refactor(tvix/nix-compat): cleanup parse_{ca,hash} and fmt structs

These were used to format to and parse from strings.

Move this to the CAHash and NixHash structs directly, and be explicit in
the name about which encoding for digests is used.

For output path calculation, nix encodes the nixpaths in hex, but for
writing out NARInfos, it's using nixbase32.

Change-Id: Ia585a76a3811b2609e7ce259fda66a29403b7e07
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10079
Reviewed-by: raitobezarius <tvl@lahfa.xyz>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
This commit is contained in:
Florian Klink 2023-11-19 19:50:56 +02:00 committed by clbot
parent a8d48d4d9c
commit ef8a8af0bf
6 changed files with 83 additions and 97 deletions

View file

@ -135,7 +135,7 @@ impl Derivation {
Sha256::new_with_prefix(format!(
"fixed:out:{}{}:{}",
ca_kind_prefix(ca_hash),
ca_hash.digest().to_nix_hash_string(),
ca_hash.digest().to_nix_hex_string(),
out_output.path
))
.finalize()

View file

@ -193,7 +193,7 @@ fn derivation_or_fod_hash(drv_path: &str, expected_nix_hash_string: &str) {
let actual = drv.derivation_or_fod_hash(|_| panic!("must not be called"));
assert_eq!(expected_nix_hash_string, actual.to_nix_hash_string());
assert_eq!(expected_nix_hash_string, actual.to_nix_hex_string());
}
/// This reads a Derivation (in A-Term), trims out all fields containing

View file

@ -24,11 +24,7 @@ use std::{
mem,
};
use crate::{
nixbase32,
nixhash::{CAHash, NixHash},
store_path::StorePathRef,
};
use crate::{nixbase32, nixhash::CAHash, store_path::StorePathRef};
mod fingerprint;
mod signature;
@ -249,8 +245,8 @@ impl<'a> NarInfo<'a> {
signatures.push(val);
}
"CA" => {
let val =
parse_ca(val).ok_or_else(|| Error::UnableToParseCA(val.to_string()))?;
let val = CAHash::from_nix_hex_str(val)
.ok_or_else(|| Error::UnableToParseCA(val.to_string()))?;
if ca.replace(val).is_some() {
return Err(Error::DuplicateField(tag.to_string()));
@ -308,14 +304,14 @@ impl Display for NarInfo<'_> {
}
if let Some(file_hash) = self.file_hash {
writeln!(w, "FileHash: {}", fmt_hash(&NixHash::Sha256(file_hash)))?;
writeln!(w, "FileHash: sha256:{}", nixbase32::encode(&file_hash),)?;
}
if let Some(file_size) = self.file_size {
writeln!(w, "FileSize: {file_size}")?;
}
writeln!(w, "NarHash: {}", fmt_hash(&NixHash::Sha256(self.nar_hash)))?;
writeln!(w, "NarHash: sha256:{}", nixbase32::encode(&self.nar_hash),)?;
writeln!(w, "NarSize: {}", self.nar_size)?;
write!(w, "References:")?;
@ -341,83 +337,13 @@ impl Display for NarInfo<'_> {
}
if let Some(ca) = &self.ca {
writeln!(w, "CA: {}", fmt_ca(ca))?;
writeln!(w, "CA: {}", ca.to_nix_nixbase32_string())?;
}
Ok(())
}
}
pub fn parse_ca(s: &str) -> Option<CAHash> {
let (tag, s) = s.split_once(':')?;
match tag {
"text" => {
let digest = s.strip_prefix("sha256:")?;
let digest = nixbase32::decode_fixed(digest).ok()?;
Some(CAHash::Text(digest))
}
"fixed" => {
if let Some(s) = s.strip_prefix("r:") {
parse_hash(s).map(CAHash::Nar)
} else {
parse_hash(s).map(CAHash::Flat)
}
}
_ => None,
}
}
#[allow(non_camel_case_types)]
struct fmt_ca<'a>(&'a CAHash);
impl Display for fmt_ca<'_> {
fn fmt(&self, w: &mut fmt::Formatter) -> fmt::Result {
match self.0 {
CAHash::Flat(h) => {
write!(w, "fixed:{}", fmt_hash(h))
}
&CAHash::Text(d) => {
write!(w, "text:{}", fmt_hash(&NixHash::Sha256(d)))
}
CAHash::Nar(h) => {
write!(w, "fixed:r:{}", fmt_hash(h))
}
}
}
}
fn parse_hash(s: &str) -> Option<NixHash> {
let (tag, digest) = s.split_once(':')?;
(match tag {
"md5" => nixbase32::decode_fixed(digest).map(NixHash::Md5),
"sha1" => nixbase32::decode_fixed(digest).map(NixHash::Sha1),
"sha256" => nixbase32::decode_fixed(digest).map(NixHash::Sha256),
"sha512" => nixbase32::decode_fixed(digest)
.map(Box::new)
.map(NixHash::Sha512),
_ => return None,
})
.ok()
}
#[allow(non_camel_case_types)]
struct fmt_hash<'a>(&'a NixHash);
impl Display for fmt_hash<'_> {
fn fmt(&self, w: &mut fmt::Formatter) -> fmt::Result {
let (tag, digest) = match self.0 {
NixHash::Md5(d) => ("md5", &d[..]),
NixHash::Sha1(d) => ("sha1", &d[..]),
NixHash::Sha256(d) => ("sha256", &d[..]),
NixHash::Sha512(d) => ("sha512", &d[..]),
};
write!(w, "{tag}:{}", nixbase32::encode(digest))
}
}
#[derive(thiserror::Error, Debug)]
pub enum Error {
#[error("duplicate field: {0}")]

