diff --git a/guix/scripts/publish.scm b/guix/scripts/publish.scm
index 71a349d2fe52ca4a626d14be0c7b0380bcc6f4a3..f5b2f5fd4e5801511879f1be268ae35c00add2f9 100644
--- a/guix/scripts/publish.scm
+++ b/guix/scripts/publish.scm
@@ -64,6 +64,7 @@ (define-module (guix scripts publish)
#:use-module ((guix build syscalls) #:select (set-thread-name))
#:export (%public-key
%private-key
+ signed-string
guix-publish))
@@ -237,7 +238,8 @@ (define %nix-cache-info
("Priority" . 100)))
(define (signed-string s)
- "Sign the hash of the string S with the daemon's key."
+ "Sign the hash of the string S with the daemon's key. Return a canonical
+sexp for the signature."
(let* ((public-key (%public-key))
(hash (bytevector->hash-data (sha256 (string->utf8 s))
#:key-type (key-type public-key))))
diff --git a/tests/publish.scm b/tests/publish.scm
index 204cfb4974a3f1d0ed3251f556e243351a1fb1cf..e43310ef00a60e80364f8a7da665f46d53fe58f1 100644
--- a/tests/publish.scm
+++ b/tests/publish.scm
@@ -1,6 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org>
-;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -153,8 +153,7 @@ (define %gzip-magic-bytes
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
+ (signed-string unsigned-info))))))
(format #f "~aSignature: 1;~a;~a~%"
unsigned-info (gethostname) signature))
(utf8->string
@@ -184,8 +183,7 @@ (define %gzip-magic-bytes
(signature (base64-encode
(string->utf8
(canonical-sexp->string
- ((@@ (guix scripts publish) signed-string)
- unsigned-info))))))
+ (signed-string unsigned-info))))))
(format #f "~aSignature: 1;~a;~a~%"
unsigned-info (gethostname) signature))