Use libsodium instead of OpenSSL for binary cache signing
Sodium's Ed25519 signatures are much shorter than OpenSSL's RSA signatures. Public keys are also much shorter, so they're now specified directly in the nix.conf option ‘binary-cache-public-keys’. The new command ‘nix-store --generate-binary-cache-key’ generates and prints a public and secret key.
This commit is contained in:
Eelco Dolstra
parent
0d1dafa0c4
commit
e0def5bc4b
15 changed files with 196 additions and 91 deletions
|
|
@ -285,7 +285,7 @@ pid_t startProcess(std::function<void()> fun, const ProcessOptions & options = P
|
|||
/* Run a program and return its stdout in a string (i.e., like the
|
||||
shell backtick operator). */
|
||||
string runProgram(Path program, bool searchPath = false,
|
||||
const Strings & args = Strings());
|
||||
const Strings & args = Strings(), const string & input = "");
|
||||
|
||||
MakeError(ExecError, Error)
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue