aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2020-04-25 23:23:51 +0200
committerLudovic Courtès <ludo@gnu.org>2020-05-04 09:56:12 +0200
commit4459c7859c286ab54fa3a9901c8a17591b04c516 (patch)
tree867a6768699931c621b7c41d5fbfaa58f4d5ffa7 /tests
parent43408e304ffb1149f35cb539b40d673d567c9116 (diff)
downloadguix-4459c7859c286ab54fa3a9901c8a17591b04c516.tar
guix-4459c7859c286ab54fa3a9901c8a17591b04c516.tar.gz
openpgp: Decode the issuer-fingerprint signature subpacket.
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable. (openpgp-signature-issuer-fingerprint): New procedure. (key-id-matches-fingerprint?): New procedure. (get-signature): Look for the 'issuer and 'issuer-fingerprint subpackets. Ensure the issuer key ID matches the fingerprint when both are available. (parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT. * tests/openpgp.scm (%rsa-key-fingerprint) (%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables. * tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the result of 'openpgp-signature-issuer-fingerprint'.
Diffstat (limited to 'tests')
-rw-r--r--tests/openpgp.scm22
1 files changed, 17 insertions, 5 deletions
diff --git a/tests/openpgp.scm b/tests/openpgp.scm
index 8a3c7bbeb7..20d65171fd 100644
--- a/tests/openpgp.scm
+++ b/tests/openpgp.scm
@@ -18,6 +18,7 @@
(define-module (tests-openpgp)
#:use-module (guix openpgp)
+ #:use-module (gcrypt base16)
#:use-module (gcrypt hash)
#:use-module (gcrypt pk-crypto)
#:use-module (ice-9 binary-ports)
@@ -65,6 +66,16 @@ vBSFjNSiVHsuAA==
(define %dsa-key-id #x587918047BE8BD2C) ;dsa.key
(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key
+(define %rsa-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "385F86CFC86B665A5C165E6BAE25DA2A70DEED59")))
+(define %dsa-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "2884A980422330A4F33DD97F587918047BE8BD2C")))
+(define %ed25519-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "44D31E21AF7138F9B632280A771F49CBFAAE072D")))
+
;;; The following are detached signatures created commands like:
;;; echo 'Hello!' | gpg -sba --digest-algo sha512
@@ -160,15 +171,16 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0=
"Ludovic Courtès <ludo@gnu.org>"))))))
(test-equal "get-openpgp-detached-signature/ascii"
- (list `(,%dsa-key-id dsa sha256)
- `(,%rsa-key-id rsa sha256)
- `(,%ed25519-key-id eddsa sha256)
- `(,%ed25519-key-id eddsa sha512)
- `(,%ed25519-key-id eddsa sha1))
+ (list `(,%dsa-key-id ,%dsa-key-fingerprint dsa sha256)
+ `(,%rsa-key-id ,%rsa-key-fingerprint rsa sha256)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha256)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha512)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha1))
(map (lambda (str)
(let ((signature (get-openpgp-detached-signature/ascii
(open-input-string str))))
(list (openpgp-signature-issuer signature)
+ (openpgp-signature-issuer-fingerprint signature)
(openpgp-signature-public-key-algorithm signature)
(openpgp-signature-hash-algorithm signature))))
(list %hello-signature/dsa