Clean up Hash module.

Author: shlevy

hnix-store-core/hnix-store-core.cabal

@@ -17,7 +17,8 @@ extra-source-files:  ChangeLog.md, README.md
 cabal-version:       >=1.10
 
 library
-  exposed-modules:     System.Nix.Build
+  exposed-modules:     System.Nix.Base32
+                     , System.Nix.Build
                      , System.Nix.Derivation
                      , System.Nix.GC
                      , System.Nix.Hash

hnix-store-core/src/System/Nix/Base32.hs

@@ -0,0 +1,31 @@
+{-|
+Description: Implementation of Nix's base32 encoding.
+-}
+module System.Nix.Base32 where
+
+import qualified Data.ByteString        as BS
+import qualified Data.Text              as T
+import qualified Data.Vector            as V
+
+-- | Encode a 'BS.ByteString' in Nix's base32 encoding
+encode :: BS.ByteString -> T.Text
+encode c = T.pack $ concatMap char32 [nChar - 1, nChar - 2 .. 0]
+  where
+    digits32 = V.fromList "0123456789abcdfghijklmnpqrsvwxyz"
+    -- The base32 encoding is 8/5's as long as the base256 digest.  This `+ 1`
+    -- `- 1` business is a bit odd, but has always been used in C++ since the
+    -- base32 truncation was added in was first added in
+    -- d58a11e019813902b6c4547ca61a127938b2cc20.
+    nChar = fromIntegral $ ((BS.length c * 8 - 1) `div` 5) + 1
+
+    char32 :: Integer -> [Char]
+    char32 i = [digits32 V.! digitInd]
+      where
+        byte j   = BS.index c (fromIntegral j)
+        fromIntegral' :: Num b => Integer -> b
+        fromIntegral' = fromIntegral
+        digitInd = fromIntegral' $
+                   sum [fromIntegral (byte j) * (256^j)
+                       | j <- [0 .. BS.length c - 1]]
+                   `div` (32^i)
+                   `mod` 32

hnix-store-core/src/System/Nix/Hash.hs

@@ -1,27 +1,17 @@
 {-|
 Description : Cryptographic hashes for hnix-store.
-Maintainer  : Shea Levy <[email protected]>; Greg Hale <[email protected]>
 -}
-{-# LANGUAGE DataKinds #-}
-{-# LANGUAGE TypeApplications #-}
-{-# LANGUAGE ScopedTypeVariables #-}
-{-# LANGUAGE FlexibleContexts #-}
-{-# LANGUAGE TypeApplications #-}
-{-# LANGUAGE TypeFamilies #-}
-{-# LANGUAGE TypeOperators #-}
-{-# LANGUAGE CPP #-}
 module System.Nix.Hash (
     HNix.Digest
 
-  , HNix.HashAlgorithm
-  , HNix.HashAlgorithm'(..)
-  , HNix.AlgoVal(..)
-  , HNix.HasDigest(..)
+  , HNix.HashAlgorithm(..)
+  , HNix.ValidAlgo(..)
+  , HNix.NamedAlgo(..)
   , HNix.hash
   , HNix.hashLazy
 
-  , HNix.printAsBase32
+  , HNix.encodeBase32
+  , HNix.encodeBase16
   ) where
 
 import qualified System.Nix.Internal.Hash as HNix
-

hnix-store-core/src/System/Nix/Internal/Hash.hs

@@ -1,17 +1,13 @@
 {-|
-Description : Cryptographic hashes for hnix-store.
-Maintainer  : Greg Hale <[email protected]>
+Description : Cryptographic hashing interface for hnix-store, on top
+              of the cryptohash family of libraries.
 -}
 {-# LANGUAGE AllowAmbiguousTypes #-}
-{-# LANGUAGE DataKinds           #-}
 {-# LANGUAGE GeneralizedNewtypeDeriving #-}
-{-# LANGUAGE PolyKinds           #-}
-{-# LANGUAGE RankNTypes          #-}
 {-# LANGUAGE TypeFamilies        #-}
-{-# LANGUAGE KindSignatures      #-}
 {-# LANGUAGE ScopedTypeVariables #-}
 {-# LANGUAGE TypeApplications    #-}
-{-# LANGUAGE TypeInType          #-}
+{-# LANGUAGE DataKinds           #-}
 {-# LANGUAGE OverloadedStrings   #-}
 
