Closed coreyoconnor closed 6 years ago
The Nix signString function now handles: secret key split; base 64 decode; and base 64 encode of signature.
Without these changes the Key constructor in libstore/crypto will either fail to split or fail on base64decode.
See: https://github.com/NixOS/nix/blob/4eb9e20028c4e52c23ce6a53fe02cac87171fda6/src/libstore/crypto.cc#L29
for where libstore base 64 decodes the parameter provided to signString.
Depending on client configuration this may result in a binary cache failure that is largely masked from logging.
The Nix signString function now handles: secret key split; base 64 decode; and base 64 encode of signature.
Without these changes the Key constructor in libstore/crypto will either fail to split or fail on base64decode.
See: https://github.com/NixOS/nix/blob/4eb9e20028c4e52c23ce6a53fe02cac87171fda6/src/libstore/crypto.cc#L29
for where libstore base 64 decodes the parameter provided to signString.
Depending on client configuration this may result in a binary cache failure that is largely masked from logging.