View file

@ -10,13 +10,11 @@ use super::algos::SUPPORTED_ALGOS;
use super::from_algo_and_digest;
/// A Nix CAHash describes a content-addressed hash of a path.
/// Semantically, it can be split into the following components:
///
/// - "content address prefix". Currently, "fixed" and "text" are supported.
/// - "hash mode". Currently, "flat" and "recursive" are supported.
/// - "hash type". The underlying hash function used.
/// Currently, sha1, md5, sha256, sha512.
/// - "digest". The digest itself.
/// The way Nix prints it as a string is a bit confusing, but there's essentially
/// three modes, `Flat`, `Nar` and `Text`.
/// `Flat` and `Nar` support all 4 algos that [NixHash] supports
/// (sha1, md5, sha256, sha512), `Text` only supports sha256.
#[derive(Clone, Debug, Eq, PartialEq)]
pub enum CAHash {
Flat(NixHash), // "fixed flat"
@ -33,6 +31,44 @@ impl CAHash {
}
}
/// Constructs a [CAHash] from the textual representation,
/// which is one of the three:
/// - `text:sha256:$nixbase32sha256digest`
/// - `fixed:r:$algo:$nixbase32digest`
/// - `fixed:$algo:$nixbase32digest`
/// which is the format that's used in the NARInfo for example.
pub fn from_nix_hex_str(s: &str) -> Option<Self> {
let (tag, s) = s.split_once(':')?;
match tag {
"text" => {
let digest = s.strip_prefix("sha256:")?;
let digest = nixbase32::decode_fixed(digest).ok()?;
Some(CAHash::Text(digest))
}
"fixed" => {
if let Some(s) = s.strip_prefix("r:") {
NixHash::from_nix_hex_str(s).map(CAHash::Nar)
} else {
NixHash::from_nix_hex_str(s).map(CAHash::Flat)
}
}
_ => None,
}
}
/// Formats a [CAHash] in the Nix default hash format, which is the format
/// that's used in NARInfos for example.
pub fn to_nix_nixbase32_string(&self) -> String {
match self {
CAHash::Flat(nh) => format!("fixed:{}", nh.to_nix_nixbase32_string()),
CAHash::Nar(nh) => format!("fixed:r:{}", nh.to_nix_nixbase32_string()),
CAHash::Text(digest) => {
format!("text:sha256:{}", nixbase32::encode(digest))
}
}
}
/// This takes a serde_json::Map and turns it into this structure. This is necessary to do such
/// shenigans because we have external consumers, like the Derivation parser, who would like to
/// know whether we have a invalid or a missing NixHashWithMode structure in another structure,

View file

@ -41,15 +41,42 @@ impl NixHash {
}
}
/// Constructs a [NixHash] from the Nix default hash format,
/// the inverse of [to_nix_hex_string].
pub fn from_nix_hex_str(s: &str) -> Option<Self> {
let (tag, digest) = s.split_once(':')?;
(match tag {
"md5" => nixbase32::decode_fixed(digest).map(NixHash::Md5),
"sha1" => nixbase32::decode_fixed(digest).map(NixHash::Sha1),
"sha256" => nixbase32::decode_fixed(digest).map(NixHash::Sha256),
"sha512" => nixbase32::decode_fixed(digest)
.map(Box::new)
.map(NixHash::Sha512),
_ => return None,
})
.ok()
}
/// Formats a [NixHash] in the Nix default hash format,
/// which is the algo, followed by a colon, then the lower hex encoded digest.
pub fn to_nix_hash_string(&self) -> String {
pub fn to_nix_hex_string(&self) -> String {
format!(
"{}:{}",
self.algo(),
HEXLOWER.encode(self.digest_as_bytes())
)
}
/// Formats a [NixHash] in the format that's used inside CAHash,
/// which is the algo, followed by a colon, then the nixbase32-encoded digest.
pub(crate) fn to_nix_nixbase32_string(&self) -> String {
format!(
"{}:{}",
self.algo(),
nixbase32::encode(self.digest_as_bytes())
)
}
}
impl TryFrom<(HashAlgo, &[u8])> for NixHash {

View file

@ -93,7 +93,7 @@ pub fn build_ca_path<B: AsRef<[u8]>, S: AsRef<str>, I: IntoIterator<Item = S>>(
NixHash::Sha256(
Sha256::new_with_prefix(format!(
"fixed:out:r:{}:",
hash.to_nix_hash_string()
hash.to_nix_hex_string()
))
.finalize()
.into(),
@ -115,12 +115,9 @@ pub fn build_ca_path<B: AsRef<[u8]>, S: AsRef<str>, I: IntoIterator<Item = S>>(
"output:out",
&{
NixHash::Sha256(
Sha256::new_with_prefix(format!(
"fixed:out:{}:",
hash.to_nix_hash_string()
))
.finalize()
.into(),
Sha256::new_with_prefix(format!("fixed:out:{}:", hash.to_nix_hex_string()))
.finalize()
.into(),
)
},
name,
@ -170,7 +167,7 @@ fn build_store_path_from_fingerprint_parts<B: AsRef<[u8]>>(
let digest = compress_hash(&{
let mut h = Sha256::new();
write!(h, "{ty}:{}:{STORE_DIR}:{name}", hash.to_nix_hash_string()).unwrap();
write!(h, "{ty}:{}:{STORE_DIR}:{name}", hash.to_nix_hex_string()).unwrap();
h.finalize()
});