 module System.Nix.Internal.Hash where
@@ -21,162 +17,129 @@ import qualified Crypto.Hash.SHA1       as SHA1
 import qualified Crypto.Hash.SHA256     as SHA256
 import qualified Data.ByteString        as BS
 import qualified Data.ByteString.Base16 as Base16
-import qualified Data.ByteString.Char8  as BSC
 import           Data.Bits              (xor)
-import qualified Data.ByteString        as BS
 import qualified Data.ByteString.Lazy   as BSL
 import qualified Data.Hashable          as DataHashable
-import           Data.Kind              (Type)
 import           Data.List              (foldl')
-import           Data.Monoid
 import           Data.Proxy             (Proxy(Proxy))
 import           Data.Text              (Text)
 import qualified Data.Text              as T
 import qualified Data.Text.Encoding     as T
-import qualified Data.Vector            as V
 import           Data.Word              (Word8)
-import           GHC.TypeLits
+import           GHC.TypeLits           (Nat, KnownNat, natVal)
+import qualified System.Nix.Base32      as Base32
 
--- | A tag for different hashing algorithms
---   Also used as a type-level tag for hash digests
---   (e.g. @Digest SHA256@ is the type for a sha256 hash)
+-- | The universe of supported hash algorithms.
 --
---  When used at the type level, `n` is `Nat`
-data HashAlgorithm' n
+-- Currently only intended for use at the type level.
+data HashAlgorithm
   = MD5
   | SHA1
   | SHA256
-  | Truncated n (HashAlgorithm' n)
-  deriving (Eq, Show)
-
-class HashAlgoText a where
-  algoString :: Proxy a -> Text
+  | Truncated Nat HashAlgorithm
+    -- ^ The hash algorithm obtained by truncating the result of the
+    -- input 'HashAlgorithm' to the given number of bytes. See
+    -- 'truncateDigest' for a description of the truncation algorithm.
+
+-- | The result of running a 'HashAlgorithm'.
+newtype Digest (a :: HashAlgorithm) =
+  Digest BS.ByteString deriving (Show, Eq, Ord, DataHashable.Hashable)
+
+-- | The primitive interface for incremental hashing for a given
+-- 'HashAlgorithm'. Every 'HashAlgorithm' should have an instance.
+class ValidAlgo (a :: HashAlgorithm) where
+  -- | The incremental state for constructing a hash.
+  type AlgoCtx a
+
+  -- | Start building a new hash.
+  initialize        :: AlgoCtx a
+  -- | Append a 'BS.ByteString' to the overall contents to be hashed.
+  update            :: AlgoCtx a -> BS.ByteString -> AlgoCtx a
+  -- | Finish hashing and generate the output.
+  finalize          :: AlgoCtx a -> Digest a
 
-instance HashAlgoText 'MD5 where
-  algoString (Proxy :: Proxy 'MD5) = "md5"
+-- | A 'HashAlgorithm' with a canonical name, for serialization
+-- purposes (e.g. SRI hashes)
+class NamedAlgo (a :: HashAlgorithm) where
+  algoName :: Text
 
-instance HashAlgoText 'SHA1 where
-  algoString (Proxy :: Proxy 'SHA1) = "sha1"
+instance NamedAlgo 'MD5 where
+  algoName = "md5"
 
-instance HashAlgoText 'SHA256 where
-  algoString (Proxy :: Proxy 'SHA256) = "sha256"
+instance NamedAlgo 'SHA1 where
+  algoName = "sha1"
 
-type HashAlgorithm = HashAlgorithm' Nat
+instance NamedAlgo 'SHA256 where
+  algoName = "sha256"
 
--- | Types with kind @HashAlgorithm@ may be a @HasDigest@ instance
---   if they are able to hash bytestrings via the init/update/finalize
---   API of cryptonite
+-- | Hash an entire (strict) 'BS.ByteString' as a single call.
 --
---   Each instance defined here simply defers to one of the underlying
---   monomorphic hashing libraries, such as `cryptohash-sha256`.
-class HasDigest (a :: HashAlgorithm) where
-
-  type AlgoCtx a :: Type
-
-  initialize        :: AlgoCtx a
-  update            :: AlgoCtx a -> BS.ByteString -> AlgoCtx a
-  finalize          :: AlgoCtx a -> Digest a
-
-
--- | The cryptographic hash of of a strict bytestring, where hash
---   algorithm is chosen by the type of the digest
 --   For example:
 --   > let d = hash "Hello, sha-256!" :: Digest SHA256
 --   or
 --   > :set -XTypeApplications
 --   > let d = hash @SHA256 "Hello, sha-256!"
-hash :: forall a.HasDigest a => BS.ByteString -> Digest a
+hash :: forall a.ValidAlgo a => BS.ByteString -> Digest a
 hash bs =
   finalize $ update @a (initialize @a) bs
 
