4 files changed, 108 insertions, 37 deletions

diff --git a/src/libutil/hash.cc b/src/libutil/hash.cc
index 39eb28936..4b82f191e 100644
--- a/src/libutil/hash.cc
+++ b/src/libutil/hash.cc
@@ -7,6 +7,7 @@
 #include "args.hh"
 #include "hash.hh"
 #include "archive.hh"
+#include "parser.hh"
 #include "util.hh"
 #include "istringstream_nocopy.hh"
 
@@ -26,7 +27,7 @@ static size_t regularHashSize(HashType type) {
     abort();
 }
 
-void Hash::init()
+Hash::Hash(HashType type) : type(type)
 {
     hashSize = regularHashSize(type);
     assert(hashSize <= maxHashSize);
@@ -131,57 +132,89 @@ std::string Hash::to_string(Base base, bool includeType) const
     return s;
 }
 
-Hash::Hash(std::string_view s, HashType type) : Hash(s, std::optional { type }) { }
-Hash::Hash(std::string_view s) : Hash(s, std::optional<HashType>{}) { }
-
-Hash::Hash(std::string_view original, std::optional<HashType> optType)
-{
+Hash Hash::parseSRI(std::string_view original) {
     auto rest = original;
 
-    size_t pos = 0;
+    // Parse the has type before the separater, if there was one.
+    auto hashRaw = splitPrefixTo(rest, '-');
+    if (!hashRaw)
+        throw BadHash("hash '%s' is not SRI", original);
+    HashType parsedType = parseHashType(*hashRaw);
+
+    return Hash(rest, parsedType, true);
+}
+
+// Mutates the string to eliminate the prefixes when found
+static std::pair<std::optional<HashType>, bool> getParsedTypeAndSRI(std::string_view & rest) {
     bool isSRI = false;
 
     // Parse the has type before the separater, if there was one.
     std::optional<HashType> optParsedType;
     {
-        auto sep = rest.find(':');
-        if (sep == std::string_view::npos) {
-            sep = rest.find('-');
-            if (sep != std::string_view::npos)
+        auto hashRaw = splitPrefixTo(rest, ':');
+
+        if (!hashRaw) {
+            hashRaw = splitPrefixTo(rest, '-');
+            if (hashRaw)
                 isSRI = true;
         }
-        if (sep != std::string_view::npos) {
-            auto hashRaw = rest.substr(0, sep);
-            optParsedType = parseHashType(hashRaw);
-            rest = rest.substr(sep + 1);
-        }
+        if (hashRaw)
+            optParsedType = parseHashType(*hashRaw);
     }
 
+    return {optParsedType, isSRI};
+}
+
+Hash Hash::parseAnyPrefixed(std::string_view original)
+{
+    auto rest = original;
+    auto [optParsedType, isSRI] = getParsedTypeAndSRI(rest);
+
     // Either the string or user must provide the type, if they both do they
     // must agree.
-    if (!optParsedType && !optType) {
+    if (!optParsedType)
+        throw BadHash("hash '%s' does not include a type.", rest);
+
+    return Hash(rest, *optParsedType, isSRI);
+}
+
+Hash Hash::parseAny(std::string_view original, std::optional<HashType> optType)
+{
+    auto rest = original;
+    auto [optParsedType, isSRI] = getParsedTypeAndSRI(rest);
+
+    // Either the string or user must provide the type, if they both do they
+    // must agree.
+    if (!optParsedType && !optType)
         throw BadHash("hash '%s' does not include a type, nor is the type otherwise known from context.", rest);
-    } else {
-        this->type = optParsedType ? *optParsedType : *optType;
-        if (optParsedType && optType && *optParsedType != *optType)
-            throw BadHash("hash '%s' should have type '%s'", original, printHashType(*optType));
-    }
+    else if (optParsedType && optType && *optParsedType != *optType)
+        throw BadHash("hash '%s' should have type '%s'", original, printHashType(*optType));
+
+    HashType hashType = optParsedType ? *optParsedType : *optType;
+    return Hash(rest, hashType, isSRI);
+}
 
-    init();
+Hash Hash::parseNonSRIUnprefixed(std::string_view s, HashType type)
+{
+    return Hash(s, type, false);
+}
 
+Hash::Hash(std::string_view rest, HashType type, bool isSRI)
+    : Hash(type)
+{
     if (!isSRI && rest.size() == base16Len()) {
 
         auto parseHexDigit = [&](char c) {
             if (c >= '0' && c <= '9') return c - '0';
             if (c >= 'A' && c <= 'F') return c - 'A' + 10;
             if (c >= 'a' && c <= 'f') return c - 'a' + 10;
-            throw BadHash("invalid base-16 hash '%s'", original);
+            throw BadHash("invalid base-16 hash '%s'", rest);
         };
 
         for (unsigned int i = 0; i < hashSize; i++) {
             hash[i] =
-                parseHexDigit(rest[pos + i * 2]) << 4
-                | parseHexDigit(rest[pos + i * 2 + 1]);
+                parseHexDigit(rest[i * 2]) << 4
+                | parseHexDigit(rest[i * 2 + 1]);
         }
     }
 
