From 36341854dfedc3d173d09e686ffc3e255c102b01 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Date: Mon, 30 Dec 2013 22:19:19 +0100
Subject: pk-crypto: Work around Libgcrypt bug
 <https://bugs.g10code.com/gnupg/issue1594>.

* guix/pk-crypto.scm (canonical-sexp-fold): Call 'nth-data' before
  'nth' to work around <https://bugs.g10code.com/gnupg/issue1594>.
* tests/pk-crypto.scm ("https://bugs.g10code.com/gnupg/issue1594"): New
  test.
---
 tests/pk-crypto.scm | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'tests')

diff --git a/tests/pk-crypto.scm b/tests/pk-crypto.scm
index a894a60531..de775d2e19 100644
--- a/tests/pk-crypto.scm
+++ b/tests/pk-crypto.scm
@@ -209,6 +209,18 @@
     (map (compose canonical-sexp->sexp sexp->canonical-sexp)
          lst)))
 
+(let ((sexp `(signature
+              (public-key
+               (rsa
+                (n ,(make-bytevector 1024 1))
+                (e ,(base16-string->bytevector "010001")))))))
+  (test-equal "https://bugs.g10code.com/gnupg/issue1594"
+    ;; The gcrypt bug above was primarily affecting our uses in
+    ;; 'canonical-sexp->sexp', typically when applied to a signature sexp (in
+    ;; 'guix authenticate -verify') with a "big" RSA key, such as 4096 bits.
+    sexp
+    (canonical-sexp->sexp (sexp->canonical-sexp sexp))))
+
 (test-end)
 
 
-- 
cgit v1.2.3