{-|
Description : Nix-relevant interfaces to NaCl signatures.
-}
{-# language CPP #-}

module System.Nix.Internal.Signature
  ( Signature
  , NarSignature(..)
  )
where


import qualified Data.ByteString                   as Bytes
import           Crypto.Saltine.Core.Sign           ( PublicKey )
import           Crypto.Saltine.Class               ( IsEncoding(..) )

--  2021-05-30: NOTE: Please, clean-up these overloads in ~2022
#if MIN_VERSION_saltine(0,2,0)
import qualified Crypto.Saltine.Internal.Sign as NaClSizes
#else
import qualified Crypto.Saltine.Internal.ByteSizes as NaClSizes
#endif

-- | A NaCl signature.
newtype Signature = Signature ByteString
  deriving (Signature -> Signature -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: Signature -> Signature -> Bool
$c/= :: Signature -> Signature -> Bool
== :: Signature -> Signature -> Bool
$c== :: Signature -> Signature -> Bool
Eq, Eq Signature
Signature -> Signature -> Bool
Signature -> Signature -> Ordering
Signature -> Signature -> Signature
forall a.
Eq a
-> (a -> a -> Ordering)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> a)
-> (a -> a -> a)
-> Ord a
min :: Signature -> Signature -> Signature
$cmin :: Signature -> Signature -> Signature
max :: Signature -> Signature -> Signature
$cmax :: Signature -> Signature -> Signature
>= :: Signature -> Signature -> Bool
$c>= :: Signature -> Signature -> Bool
> :: Signature -> Signature -> Bool
$c> :: Signature -> Signature -> Bool
<= :: Signature -> Signature -> Bool
$c<= :: Signature -> Signature -> Bool
< :: Signature -> Signature -> Bool
$c< :: Signature -> Signature -> Bool
compare :: Signature -> Signature -> Ordering
$ccompare :: Signature -> Signature -> Ordering
Ord)

instance IsEncoding Signature where
  decode :: ByteString -> Maybe Signature
decode ByteString
s
#if MIN_VERSION_saltine(0,2,0)
    | ByteString -> Int
Bytes.length ByteString
s forall a. Eq a => a -> a -> Bool
== Int
NaClSizes.sign_bytes = forall a. a -> Maybe a
Just forall a b. (a -> b) -> a -> b
$ ByteString -> Signature
Signature ByteString
s
#else
    | Bytes.length s == NaClSizes.sign = Just $ Signature s
#endif
    | Bool
otherwise = forall a. Maybe a
Nothing
  encode :: Signature -> ByteString
encode = coerce :: forall a b. Coercible a b => a -> b
coerce

-- | A detached NaCl signature attesting to a nix archive's validity.
data NarSignature = NarSignature
  { -- | The public key used to sign the archive.
    NarSignature -> PublicKey
publicKey :: PublicKey
  , -- | The archive's signature.
    NarSignature -> Signature
sig       :: Signature
  }
  deriving (NarSignature -> NarSignature -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: NarSignature -> NarSignature -> Bool
$c/= :: NarSignature -> NarSignature -> Bool
== :: NarSignature -> NarSignature -> Bool
$c== :: NarSignature -> NarSignature -> Bool
Eq, Eq NarSignature
NarSignature -> NarSignature -> Bool
NarSignature -> NarSignature -> Ordering
NarSignature -> NarSignature -> NarSignature
forall a.
Eq a
-> (a -> a -> Ordering)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> Bool)
-> (a -> a -> a)
-> (a -> a -> a)
-> Ord a
min :: NarSignature -> NarSignature -> NarSignature
$cmin :: NarSignature -> NarSignature -> NarSignature
max :: NarSignature -> NarSignature -> NarSignature
$cmax :: NarSignature -> NarSignature -> NarSignature
>= :: NarSignature -> NarSignature -> Bool
$c>= :: NarSignature -> NarSignature -> Bool
> :: NarSignature -> NarSignature -> Bool
$c> :: NarSignature -> NarSignature -> Bool
<= :: NarSignature -> NarSignature -> Bool
$c<= :: NarSignature -> NarSignature -> Bool
< :: NarSignature -> NarSignature -> Bool
$c< :: NarSignature -> NarSignature -> Bool
compare :: NarSignature -> NarSignature -> Ordering
$ccompare :: NarSignature -> NarSignature -> Ordering
Ord)