--- | The cryptographic hash of a lazy bytestring. Use is the same
---   as for @hash@. This runs in constant space, but forces the
---   entire bytestring
-hashLazy :: forall a.HasDigest a => BSL.ByteString -> Digest a
+-- | Hash an entire (lazy) 'BSL.ByteString' as a single call.
+--
+-- Use is the same as for 'hash'.  This runs in constant space, but
+-- forces the entire bytestring.
+hashLazy :: forall a.ValidAlgo a => BSL.ByteString -> Digest a
 hashLazy bsl =
   finalize $ foldl' (update @a) (initialize @a) (BSL.toChunks bsl)
 
-digestText32 :: forall a. HashAlgoText a => Digest a -> T.Text
-digestText32 d = algoString (Proxy :: Proxy a) <> ":" <> printAsBase32 d
-
-digestText16 :: forall a. HashAlgoText a => Digest a -> T.Text
-digestText16 (Digest bs) = algoString (Proxy :: Proxy a) <> ":" <> T.decodeUtf8 (Base16.encode bs)
+-- | Encode a 'Digest' in the special Nix base-32 encoding.
+encodeBase32 :: Digest a -> T.Text
+encodeBase32 (Digest bs) = Base32.encode bs
 
--- | Convert any Digest to a base32-encoded string.
---   This is not used in producing store path hashes
-printAsBase32 :: Digest a -> T.Text
-printAsBase32 (Digest bs) = printHashBytes32 bs
+-- | Encode a 'Digest' in hex.
+encodeBase16 :: Digest a -> T.Text
+encodeBase16 (Digest bs) = T.decodeUtf8 (Base16.encode bs)
 
-
-instance HasDigest MD5 where
+-- | Uses "Crypto.Hash.MD5" from cryptohash-md5.
+instance ValidAlgo 'MD5 where
   type AlgoCtx 'MD5 = MD5.Ctx
   initialize = MD5.init
   update = MD5.update
   finalize = Digest . MD5.finalize
 
-instance HasDigest 'SHA1 where
-  type AlgoCtx SHA1 = SHA1.Ctx
+-- | Uses "Crypto.Hash.SHA1" from cryptohash-sha1.
+instance ValidAlgo 'SHA1 where
+  type AlgoCtx 'SHA1 = SHA1.Ctx
   initialize = SHA1.init
   update = SHA1.update
   finalize = Digest . SHA1.finalize
 
-instance HasDigest 'SHA256 where
-  type AlgoCtx SHA256 = SHA256.Ctx
+-- | Uses "Crypto.Hash.SHA256" from cryptohash-sha256.
+instance ValidAlgo 'SHA256 where
+  type AlgoCtx 'SHA256 = SHA256.Ctx
   initialize = SHA256.init
   update = SHA256.update
   finalize = Digest . SHA256.finalize
 
-instance (HasDigest a, KnownNat n) => HasDigest (Truncated n a) where
-  type AlgoCtx (Truncated n a) = AlgoCtx a
+-- | Reuses the underlying 'ValidAlgo' instance, but does a
+-- 'truncateDigest' at the end.
+instance (ValidAlgo a, KnownNat n) => ValidAlgo ('Truncated n a) where
+  type AlgoCtx ('Truncated n a) = AlgoCtx a
   initialize = initialize @a
   update = update @a
   finalize = truncateDigest @n . finalize @a
 
