;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <address@hidden>
;;; Copyright © 2015 Ludovic Courtès <address@hidden>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (guix scripts publish-utils)
  #:use-module (ice-9 format)
  #:use-module (rnrs bytevectors)
  #:use-module (rnrs io ports)
  #:use-module (guix base32)
  #:use-module (guix base64)
  #:use-module (guix derivations)
  #:use-module (guix hash)
  #:use-module (guix pk-crypto)
  #:use-module (guix pki)
  #:use-module (guix store)
  #:export     (%public-key
		%private-key
		narinfo-string))

;;; Comment:
;;;
;;; This is shared code between the HTTP and the GNUnet "publishers"
;;; that has been extracted from `guix/scripts/publish.scm'.
;;;
;;; Code:


(define (lazy-read-file-sexp file)
  "Return a promise to read the canonical sexp from FILE."
  (delay
    (call-with-input-file file
      (compose string->canonical-sexp
               get-string-all))))

#;(define %private-key
  (lazy-read-file-sexp %private-key-file))
(define %private-key (delay "dummy-private-key"))

(define %public-key
  (lazy-read-file-sexp %public-key-file))

(define (load-derivation file)
  "Read the derivation from FILE."
  (call-with-input-file file read-derivation))

(define (signed-string s)
  "Sign the hash of the string S with the daemon's key."
  (let* ((public-key (force %public-key))
         (hash (bytevector->hash-data (sha256 (string->utf8 s))
                                      #:key-type (key-type public-key))))
    (signature-sexp hash (force %private-key) public-key)))

(define base64-encode-string (compose base64-encode string->utf8))

(define (narinfo-string store-path path-info key)
  "Generate a narinfo key/value string for STORE-PATH using the details in
PATH-INFO.  The narinfo is signed with KEY."  
  (let* ((url        (string-append "nar/" (basename store-path)))
         (hash       (bytevector->nix-base32-string
                      (path-info-hash path-info)))
         (size       (path-info-nar-size path-info))
         (references (string-join
                      (map basename (path-info-references path-info))
                      " "))
         (deriver (path-info-deriver path-info))
         (base-info  (format #f
                             "StorePath: ~a
URL: ~a
Compression: none
NarHash: sha256:~a
NarSize: ~d
References: ~a~%"
                             store-path url hash size references))
         ;; Do not render a "Deriver" or "System" line if we are rendering
         ;; info for a derivation.
         (info (if (string-null? deriver)
                   base-info
                   (let ((drv (load-derivation deriver)))
                     (format #f "~aSystem: ~a~%Deriver: ~a~%"
                             base-info (derivation-system drv)
                             (basename deriver)))))
         (signature  (base64-encode-string
		      "dummy-signature"
                      #;(canonical-sexp->string (signed-string info)))))
    (format #f "~aSignature: 1;~a;~a~%" info (gethostname) signature)))