,6 +55,17 @@ std::string SecretKey::signDetached(const std::string & data) const #endif } +PublicKey SecretKey::toPublicKey() const +{ +#if HAVE_SODIUM + unsigned char pk[crypto_sign_PUBLICKEYBYTES]; + crypto_sign_ed25519_sk_to_pk(pk, (unsigned char *) key.data()); + return PublicKey(name, std::string((char *) pk, crypto_sign_PUBLICKEYBYTES)); +#else + noSodium(); +#endif +} + PublicKey::PublicKey(const string & s) : Key(s) { diff --git a/src/libstore/crypto.hh b/src/libstore/crypto.hh index a1489e753..33b79cb2e 100644 --- a/src/libstore/crypto.hh +++ b/src/libstore/crypto.hh @@ -15,19 +15,31 @@ struct Key ‘:’. */ Key(const std::string & s); +protected: + Key(const std::string & name, const std::string & key) + : name(name), key(key) { } }; +struct PublicKey; + struct SecretKey : Key { SecretKey(const std::string & s); /* Return a detached signature of the given string. */ std::string signDetached(const std::string & s) const; + + PublicKey toPublicKey() const; }; struct PublicKey : Key { PublicKey(const std::string & data); + +private: + PublicKey(const std::string & name, const std::string & key) + : Key(name, key) { } + friend class SecretKey; }; typedef std::map PublicKeys; diff --git a/src/libstore/http-binary-cache-store.cc b/src/libstore/http-binary-cache-store.cc index 78f4497e7..861e13c7f 100644 --- a/src/libstore/http-binary-cache-store.cc +++ b/src/libstore/http-binary-cache-store.cc @@ -14,9 +14,8 @@ private: public: HttpBinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & _cacheUri) - : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile) + const Path & secretKeyFile, const Path & _cacheUri) + : BinaryCacheStore(localStore, secretKeyFile) , cacheUri(_cacheUri) , downloader(makeDownloader()) { @@ -66,7 +65,7 @@ static RegisterStoreImplementation regStore([](const std::string & uri) -> std:: if (std::string(uri, 0, 7) != "http://" && std::string(uri, 0, 8) != "https://") return 0; auto store = std::make_shared(std::shared_ptr(0), - "", "", // FIXME: allow the signing key to be set + "", // FIXME: allow the signing key to be set uri); store->init(); return store; diff --git a/src/libstore/local-binary-cache-store.cc b/src/libstore/local-binary-cache-store.cc index 8590aea18..6adabaf9f 100644 --- a/src/libstore/local-binary-cache-store.cc +++ b/src/libstore/local-binary-cache-store.cc @@ -11,8 +11,7 @@ private: public: LocalBinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir); + const Path & secretKeyFile, const Path & binaryCacheDir); void init() override; @@ -27,9 +26,8 @@ protected: }; LocalBinaryCacheStore::LocalBinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir) - : BinaryCacheStore(localStore, secretKeyFile, publicKeyFile) + const Path & secretKeyFile, const Path & binaryCacheDir) + : BinaryCacheStore(localStore, secretKeyFile) , binaryCacheDir(binaryCacheDir) { } @@ -66,19 +64,18 @@ std::string LocalBinaryCacheStore::getFile(const std::string & path) } ref openLocalBinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir) + const Path & secretKeyFile, const Path & binaryCacheDir) { - auto store = std::make_shared( - localStore, secretKeyFile, publicKeyFile, binaryCacheDir); + auto store = make_ref( + localStore, secretKeyFile, binaryCacheDir); store->init(); - return ref(std::shared_ptr(store)); + return store; } static RegisterStoreImplementation regStore([](const std::string & uri) -> std::shared_ptr { if (std::string(uri, 0, 7) != "file://") return 0; return openLocalBinaryCacheStore(std::shared_ptr(0), - "", "", // FIXME: allow the signing key to be set + "", // FIXME: allow the signing key to be set std::string(uri, 7)); }); diff --git a/src/libstore/store-api.hh b/src/libstore/store-api.hh index 9825d45db..adec0fb78 100644 --- a/src/libstore/store-api.hh +++ b/src/libstore/store-api.hh @@ -454,8 +454,7 @@ ref openStore(); ref openLocalBinaryCacheStore(std::shared_ptr localStore, - const Path & secretKeyFile, const Path & publicKeyFile, - const Path & binaryCacheDir); + const Path & secretKeyFile, const Path & binaryCacheDir); /* Store implementation registration. */