From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp0 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id oDxIElSPW19DVQAA0tVLHw
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Fri, 11 Sep 2020 14:53:08 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id WMiqDFSPW18iLgAA1q6Kng
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Fri, 11 Sep 2020 14:53:08 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id DF2F6940366
	for <larch@yhetil.org>; Fri, 11 Sep 2020 14:53:07 +0000 (UTC)
Received: from localhost ([::1]:55528 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1kGkQE-0001rM-P3
	for larch@yhetil.org; Fri, 11 Sep 2020 10:53:06 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:33528)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kGkQA-0001q2-Rf
 for guix-patches@gnu.org; Fri, 11 Sep 2020 10:53:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:33569)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1kGkQA-0007zA-Hm
 for guix-patches@gnu.org; Fri, 11 Sep 2020 10:53:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1kGkQA-0006de-Fx
 for guix-patches@gnu.org; Fri, 11 Sep 2020 10:53:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#43340] [PATCH 2/5] daemon: Isolate signing and signature
 verification functions.
Resent-From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Fri, 11 Sep 2020 14:53:02 +0000
Resent-Message-ID: <handler.43340.B43340.159983594725424@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 43340
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 43340@debbugs.gnu.org
Cc: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Received: via spool by 43340-submit@debbugs.gnu.org id=B43340.159983594725424
 (code B ref 43340); Fri, 11 Sep 2020 14:53:02 +0000
Received: (at 43340) by debbugs.gnu.org; 11 Sep 2020 14:52:27 +0000
Received: from localhost ([127.0.0.1]:45107 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1kGkPa-0006bu-4C
 for submit@debbugs.gnu.org; Fri, 11 Sep 2020 10:52:26 -0400
Received: from eggs.gnu.org ([209.51.188.92]:57668)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1kGkPY-0006bS-Bx
 for 43340@debbugs.gnu.org; Fri, 11 Sep 2020 10:52:24 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:40476)
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <ludo@gnu.org>)
 id 1kGkPS-0007wC-Nq; Fri, 11 Sep 2020 10:52:18 -0400
Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=39314 helo=gnu.org)
 by fencepost.gnu.org with esmtpsa
 (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82)
 (envelope-from <ludo@gnu.org>)
 id 1kGkPP-0004Uo-GV; Fri, 11 Sep 2020 10:52:18 -0400
From: Ludovic =?UTF-8?Q?Court=C3=A8s?= <ludo@gnu.org>
Date: Fri, 11 Sep 2020 16:51:51 +0200
Message-Id: <20200911145154.15057-2-ludo@gnu.org>
X-Mailer: git-send-email 2.28.0
In-Reply-To: <20200911145154.15057-1-ludo@gnu.org>
References: <20200911145154.15057-1-ludo@gnu.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: -2.3 (--)
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-Spam-Score: -3.3 (---)
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
X-Scanner: scn0
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org
X-Spam-Score: 3.99
X-TUID: Fs0ALkwb7hhz

* nix/libstore/local-store.cc (signHash, verifySignature): New
functions.
(LocalStore::exportPath): Use 'signHash' instead of inline code.
(LocalStore::importPath): Use 'verifySignature' instead of inline code.
---
 nix/libstore/local-store.cc | 43 ++++++++++++++++++++++++++-----------
 1 file changed, 30 insertions(+), 13 deletions(-)

diff --git a/nix/libstore/local-store.cc b/nix/libstore/local-store.cc
index e6badd3721..cbbd8e901d 100644
--- a/nix/libstore/local-store.cc
+++ b/nix/libstore/local-store.cc
@@ -1238,6 +1238,34 @@ static std::string runAuthenticationProgram(const Strings & args)
     return runProgram(settings.guixProgram, false, fullArgs);
 }
 
+/* Sign HASH with the key stored in file SECRETKEY.  Return the signature as a
+   string, or raise an exception upon error.  */
+static std::string signHash(const string &secretKey, const Hash &hash)
+{
+    Strings args;
+    args.push_back("sign");
+    args.push_back(secretKey);
+    args.push_back(printHash(hash));
+
+    return runAuthenticationProgram(args);
+}
+
+/* Verify SIGNATURE and return the base16-encoded hash over which it was
+   computed.  */
+static std::string verifySignature(const string &signature)
+{
+    Path tmpDir = createTempDir("", "guix", true, true, 0700);
+    AutoDelete delTmp(tmpDir);
+
+    Path sigFile = tmpDir + "/sig";
+    writeFile(sigFile, signature);
+
+    Strings args;
+    args.push_back("verify");
+    args.push_back(sigFile);
+    return runAuthenticationProgram(args);
+}
+
 void LocalStore::exportPath(const Path & path, bool sign,
     Sink & sink)
 {
@@ -1280,12 +1308,7 @@ void LocalStore::exportPath(const Path & path, bool sign,
         Path secretKey = settings.nixConfDir + "/signing-key.sec";
         checkSecrecy(secretKey);
 
-        Strings args;
-        args.push_back("sign");
-        args.push_back(secretKey);
-        args.push_back(printHash(hash));
-
-        string signature = runAuthenticationProgram(args);
+	string signature = signHash(secretKey, hash);
 
         writeString(signature, hashAndWriteSink);
 
@@ -1364,13 +1387,7 @@ Path LocalStore::importPath(bool requireSignature, Source & source)
         string signature = readString(hashAndReadSource);
 
         if (requireSignature) {
-            Path sigFile = tmpDir + "/sig";
-            writeFile(sigFile, signature);
-
-            Strings args;
-            args.push_back("verify");
-            args.push_back(sigFile);
-            string hash2 = runAuthenticationProgram(args);
+	    string hash2 = verifySignature(signature);
 
             /* Note: runProgram() throws an exception if the signature
                is invalid. */
-- 
2.28.0