diff options
author | Ludovic Courtès <ludo@gnu.org> | 2014-03-30 22:29:35 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2014-03-30 22:32:11 +0200 |
commit | cdea30e061490a521f1e9c66ff870ca98ae5d7e5 (patch) | |
tree | bf2959c6283ae2ccbc39a52f75b5250897aa03a3 /nix/.gitignore | |
parent | 00230df1074400acbcf8e80eeab5e67a3e1b3210 (diff) | |
download | guix-cdea30e061490a521f1e9c66ff870ca98ae5d7e5.tar guix-cdea30e061490a521f1e9c66ff870ca98ae5d7e5.tar.gz |
substitute-binary: Defer narinfo authentication and authorization checks.
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp):
Catch 'gcry-error' around 'string->canonical-sexp' call, and re-raise
as a SRFI-35 &message and &nar-signature-error.
(narinfo-maker): Handle when SIGNATURE is #f or an invalid canonical
sexp.
(&nar-signature-error, &nar-invalid-hash-error): New variables.
(assert-valid-signature): Use them. Expect 'signature' to be a
canonical sexp.
(read-narinfo): Remove authentication and authorization checks.
(%signature-line-rx): New variable.
(assert-valid-narinfo, valid-narinfo?): New procedures.
(guix-substitute-binary): Wrap body in 'with-error-handling'.
[valid?]: New procedure.
<--query>: Show only store items of narinfos that match
'valid-narinfo?'.
<--substitute>: Call 'assert-valid-narinfo'.
* tests/substitute-binary.scm (test-error*): Use 'test-equal'.
(%keypair): Remove.
(%public-key, %private-key): Load from signing-key.{pub,sec}.
(signature-body): Add #:public-key parameter.
(call-with-narinfo): New procedure.
(with-narinfo): New macro.
("corrupt signature data", "unauthorized public key", "invalid
signature"): Make the first argument to 'assert-valid-signature' a
canonical sexp.
("invalid hash", "valid read-narinfo", "valid write-narinfo"):
Remove.
("query narinfo with invalid hash", "query narinfo signed with
authorized key", "query narinfo signed with unauthorized key",
"substitute, invalid hash", "substitute, unauthorized key"): New
tests.
Diffstat (limited to 'nix/.gitignore')
0 files changed, 0 insertions, 0 deletions