diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-04-25 23:23:51 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-05-04 09:56:12 +0200 |
commit | 4459c7859c286ab54fa3a9901c8a17591b04c516 (patch) | |
tree | 867a6768699931c621b7c41d5fbfaa58f4d5ffa7 /tests | |
parent | 43408e304ffb1149f35cb539b40d673d567c9116 (diff) | |
download | guix-4459c7859c286ab54fa3a9901c8a17591b04c516.tar.gz |
openpgp: Decode the issuer-fingerprint signature subpacket.
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable. (openpgp-signature-issuer-fingerprint): New procedure. (key-id-matches-fingerprint?): New procedure. (get-signature): Look for the 'issuer and 'issuer-fingerprint subpackets. Ensure the issuer key ID matches the fingerprint when both are available. (parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT. * tests/openpgp.scm (%rsa-key-fingerprint) (%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables. * tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the result of 'openpgp-signature-issuer-fingerprint'.
Diffstat (limited to 'tests')
-rw-r--r-- | tests/openpgp.scm | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/tests/openpgp.scm b/tests/openpgp.scm index 8a3c7bbeb7..20d65171fd 100644 --- a/tests/openpgp.scm +++ b/tests/openpgp.scm @@ -18,6 +18,7 @@ (define-module (tests-openpgp) #:use-module (guix openpgp) + #:use-module (gcrypt base16) #:use-module (gcrypt hash) #:use-module (gcrypt pk-crypto) #:use-module (ice-9 binary-ports) @@ -65,6 +66,16 @@ vBSFjNSiVHsuAA== (define %dsa-key-id #x587918047BE8BD2C) ;dsa.key (define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key +(define %rsa-key-fingerprint + (base16-string->bytevector + (string-downcase "385F86CFC86B665A5C165E6BAE25DA2A70DEED59"))) +(define %dsa-key-fingerprint + (base16-string->bytevector + (string-downcase "2884A980422330A4F33DD97F587918047BE8BD2C"))) +(define %ed25519-key-fingerprint + (base16-string->bytevector + (string-downcase "44D31E21AF7138F9B632280A771F49CBFAAE072D"))) + ;;; The following are detached signatures created commands like: ;;; echo 'Hello!' | gpg -sba --digest-algo sha512 @@ -160,15 +171,16 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0= "Ludovic Courtès <ludo@gnu.org>")))))) (test-equal "get-openpgp-detached-signature/ascii" - (list `(,%dsa-key-id dsa sha256) - `(,%rsa-key-id rsa sha256) - `(,%ed25519-key-id eddsa sha256) - `(,%ed25519-key-id eddsa sha512) - `(,%ed25519-key-id eddsa sha1)) + (list `(,%dsa-key-id ,%dsa-key-fingerprint dsa sha256) + `(,%rsa-key-id ,%rsa-key-fingerprint rsa sha256) + `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha256) + `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha512) + `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha1)) (map (lambda (str) (let ((signature (get-openpgp-detached-signature/ascii (open-input-string str)))) (list (openpgp-signature-issuer signature) + (openpgp-signature-issuer-fingerprint signature) (openpgp-signature-public-key-algorithm signature) (openpgp-signature-hash-algorithm signature)))) (list %hello-signature/dsa |