diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-04-05 16:39:29 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-04-05 16:39:29 +0200 |
commit | b654381eb38b98aa92df343e3c4a939c1e584443 (patch) | |
tree | f9409aebdcbcad53dc88d71fc6249db0b1bc01de /src/nix/sigs.cc | |
parent | d0f5719c2a2e5a0eea49dc072b26e7d161564bbb (diff) |
Add "nix sign-paths" command
E.g.
$ nix sign-paths -k ./secret -r $(type -p geeqie)
signs geeqie and all its dependencies using the key in ./secret.
Diffstat (limited to 'src/nix/sigs.cc')
-rw-r--r-- | src/nix/sigs.cc | 50 |
1 files changed, 49 insertions, 1 deletions
diff --git a/src/nix/sigs.cc b/src/nix/sigs.cc index e3544a1fd..bcc46c3e7 100644 --- a/src/nix/sigs.cc +++ b/src/nix/sigs.cc @@ -34,7 +34,7 @@ struct CmdCopySigs : StorePathsCommand restoreAffinity(); // FIXME if (substituterUris.empty()) - throw UsageError("you must specify at least one subtituter using ‘-s’"); + throw UsageError("you must specify at least one substituter using ‘-s’"); // FIXME: factor out commonality with MixVerify. std::vector<ref<Store>> substituters; @@ -131,3 +131,51 @@ struct CmdQueryPathSigs : StorePathsCommand }; static RegisterCommand r2(make_ref<CmdQueryPathSigs>()); + +struct CmdSignPaths : StorePathsCommand +{ + Path secretKeyFile; + + CmdSignPaths() + { + mkFlag('k', "key-file", {"file"}, "file containing the secret signing key", &secretKeyFile); + } + + std::string name() override + { + return "sign-paths"; + } + + std::string description() override + { + return "sign the specified paths"; + } + + void run(ref<Store> store, Paths storePaths) override + { + if (secretKeyFile.empty()) + throw UsageError("you must specify a secret key file using ‘-k’"); + + SecretKey secretKey(readFile(secretKeyFile)); + + size_t added{0}; + + for (auto & storePath : storePaths) { + auto info = store->queryPathInfo(storePath); + + auto info2(info); + info2.sigs.clear(); + info2.sign(secretKey); + assert(!info2.sigs.empty()); + + if (!info.sigs.count(*info2.sigs.begin())) { + store->addSignatures(storePath, info2.sigs); + added++; + } + } + + printMsg(lvlInfo, format("added %d signatures") % added); + } +}; + +static RegisterCommand r3(make_ref<CmdSignPaths>()); |