--- | A raw hash digest, with a type-level tag
-newtype Digest (a :: HashAlgorithm) = Digest
-  { digestBytes :: BS.ByteString
-    -- ^ The bytestring in a Digest is an opaque string of bytes,
-    --   not some particular text encoding.
-  } deriving (Show, Eq, Ord, DataHashable.Hashable)
-
-
--- instance DataHashable.Hashable (Digest a) where
---   hashWithSalt a (Digest bs) = DataHashable.hashWithSalt a bs
---   hashWithSalt = coerce . DataHash
-
-
--- | Internal function for encoding bytestrings into base32 according to
---  nix's convention
-printHashBytes32 :: BS.ByteString -> T.Text
-printHashBytes32 c = T.pack $ concatMap char32 [nChar - 1, nChar - 2 .. 0]
-  where
-    -- The base32 encoding is 8/5's as long as the base256 digest.  This `+ 1`
-    -- `- 1` business is a bit odd, but has always been used in C++ since the
-    -- base32 truncation was added in was first added in
-    -- d58a11e019813902b6c4547ca61a127938b2cc20.
-    nChar = fromIntegral $ ((BS.length c * 8 - 1) `div` 5) + 1
-
-    char32 :: Integer -> [Char]
-    char32 i = [digits32 V.! digitInd]
-      where
-        byte j   = BS.index c (fromIntegral j)
-        digitInd = fromIntegral $
-                   sum [fromIntegral (byte j) * (256^j)
-                       | j <- [0 .. BS.length c - 1]]
-                   `div` (32^i)
-                   `mod` 32
-
-
--- | Internal function for producing the bitwise truncation of bytestrings.
---   When truncation length is greater than the length of the bytestring,
---   but less than twice the bytestring length, truncation splits the
---   bytestring into a head part (truncation length) and tail part (leftover
---   part) right-pads the leftovers with 0 to the truncation length, and
---   combines the two strings bytewise with `xor`
-truncateDigest :: forall n a.(HasDigest a, KnownNat n) => Digest a -> Digest (Truncated n a)
-truncateDigest (Digest c) = Digest $ BS.pack $ map truncOutputByte [0.. n-1]
+-- | Bytewise truncation of a 'Digest'.
+--
+-- When truncation length is greater than the length of the bytestring
+-- but less than twice the bytestring length, truncation splits the
+-- bytestring into a head part (truncation length) and tail part
+-- (leftover part), right-pads the leftovers with 0 to the truncation
+-- length, and combines the two strings bytewise with 'xor'.
+truncateDigest
+  :: forall n a.(KnownNat n) => Digest a -> Digest ('Truncated n a)
+truncateDigest (Digest c) =
+    Digest $ BS.pack $ map truncOutputByte [0.. n-1]
   where
-
     n = fromIntegral $ natVal (Proxy @n)
 
     truncOutputByte :: Int -> Word8
@@ -189,23 +152,3 @@ truncateDigest (Digest c) = Digest $ BS.pack $ map truncOutputByte [0.. n-1]
     aux i x j = if j `mod` fromIntegral n == fromIntegral i
                 then xor x (inputByte $ fromIntegral j)
                 else x
-
-digits32 :: V.Vector Char
-digits32 = V.fromList "0123456789abcdfghijklmnpqrsvwxyz"
-
-
--- | Convert type-level @HashAlgorithm@ into the value level
-class AlgoVal (a :: HashAlgorithm) where
-  algoVal :: HashAlgorithm' Integer
-
-instance AlgoVal MD5 where
-  algoVal = MD5
-
-instance AlgoVal SHA1 where
-  algoVal = SHA1
-
-instance AlgoVal SHA256 where
-  algoVal = SHA256
-
-instance forall a n.(AlgoVal a, KnownNat n) => AlgoVal (Truncated n a) where
-  algoVal = Truncated (natVal (Proxy @n)) (algoVal @a)

hnix-store-core/src/System/Nix/Path.hs

@@ -20,7 +20,7 @@ module System.Nix.Path
   ) where
 
 import           System.Nix.Hash           (Digest(..),
-                                            HashAlgorithm'(Truncated, SHA256))
+                                            HashAlgorithm(Truncated, SHA256))
 import           System.Nix.Internal.Hash
 import qualified Data.ByteString           as BS
 import qualified Data.ByteString.Char8     as BSC
@@ -63,7 +63,7 @@ data Path = Path !(Digest PathHashAlgo) !PathName
   deriving (Eq, Ord, Show)
 
 pathToText :: Text -> Path -> Text
-pathToText storeDir (Path h nm) = storeDir <> "/" <> printAsBase32 h <> "-" <> pathNameContents nm
+pathToText storeDir (Path h nm) = storeDir <> "/" <> encodeBase32 h <> "-" <> pathNameContents nm
 
 type PathSet = HashSet Path
 

hnix-store-core/src/System/Nix/ReadonlyStore.hs

@@ -10,19 +10,20 @@ import qualified Data.HashSet as HS
 import           Data.Text (Text)
 import qualified Data.Text as T
 import           Data.Text.Encoding
-import           System.Nix.Internal.Hash
+import           System.Nix.Hash
 import           System.Nix.Path
 
 makeStorePath :: Text -> Text -> Digest 'SHA256 -> Text -> Path
 makeStorePath storeDir ty h nm = Path storeHash (PathName nm)
   where
     s = T.intercalate ":"
       [ ty
-      , digestText16 h
+      , algoName @'SHA256
+      , encodeBase16 h
       , storeDir
       , nm
       ]
-    storeHash = truncateDigest $ hash $ encodeUtf8 s
+    storeHash = hash $ encodeUtf8 s
 
 makeTextPath :: Text -> Text -> Digest 'SHA256 -> PathSet -> Path
 makeTextPath storeDir nm h refs = makeStorePath storeDir ty h nm