mdebray/tvl-depot
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tvl-depot/tvix/nix-compat/src/nixhash/ca_hash.rs
Vincent Ambo 609b68031b chore(3p/sources): bump channels & overlays (2024-09-01) 
Included changes:

* users/aspen: explicitly use open-source nvidia driver

  This now has to be specified explicitly, otherwise evaluation fails with an
  error.
* users/aspen: nixfmt -> nixfmt-classic
* users/aspen: fixes for renamed packages & options
* users/tazjin: fixes for renamed packages & options
* 3p/overlays: remove cbtemulator patch (merged upstream)
* tvix/shell: remove unnecessary patches (merged upstream)
* 3p/rust-crates: mark libgit2_sys as broken
* users/Profpatsch: mark git-db as broken
* 3p/overlays: pick `mypaint` from stable channel
* tvix: fix comments that clippy doesn't like anymore
* tvix/glue: disable a misfiring clippy lint (applying its suggestion breaks
  code below)

Change-Id: I6d3fc027694bbe7425a2d25dc53d65467a44f3b0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12403
Tested-by: BuildkiteCI
Reviewed-by: aspen <root@gws.fyi>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Autosubmit: tazjin <tazjin@tvl.su>
2024-09-05 20:56:31 +00:00

364 lines
12 KiB
Rust
Raw Blame History

use crate::nixbase32;
use crate::nixhash::{HashAlgo, NixHash};
use serde::de::Unexpected;
use serde::ser::SerializeMap;
use serde::{Deserialize, Deserializer, Serialize, Serializer};
use serde_json::{Map, Value};
use std::borrow::Cow;
use super::algos::SUPPORTED_ALGOS;
use super::decode_digest;
/// A Nix CAHash describes a content-addressed hash of a path.
///
/// The way Nix prints it as a string is a bit confusing, but there's essentially
/// three modes, `Flat`, `Nar` and `Text`.
/// `Flat` and `Nar` support all 4 algos that [NixHash] supports
/// (sha1, md5, sha256, sha512), `Text` only supports sha256.
#[derive(Clone, Debug, Eq, PartialEq)]
pub enum CAHash {
Flat(NixHash), // "fixed flat"
Nar(NixHash), // "fixed recursive"
Text([u8; 32]), // "text", only supports sha256
}
/// Representation for the supported hash modes.
#[derive(Debug, Clone, Copy, PartialEq, Eq)]
pub enum HashMode {
Flat,
Nar,
Text,
}
impl CAHash {
pub fn hash(&self) -> Cow<NixHash> {
match *self {
CAHash::Flat(ref digest) => Cow::Borrowed(digest),
CAHash::Nar(ref digest) => Cow::Borrowed(digest),
CAHash::Text(digest) => Cow::Owned(NixHash::Sha256(digest)),
}
}
pub fn mode(&self) -> HashMode {
match self {
CAHash::Flat(_) => HashMode::Flat,
CAHash::Nar(_) => HashMode::Nar,
CAHash::Text(_) => HashMode::Text,
}
}
/// Returns a colon-separated string consisting of mode, recursiveness and
/// hash algo. Used as a prefix in various string representations.
pub fn algo_str(&self) -> &'static str {
match self.mode() {
HashMode::Flat => match self.hash().as_ref() {
NixHash::Md5(_) => "fixed:md5",
NixHash::Sha1(_) => "fixed:sha1",
NixHash::Sha256(_) => "fixed:sha256",
NixHash::Sha512(_) => "fixed:sha512",
},
HashMode::Nar => match self.hash().as_ref() {
NixHash::Md5(_) => "fixed:r:md5",
NixHash::Sha1(_) => "fixed:r:sha1",
NixHash::Sha256(_) => "fixed:r:sha256",
NixHash::Sha512(_) => "fixed:r:sha512",
},
HashMode::Text => "text:sha256",
}
}
/// Constructs a [CAHash] from the textual representation,
/// which is one of the three:
/// - `text:sha256:$nixbase32sha256digest`
/// - `fixed:r:$algo:$nixbase32digest`
/// - `fixed:$algo:$nixbase32digest`
///
/// These formats are used in NARInfo, for example.
pub fn from_nix_hex_str(s: &str) -> Option<Self> {
let (tag, s) = s.split_once(':')?;
