aboutsummaryrefslogtreecommitdiff
path: root/src/nix/sigs.cc
diff options
context:
space:
mode:
authorEelco Dolstra <eelco.dolstra@logicblox.com>2016-04-05 16:39:29 +0200
committerEelco Dolstra <eelco.dolstra@logicblox.com>2016-04-05 16:39:29 +0200
commitb654381eb38b98aa92df343e3c4a939c1e584443 (patch)
treef9409aebdcbcad53dc88d71fc6249db0b1bc01de /src/nix/sigs.cc
parentd0f5719c2a2e5a0eea49dc072b26e7d161564bbb (diff)
Add "nix sign-paths" command
E.g. $ nix sign-paths -k ./secret -r $(type -p geeqie) signs geeqie and all its dependencies using the key in ./secret.
Diffstat (limited to 'src/nix/sigs.cc')
-rw-r--r--src/nix/sigs.cc50
1 files changed, 49 insertions, 1 deletions
diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc
index e3544a1fd..bcc46c3e7 100644
--- a/src/nix/sigs.cc
+++ b/src/nix/sigs.cc
@@ -34,7 +34,7 @@ struct CmdCopySigs : StorePathsCommand
restoreAffinity(); // FIXME
if (substituterUris.empty())
- throw UsageError("you must specify at least one subtituter using ‘-s’");
+ throw UsageError("you must specify at least one substituter using ‘-s’");
// FIXME: factor out commonality with MixVerify.
std::vector<ref<Store>> substituters;
@@ -131,3 +131,51 @@ struct CmdQueryPathSigs : StorePathsCommand
};
static RegisterCommand r2(make_ref<CmdQueryPathSigs>());
+
+struct CmdSignPaths : StorePathsCommand
+{
+ Path secretKeyFile;
+
+ CmdSignPaths()
+ {
+ mkFlag('k', "key-file", {"file"}, "file containing the secret signing key", &secretKeyFile);
+ }
+
+ std::string name() override
+ {
+ return "sign-paths";
+ }
+
+ std::string description() override
+ {
+ return "sign the specified paths";
+ }
+
+ void run(ref<Store> store, Paths storePaths) override
+ {
+ if (secretKeyFile.empty())
+ throw UsageError("you must specify a secret key file using ‘-k’");
+
+ SecretKey secretKey(readFile(secretKeyFile));
+
+ size_t added{0};
+
+ for (auto & storePath : storePaths) {
+ auto info = store->queryPathInfo(storePath);
+
+ auto info2(info);
+ info2.sigs.clear();
+ info2.sign(secretKey);
+ assert(!info2.sigs.empty());
+
+ if (!info.sigs.count(*info2.sigs.begin())) {
+ store->addSignatures(storePath, info2.sigs);
+ added++;
+ }
+ }
+
+ printMsg(lvlInfo, format("added %d signatures") % added);
+ }
+};
+
+static RegisterCommand r3(make_ref<CmdSignPaths>());