[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
04/15: openpgp: Store the issuer key id and fingerprint in <openpgp-sign
From: |
guix-commits |
Subject: |
04/15: openpgp: Store the issuer key id and fingerprint in <openpgp-signature>. |
Date: |
Mon, 4 May 2020 03:59:32 -0400 (EDT) |
civodul pushed a commit to branch master
in repository guix.
commit 7b2b3a13cc2d9b043f37b2e7ba0f147c08de8fad
Author: Ludovic Courtès <address@hidden>
AuthorDate: Sun Apr 26 16:03:46 2020 +0200
openpgp: Store the issuer key id and fingerprint in <openpgp-signature>.
* guix/openpgp.scm (<openpgp-signature>)[issuer, issuer-fingerprint]:
New fields.
(openpgp-signature-issuer, openpgp-signature-issuer-fingerprint): Remove.
(verify-openpgp-signature): Use 'openpgp-signature-issuer-key-id'.
(get-signature): Initialize 'issuer' and 'issuer-fingerprint'.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Adjust
accordingly.
---
guix/openpgp.scm | 28 ++++++++++------------------
tests/openpgp.scm | 2 +-
2 files changed, 11 insertions(+), 19 deletions(-)
diff --git a/guix/openpgp.scm b/guix/openpgp.scm
index 77a7537..3b11998 100644
--- a/guix/openpgp.scm
+++ b/guix/openpgp.scm
@@ -32,7 +32,7 @@
port-ascii-armored?
openpgp-signature?
- openpgp-signature-issuer
+ openpgp-signature-issuer-key-id
openpgp-signature-issuer-fingerprint
openpgp-signature-public-key-algorithm
openpgp-signature-hash-algorithm
@@ -469,7 +469,7 @@ hexadecimal format for fingerprints."
(define-record-type <openpgp-signature>
(make-openpgp-signature version type pk-algorithm hash-algorithm hashl16
append-data hashed-subpackets unhashed-subpackets
- value)
+ value issuer issuer-fingerprint)
openpgp-signature?
(version openpgp-signature-version)
(type openpgp-signature-type)
@@ -479,19 +479,9 @@ hexadecimal format for fingerprints."
(append-data openpgp-signature-append-data) ;append to data when
hashing
(hashed-subpackets openpgp-signature-hashed-subpackets)
(unhashed-subpackets openpgp-signature-unhashed-subpackets)
- (value openpgp-signature-value))
-
-(define (openpgp-signature-issuer sig)
- (cond ((assq 'issuer (openpgp-signature-unhashed-subpackets sig)) => cdr)
- ;; XXX: is the issuer always in the unhashed subpackets?
- (else #f)))
-
-(define (openpgp-signature-issuer-fingerprint sig)
- "When it's available, return the fingerprint, a bytevector, or the issuer of
-SIG. Otherwise, return #f."
- (or (assoc-ref (openpgp-signature-hashed-subpackets sig) 'issuer-fingerprint)
- (assoc-ref (openpgp-signature-unhashed-subpackets sig)
- 'issuer-fingerprint)))
+ (value openpgp-signature-value)
+ (issuer openpgp-signature-issuer-key-id) ;integer | #f
+ (issuer-fingerprint openpgp-signature-issuer-fingerprint)) ;bytevector |
#f
(define (openpgp-signature-creation-time sig)
(cond ((assq 'signature-ctime (openpgp-signature-hashed-subpackets sig))
@@ -573,7 +563,7 @@ the issuer's OpenPGP public key extracted from KEYRING."
;; TODO: Support SIGNATURE-TEXT.
(if (= (openpgp-signature-type sig) SIGNATURE-BINARY)
- (let* ((issuer (openpgp-signature-issuer sig))
+ (let* ((issuer (openpgp-signature-issuer-key-id sig))
(key-data (lookup-key-by-id keyring issuer)))
;; Find the primary key or subkey that made the signature.
(let ((key (find (lambda (k)
@@ -651,7 +641,8 @@ FINGERPRINT, a bytevector."
(list (cons 'signature-ctime ctime))
;; Unhashed subpackets
(list (cons 'issuer keyid))
- value))))
+ value
+ keyid #f))))
((4)
(let*-values (((type pkalg halg) (get-integers p u8 u8 u8))
((hashed-subpackets)
@@ -697,7 +688,8 @@ FINGERPRINT, a bytevector."
append-data
hashed-subpackets
unhashed-subpackets
- value)))))
+ value
+ issuer-key-id issuer)))))
(else
(print "Unsupported signature version: " version)
'unsupported-signature-version))))
diff --git a/tests/openpgp.scm b/tests/openpgp.scm
index 20d6517..1709167 100644
--- a/tests/openpgp.scm
+++ b/tests/openpgp.scm
@@ -179,7 +179,7 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0=
(map (lambda (str)
(let ((signature (get-openpgp-detached-signature/ascii
(open-input-string str))))
- (list (openpgp-signature-issuer signature)
+ (list (openpgp-signature-issuer-key-id signature)
(openpgp-signature-issuer-fingerprint signature)
(openpgp-signature-public-key-algorithm signature)
(openpgp-signature-hash-algorithm signature))))
- branch master updated (c563f88 -> 4a84ded), guix-commits, 2020/05/04
- 01/15: Add '.guix-authorizations'., guix-commits, 2020/05/04
- 02/15: Add (guix openpgp)., guix-commits, 2020/05/04
- 04/15: openpgp: Store the issuer key id and fingerprint in <openpgp-signature>.,
guix-commits <=
- 03/15: openpgp: Decode the issuer-fingerprint signature subpacket., guix-commits, 2020/05/04
- 06/15: openpgp: 'verify-openpgp-signature' looks up by fingerprint when possible., guix-commits, 2020/05/04
- 09/15: git-authenticate: Use (guix openpgp)., guix-commits, 2020/05/04
- 10/15: .guix-authorizations: Augment., guix-commits, 2020/05/04
- 05/15: openpgp: Add 'lookup-key-by-fingerprint'., guix-commits, 2020/05/04
- 07/15: openpgp: 'lookup-key-by-{id, fingerprint}' return the key first., guix-commits, 2020/05/04
- 08/15: openpgp: Add 'string->openpgp-packet'., guix-commits, 2020/05/04
- 13/15: openpgp: Raise error conditions instead of calling 'error'., guix-commits, 2020/05/04
- 11/15: git-authenticate: Load the list of authorized keys from the tree., guix-commits, 2020/05/04
- 12/15: git-authenticate: Load the keyring from the repository., guix-commits, 2020/05/04