Skip to content
Snippets Groups Projects
Unverified Commit 4fe01b09 authored by Ludovic Courtès's avatar Ludovic Courtès
Browse files

publish: Export 'signed-string'. 

* guix/scripts/publish.scm (signed-string): Export and improve docstring.
* tests/publish.scm ("/*.narinfo")
("/*.narinfo with properly encoded '+' sign"): Adjust accordingly.
parent a2548a3b
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
guix/scripts/publish.scm
+ 3
1
View file @ 4fe01b09
...@@ -64,6 +64,7 @@ (define-module (guix scripts publish) ...@@ -64,6 +64,7 @@ (define-module (guix scripts publish)
#:use-module ((guix build syscalls) #:select (set-thread-name)) #:use-module ((guix build syscalls) #:select (set-thread-name))
#:export (%public-key #:export (%public-key
%private-key %private-key
signed-string
guix-publish)) guix-publish))
...@@ -237,7 +238,8 @@ (define %nix-cache-info ...@@ -237,7 +238,8 @@ (define %nix-cache-info
("Priority" . 100))) ("Priority" . 100)))
(define (signed-string s) (define (signed-string s)
"Sign the hash of the string S with the daemon's key." "Sign the hash of the string S with the daemon's key. Return a canonical
sexp for the signature."
(let* ((public-key (%public-key)) (let* ((public-key (%public-key))
(hash (bytevector->hash-data (sha256 (string->utf8 s)) (hash (bytevector->hash-data (sha256 (string->utf8 s))
#:key-type (key-type public-key)))) #:key-type (key-type public-key))))
......
tests/publish.scm
+ 3
5
View file @ 4fe01b09
;;; GNU Guix --- Functional package management for GNU ;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2015 David Thompson <davet@gnu.org> ;;; Copyright © 2015 David Thompson <davet@gnu.org>
;;; Copyright © 2016, 2017, 2018, 2019 Ludovic Courtès <ludo@gnu.org> ;;; Copyright © 2016, 2017, 2018, 2019, 2020 Ludovic Courtès <ludo@gnu.org>
;;; ;;;
;;; This file is part of GNU Guix. ;;; This file is part of GNU Guix.
;;; ;;;
...@@ -153,8 +153,7 @@ (define %gzip-magic-bytes ...@@ -153,8 +153,7 @@ (define %gzip-magic-bytes
(signature (base64-encode (signature (base64-encode
(string->utf8 (string->utf8
(canonical-sexp->string (canonical-sexp->string
((@@ (guix scripts publish) signed-string) (signed-string unsigned-info))))))
unsigned-info))))))
(format #f "~aSignature: 1;~a;~a~%" (format #f "~aSignature: 1;~a;~a~%"
unsigned-info (gethostname) signature)) unsigned-info (gethostname) signature))
(utf8->string (utf8->string
...@@ -184,8 +183,7 @@ (define %gzip-magic-bytes ...@@ -184,8 +183,7 @@ (define %gzip-magic-bytes
(signature (base64-encode (signature (base64-encode
(string->utf8 (string->utf8
(canonical-sexp->string (canonical-sexp->string
((@@ (guix scripts publish) signed-string) (signed-string unsigned-info))))))
unsigned-info))))))
(format #f "~aSignature: 1;~a;~a~%" (format #f "~aSignature: 1;~a;~a~%"
unsigned-info (gethostname) signature)) unsigned-info (gethostname) signature))
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment