pk-crypto: Work around Libgcrypt bug <https://bugs.g10code.com/gnupg/issue1594>.

* guix/pk-crypto.scm (canonical-sexp-fold): Call 'nth-data' before
  'nth' to work around <https://bugs.g10code.com/gnupg/issue1594>.
* tests/pk-crypto.scm ("https://bugs.g10code.com/gnupg/issue1594"): New
  test.

2 files changed, 17 insertions, 2 deletions

diff --git a/guix/pk-crypto.scm b/guix/pk-crypto.scm
index 0e7affcce8..cf18faea04 100644
--- a/guix/pk-crypto.scm
+++ b/guix/pk-crypto.scm
@@ -298,8 +298,11 @@ return #f if not found."
           (if (= index len)
               result
               (loop (+ 1 index)
-                    (proc (or (canonical-sexp-nth sexp index)
-                              (canonical-sexp-nth-data sexp index))
+                    ;; XXX: Call 'nth-data' *before* 'nth' to work around
+                    ;; <https://bugs.g10code.com/gnupg/issue1594>, which
+                    ;; affects 1.6.0 and earlier versions.
+                    (proc (or (canonical-sexp-nth-data sexp index)
+                              (canonical-sexp-nth sexp index))
                           result)))))
       (error "sexp is not a list" sexp)))
 
diff --git a/tests/pk-crypto.scm b/tests/pk-crypto.scm
index a894a60531..de775d2e19 100644
--- a/tests/pk-crypto.scm
+++ b/tests/pk-crypto.scm
@@ -209,6 +209,18 @@
     (map (compose canonical-sexp->sexp sexp->canonical-sexp)
          lst)))
 
+(let ((sexp `(signature
+              (public-key
+               (rsa
+                (n ,(make-bytevector 1024 1))
+                (e ,(base16-string->bytevector "010001")))))))
+  (test-equal "https://bugs.g10code.com/gnupg/issue1594"
+    ;; The gcrypt bug above was primarily affecting our uses in
+    ;; 'canonical-sexp->sexp', typically when applied to a signature sexp (in
+    ;; 'guix authenticate -verify') with a "big" RSA key, such as 4096 bits.
+    sexp
+    (canonical-sexp->sexp (sexp->canonical-sexp sexp))))
+
 (test-end)