match tag {
"text" => {
let digest = s.strip_prefix("sha256:")?;
let digest = nixbase32::decode_fixed(digest).ok()?;
Some(CAHash::Text(digest))
}
"fixed" => {
if let Some(s) = s.strip_prefix("r:") {
NixHash::from_nix_hex_str(s).map(CAHash::Nar)
} else {
NixHash::from_nix_hex_str(s).map(CAHash::Flat)
}
}
_ => None,
}
}
/// Formats a [CAHash] in the Nix default hash format, which is the format
/// that's used in NARInfos for example.
pub fn to_nix_nixbase32_string(&self) -> String {
format!(
"{}:{}",
self.algo_str(),
nixbase32::encode(self.hash().digest_as_bytes())
)
}
/// This takes a serde_json::Map and turns it into this structure. This is necessary to do such
/// shenigans because we have external consumers, like the Derivation parser, who would like to
/// know whether we have a invalid or a missing NixHashWithMode structure in another structure,
/// e.g. Output.
/// This means we have this combinatorial situation:
///
/// - no hash, no hashAlgo: no [CAHash] so we return Ok(None).
/// - present hash, missing hashAlgo: invalid, we will return missing_field
/// - missing hash, present hashAlgo: same
/// - present hash, present hashAlgo: either we return ourselves or a type/value validation
/// error.
///
/// This function is for internal consumption regarding those needs until we have a better
/// solution. Now this is said, let's explain how this works.
///
/// We want to map the serde data model into a [CAHash].
///
/// The serde data model has a `hash` field (containing a digest in nixbase32),
/// and a `hashAlgo` field, containing the stringified hash algo.
/// In case the hash is recursive, hashAlgo also has a `r:` prefix.
///
/// This is to match how `nix show-derivation` command shows them in JSON
/// representation.
pub(crate) fn from_map<'de, D>(map: &Map<String, Value>) -> Result<Option<Self>, D::Error>
where
D: Deserializer<'de>,
{
// If we don't have hash neither hashAlgo, let's just return None.
if !map.contains_key("hash") && !map.contains_key("hashAlgo") {
return Ok(None);
}
let hash_algo_v = map.get("hashAlgo").ok_or_else(|| {
serde::de::Error::missing_field(
"couldn't extract `hashAlgo` key, but `hash` key present",
)
})?;
let hash_algo = hash_algo_v.as_str().ok_or_else(|| {
serde::de::Error::invalid_type(Unexpected::Other(&hash_algo_v.to_string()), &"a string")
})?;
let (mode_is_nar, hash_algo) = if let Some(s) = hash_algo.strip_prefix("r:") {
(true, s)
} else {
(false, hash_algo)
};
let hash_algo = HashAlgo::try_from(hash_algo).map_err(|e| {
serde::de::Error::invalid_value(
Unexpected::Other(&e.to_string()),
&format!("one of {}", SUPPORTED_ALGOS.join(",")).as_str(),
)
})?;
let hash_v = map.get("hash").ok_or_else(|| {
serde::de::Error::missing_field(
"couldn't extract `hash` key but `hashAlgo` key present",
)
})?;
let hash = hash_v.as_str().ok_or_else(|| {
serde::de::Error::invalid_type(Unexpected::Other(&hash_v.to_string()), &"a string")
})?;
let hash = decode_digest(hash.as_bytes(), hash_algo)
.map_err(|e| serde::de::Error::custom(e.to_string()))?;
if mode_is_nar {
Ok(Some(Self::Nar(hash)))
} else {
Ok(Some(Self::Flat(hash)))
}
}
}
impl Serialize for CAHash {
/// map a CAHash into the serde data model.
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
let mut map = serializer.serialize_map(Some(2))?;
match self {
CAHash::Flat(h) => {
map.serialize_entry("hash", &nixbase32::encode(h.digest_as_bytes()))?;
map.serialize_entry("hashAlgo", &h.algo())?;
}
CAHash::Nar(h) => {
map.serialize_entry("hash", &nixbase32::encode(h.digest_as_bytes()))?;
