diff options
author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-04-07 15:07:00 +0200 |
---|---|---|
committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2016-04-07 15:16:57 +0200 |
commit | 6b2ae528081d1f5082b687eb71531bc795d8d03a (patch) | |
tree | 8d523c74fb0c71835b91a0ca98d2f8d1e86e6209 /src | |
parent | e39999ed48f7bce81555d1cd58918e59dffcf922 (diff) |
Use secret-key-files for verifying
Diffstat (limited to 'src')
-rw-r--r-- | src/libstore/crypto.cc | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/src/libstore/crypto.cc b/src/libstore/crypto.cc index 94c582d65..747483afb 100644 --- a/src/libstore/crypto.cc +++ b/src/libstore/crypto.cc @@ -102,11 +102,24 @@ bool verifyDetached(const std::string & data, const std::string & sig, PublicKeys getDefaultPublicKeys() { PublicKeys publicKeys; + + // FIXME: filter duplicates + for (auto s : settings.get("binary-cache-public-keys", Strings())) { PublicKey key(s); publicKeys.emplace(key.name, key); - // FIXME: filter duplicates } + + for (auto secretKeyFile : settings.get("secret-key-files", Strings())) { + try { + SecretKey secretKey(readFile(secretKeyFile)); + publicKeys.emplace(secretKey.name, secretKey.toPublicKey()); + } catch (SysError & e) { + /* Ignore unreadable key files. That's normal in a + multi-user installation. */ + } + } + return publicKeys; } |