Age | Commit message (Collapse) | Author |
|
* guix/openpgp.scm (&openpgp-unrecognized-packet-error)[type]: New
field.
(get-data, parse-subpackets): Initialize 'type' field.
|
|
* guix/openpgp.scm (fxbit-set?): Change to swap arguments compared to
'bit-set?'.
* tests/openpgp.scm (%binary-sample): New test vector.
("port-ascii-armored?, #t"): Add test.
("port-ascii-armored?, #f"): Add another test.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
|
|
This gives an 18% speedup on the wall-clock time of:
guile -c '(use-modules (git) (guix git-authenticate)) (load-keyring-from-reference (repository-open ".") "keyring")'
* guix/openpgp.scm (crc24): Rewrite by calling out to 'bytevector-hash'.
|
|
Reported by brendyyn on #guix. The mistake led to a macro expansion
error on Guile 2.2 but not on 3.0.2.
* guix/openpgp.scm (&openpgp-invalid-signature-error): Add missing type
predicate.
|
|
* guix/openpgp.scm (&openpgp-error, &openpgp-unrecognized-packet-error)
(&openpgp-invalid-signature-error): New error conditions.
(openpgp-hash-algorithm): Add 'signature-port' parameter. Raise an
error condition instead of calling 'error'.
(parse-subpackets): Likewise.
(get-data): Raise instead of calling 'error'.
(get-openpgp-detached-signature/ascii): Likewise.
(get-signature): Likewise.
|
|
* guix/openpgp.scm (string->openpgp-packet): New procedure.
* tests/openpgp.scm ("verify-openpgp-signature, missing key")
("verify-openpgp-signature, good signatures")
("verify-openpgp-signature, bad signature"): Use it.
|
|
Previously, 'lookup-key-by-{id,fingerprint}' would always return the
list of packets where the primary key is first. Thus, the caller would
need to use 'find' to actually find the requested key.
* guix/openpgp.scm (keyring-insert): Always add KEY to PACKETS.
(lookup-key-by-id, lookup-key-by-fingerprint): Change to return the key
as the first value.
(verify-openpgp-signature): Remove now unneeded call to 'find'.
* tests/openpgp.scm ("get-openpgp-keyring"): Adjust accordingly.
|
|
* guix/openpgp.scm (verify-openpgp-signature): Use
'lookup-key-by-fingerprint' when SIG contains a fingerprint.
Honor FINGERPRINT in the 'find' predicate. Upon missing-key, return
FINGERPRINT if available.
* tests/openpgp.scm ("verify-openpgp-signature, missing key"): Adjust
expected value accordingly.
|
|
* guix/openpgp.scm (<openpgp-keyring>)[table]: Rename to...
[ids]: ... this.
[fingerprints]: New field.
(keyring-insert, lookup-key-by-fingerprint): New procedures.
(%empty-keyring): Adjust.
(get-openpgp-keyring): Manipulate KEYRING instead of its vhash, use
'keyring-insert'.
* tests/openpgp.scm ("get-openpgp-keyring"): Test
'lookup-key-by-fingerprint'.
|
|
* guix/openpgp.scm (<openpgp-signature>)[issuer, issuer-fingerprint]:
New fields.
(openpgp-signature-issuer, openpgp-signature-issuer-fingerprint): Remove.
(verify-openpgp-signature): Use 'openpgp-signature-issuer-key-id'.
(get-signature): Initialize 'issuer' and 'issuer-fingerprint'.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Adjust
accordingly.
|
|
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable.
(openpgp-signature-issuer-fingerprint): New procedure.
(key-id-matches-fingerprint?): New procedure.
(get-signature): Look for the 'issuer and 'issuer-fingerprint
subpackets. Ensure the issuer key ID matches the fingerprint when both
are available.
(parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT.
* tests/openpgp.scm (%rsa-key-fingerprint)
(%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the
result of 'openpgp-signature-issuer-fingerprint'.
|
|
* guix/openpgp.scm, tests/openpgp.scm, tests/civodul.key,
tests/dsa.key, tests/ed25519.key, tests/rsa.key,
tests/ed25519.sec: New files.
* Makefile.am (MODULES): Add guix/openpgp.scm.
(SCM_TESTS): Add tests/openpgp.scm.
(EXTRA_DIST): Add tests/*.key and tests/ed25519.sec.
|