map.serialize_entry("hashAlgo", &format!("r:{}", &h.algo()))?;
}
// It is not legal for derivations to use this (which is where
// we're currently exercising [Serialize] mostly,
// but it's still good to be able to serialize other CA hashes too.
CAHash::Text(h) => {
map.serialize_entry("hash", &nixbase32::encode(h.as_ref()))?;
map.serialize_entry("hashAlgo", "text")?;
}
};
map.end()
}
}
impl<'de> Deserialize<'de> for CAHash {
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where
D: Deserializer<'de>,
{
let value = Self::from_map::<D>(&Map::deserialize(deserializer)?)?;
match value {
None => Err(serde::de::Error::custom("couldn't parse as map")),
Some(v) => Ok(v),
}
}
}
#[cfg(test)]
mod tests {
use crate::{derivation::CAHash, nixhash};
#[test]
fn serialize_flat() {
let json_bytes = r#"{
"hash": "1fnf2m46ya7r7afkcb8ba2j0sc4a85m749sh9jz64g4hx6z3r088",
"hashAlgo": "sha256"
}"#;
let hash = CAHash::Flat(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
)
.unwrap(),
);
let serialized = serde_json::to_string_pretty(&hash).unwrap();
assert_eq!(serialized, json_bytes);
}
#[test]
fn serialize_nar() {
let json_bytes = r#"{
"hash": "1fnf2m46ya7r7afkcb8ba2j0sc4a85m749sh9jz64g4hx6z3r088",
"hashAlgo": "r:sha256"
}"#;
let hash = CAHash::Nar(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
)
.unwrap(),
);
let serialized = serde_json::to_string_pretty(&hash).unwrap();
assert_eq!(serialized, json_bytes);
}
#[test]
fn deserialize_flat() {
let json_bytes = r#"
{
"hash": "08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
"hashAlgo": "sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
assert_eq!(
hash,
CAHash::Flat(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba"
)
.unwrap()
)
);
}
#[test]
fn deserialize_hex() {
let json_bytes = r#"
{
"hash": "08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
"hashAlgo": "r:sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
assert_eq!(
hash,
CAHash::Nar(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba"
)
.unwrap()
)
);
}
#[test]
fn deserialize_nixbase32() {
let json_bytes = r#"
{
"hash": "1fnf2m46ya7r7afkcb8ba2j0sc4a85m749sh9jz64g4hx6z3r088",
"hashAlgo": "r:sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
assert_eq!(
hash,
CAHash::Nar(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba"
)
.unwrap()
)
);
}
#[test]
fn deserialize_base64() {
let json_bytes = r#"
{
"hash": "CIE8vumQPGK+TFAncmpBijANpFALLTadOvkob0gVzro=",
"hashAlgo": "r:sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
assert_eq!(
hash,
CAHash::Nar(
nixhash::from_nix_str(
"sha256:08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba"
)
.unwrap()
)
);
}
#[test]
fn serialize_deserialize_nar() {
let json_bytes = r#"
{
"hash": "08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
"hashAlgo": "r:sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
let serialized = serde_json::to_string(&hash).expect("Serialize");
let hash2: CAHash = serde_json::from_str(&serialized).expect("must parse again");
assert_eq!(hash, hash2);
}
#[test]
fn serialize_deserialize_flat() {
let json_bytes = r#"
{
"hash": "08813cbee9903c62be4c5027726a418a300da4500b2d369d3af9286f4815ceba",
"hashAlgo": "sha256"
}"#;
let hash: CAHash = serde_json::from_str(json_bytes).expect("must parse");
let serialized = serde_json::to_string(&hash).expect("Serialize");
let hash2: CAHash = serde_json::from_str(&serialized).expect("must parse again");
assert_eq!(hash, hash2);
}
}
Reference in a new issue View git blame Copy permalink