wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-27 00:11:17 +02:00
Code Activity

Move signPathInfo to Store

Browse source 
Motivation is the same for moving `signRealisation` in
db8439c328.
This commit is contained in:
John Ericson 2025-03-14 13:15:58 -04:00
parent 1bff2aeec0
commit d572533774
4 changed files with 21 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/libstore/local-store.cc
View file

@ -1585,20 +1585,6 @@ void LocalStore::addSignatures(const StorePath & storePath, const StringSet & si
} }
void LocalStore::signPathInfo(ValidPathInfo & info)
{
// FIXME: keep secret keys in memory.
auto secretKeyFiles = settings.secretKeyFiles;
for (auto & secretKeyFile : secretKeyFiles.get()) {
SecretKey secretKey(readFile(secretKeyFile));
LocalSigner signer(std::move(secretKey));
info.sign(*this, signer);
}
}
std::optional<std::pair<int64_t, Realisation>> LocalStore::queryRealisationCore_( std::optional<std::pair<int64_t, Realisation>> LocalStore::queryRealisationCore_(
LocalStore::State & state, LocalStore::State & state,
const DrvOutput & id) const DrvOutput & id)

6
src/libstore/local-store.hh
View file

@ -396,12 +396,6 @@ private:
bool isValidPath_(State & state, const StorePath & path); bool isValidPath_(State & state, const StorePath & path);
void queryReferrers(State & state, const StorePath & path, StorePathSet & referrers); void queryReferrers(State & state, const StorePath & path, StorePathSet & referrers);
/**
* Add signatures to a ValidPathInfo or Realisation using the secret keys
* specified by the secret-key-files option.
*/
void signPathInfo(ValidPathInfo & info);
void addBuildLog(const StorePath & drvPath, std::string_view log) override; void addBuildLog(const StorePath & drvPath, std::string_view log) override;
friend struct LocalDerivationGoal; friend struct LocalDerivationGoal;

15
src/libstore/store-api.cc
View file

@ -1274,6 +1274,21 @@ Derivation Store::readDerivation(const StorePath & drvPath)
Derivation Store::readInvalidDerivation(const StorePath & drvPath) Derivation Store::readInvalidDerivation(const StorePath & drvPath)
{ return readDerivationCommon(*this, drvPath, false); } { return readDerivationCommon(*this, drvPath, false); }
void Store::signPathInfo(ValidPathInfo & info)
{
// FIXME: keep secret keys in memory.
auto secretKeyFiles = settings.secretKeyFiles;
for (auto & secretKeyFile : secretKeyFiles.get()) {
SecretKey secretKey(readFile(secretKeyFile));
LocalSigner signer(std::move(secretKey));
info.sign(*this, signer);
}
}
void Store::signRealisation(Realisation & realisation) void Store::signRealisation(Realisation & realisation)
{ {
// FIXME: keep secret keys in memory. // FIXME: keep secret keys in memory.

6
src/libstore/store-api.hh
View file

@ -622,6 +622,12 @@ public:
virtual void addSignatures(const StorePath & storePath, const StringSet & sigs) virtual void addSignatures(const StorePath & storePath, const StringSet & sigs)
{ unsupported("addSignatures"); } { unsupported("addSignatures"); }
/**
* Add signatures to a ValidPathInfo or Realisation using the secret keys
* specified by the secret-key-files option.
*/
void signPathInfo(ValidPathInfo & info);
void signRealisation(Realisation &); void signRealisation(Realisation &);
/* Utility functions. */ /* Utility functions. */