@@ -193,7 +226,7 @@ Hash::Hash(std::string_view original, std::optional<HashType> optType)
             for (digit = 0; digit < base32Chars.size(); ++digit) /* !!! slow */
                 if (base32Chars[digit] == c) break;
             if (digit >= 32)
-                throw BadHash("invalid base-32 hash '%s'", original);
+                throw BadHash("invalid base-32 hash '%s'", rest);
             unsigned int b = n * 5;
             unsigned int i = b / 8;
             unsigned int j = b % 8;
@@ -203,7 +236,7 @@ Hash::Hash(std::string_view original, std::optional<HashType> optType)
                 hash[i + 1] |= digit >> (8 - j);
             } else {
                 if (digit >> (8 - j))
-                    throw BadHash("invalid base-32 hash '%s'", original);
+                    throw BadHash("invalid base-32 hash '%s'", rest);
             }
         }
     }
@@ -211,7 +244,7 @@ Hash::Hash(std::string_view original, std::optional<HashType> optType)
     else if (isSRI || rest.size() == base64Len()) {
         auto d = base64Decode(rest);
         if (d.size() != hashSize)
-            throw BadHash("invalid %s hash '%s'", isSRI ? "SRI" : "base-64", original);
+            throw BadHash("invalid %s hash '%s'", isSRI ? "SRI" : "base-64", rest);
         assert(hashSize);
         memcpy(hash, d.data(), hashSize);
     }
@@ -229,7 +262,7 @@ Hash newHashAllowEmpty(std::string hashStr, std::optional<HashType> ht)
         warn("found empty hash, assuming '%s'", h.to_string(SRI, true));
         return h;
     } else
-        return Hash(hashStr, ht);
+        return Hash::parseAny(hashStr, ht);
 }
 
 
diff --git a/src/libutil/hash.hh b/src/libutil/hash.hh
index a55295912..af11a028d 100644
--- a/src/libutil/hash.hh
+++ b/src/libutil/hash.hh
@@ -32,21 +32,26 @@ struct Hash
     HashType type;
 
     /* Create a zero-filled hash object. */
-    Hash(HashType type) : type(type) { init(); };
+    Hash(HashType type);
 
     /* Initialize the hash from a string representation, in the format
        "[<type>:]<base16|base32|base64>" or "<type>-<base64>" (a
        Subresource Integrity hash expression). If the 'type' argument
        is not present, then the hash type must be specified in the
        string. */
-    Hash(std::string_view s, std::optional<HashType> type);
-    // type must be provided
-    Hash(std::string_view s, HashType type);
+    static Hash parseAny(std::string_view s, std::optional<HashType> type);
     // hash type must be part of string
-    Hash(std::string_view s);
+    static Hash parseAnyPrefixed(std::string_view s);
+    // prefix parsed separately; non SRI hash
+    static Hash parseNonSRIUnprefixed(std::string_view s, HashType type);
 
-    void init();
+    static Hash parseSRI(std::string_view original);
 
+private:
+    // type must be provided, s must not include <type> prefix
+    Hash(std::string_view s, HashType type, bool isSRI);
+
+public:
     /* Check whether a hash is set. */
     operator bool () const { return (bool) type; }
 
diff --git a/src/libutil/parser.hh b/src/libutil/parser.hh
new file mode 100644
index 000000000..d19d7d8ed
--- /dev/null
+++ b/src/libutil/parser.hh
@@ -0,0 +1,33 @@
+#pragma once
+
+#include <optional>
+#include <string_view>
+
+#include "util.hh"
+
+namespace nix {
+
+// If `separator` is found, we return the portion of the string before the
+// separator, and modify the string argument to contain only the part after the
+// separator. Otherwise, wer return `std::nullopt`, and we leave the argument
+// string alone.
+static inline std::optional<std::string_view> splitPrefixTo(std::string_view & string, char separator) {
+    auto sepInstance = string.find(separator);
+
+    if (sepInstance != std::string_view::npos) {
+        auto prefix = string.substr(0, sepInstance);
+        string.remove_prefix(sepInstance+1);
+        return prefix;
+    }
+
+    return std::nullopt;
+}
+
+static inline bool splitPrefix(std::string_view & string, std::string_view prefix) {
+    bool res = hasPrefix(string, prefix);
+    if (res)
+        string.remove_prefix(prefix.length());
+    return res;
+}
+
+}
diff --git a/src/libutil/util.cc b/src/libutil/util.cc
index 1268b146a..ed43c403f 100644
--- a/src/libutil/util.cc
+++ b/src/libutil/util.cc
@@ -1433,7 +1433,7 @@ string base64Decode(std::string_view s)
 
         char digit = decode[(unsigned char) c];
         if (digit == -1)
-            throw Error("invalid character in Base64 string");
+            throw Error("invalid character in Base64 string: '%c'", c);
 
         bits += 6;
         d = d << 6 | digit;