summary refs log tree commit diff
path: root/tests/substitute-binary.scm
AgeCommit message (Collapse)Author
2014-03-31Use 'signature-case' in (guix nar) and 'substitute-binary'.Ludovic Courtès
* guix/nar.scm (restore-file-set)[assert-valid-signature]: Rewrite in terms of 'signature-case'. * guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp): Call 'leave' instead of 'raise' when SIGNATURE is invalid. (&nar-signature-error, &nar-invalid-hash-error): Remove. (assert-valid-signature): Add 'narinfo' parameter; remove 'port'. Rewrite in terms of 'signature-case' and 'leave'. Mention NARINFO's URI in error messages. Adjust caller. (narinfo-sha256): New procedure. (assert-valid-narinfo): Use it. (valid-narinfo?): Rewrite using 'narinfo-sha256' and 'signature-case'. * tests/substitute-binary.scm (assert-valid-signature, test-error-condition): Remove. ("corrupt signature data", "unauthorized public key", "invalid signature"): Remove.
2014-03-30tests: Test the error output of 'substitute-binary'.Ludovic Courtès
* tests/substitute-binary.scm (test-error*): Rename to... (test-quit): ... this. Add 'error-rx' parameter and honor it. ("not a number", "wrong version number", "substitute, no signature", "substitute, invalid hash", "substitute, unauthorized key"): Adjust accordingly.
2014-03-30tests: Add more signed substitute tests.Ludovic Courtès
* tests/substitute-binary.scm (%narinfo): Set 'URL', 'Compression', and 'NarHash'. (call-with-narinfo): Create 'example.out' and 'example.nar'. ("query narinfo without signature", "substitute, no signature", "substitute, authorized key"): New tests.
2014-03-30tests: Simplify 'substitute-binary' tests; reduce use of global variables.Ludovic Courtès
* tests/substitute-binary.scm (signature-body): Change 'str' parameter to 'bv', and expect it to be a bytevector. (%signature-body, %wrong-signature, %acl): Remove. (signature): Rename to... (signature-field): ... this. Add 'bv-or-str' parameter. Change 'str' parameter to #:version. Add #:public-key parameter. Call 'signature-body' directly. Change domain part of the signature to 'example.gnu.org'. ("not a number", "wrong version number", "valid narinfo-signature->canonical-sexp"): Use 'signature-field' instead of 'signature' or %SIGNATURE. (test-error-condition): Add 'message-rx' parameter and honor it. ("corrupt signature data", "unauthorized public key", "invalid signature"): Adjust accordingly. (narinfo, %signed-narinfo): Remove. ("query narinfo with invalid hash"): Use '%narinfo' and 'signature-field' instead of 'narinfo' and '%signature'. ("query narinfo signed with authorized key", "query narinfo signed with unauthorized key", "substitute, invalid hash", "substitute, unauthorized key"): Likewise.
2014-03-30substitute-binary: Defer narinfo authentication and authorization checks.Ludovic Courtès
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp): Catch 'gcry-error' around 'string->canonical-sexp' call, and re-raise as a SRFI-35 &message and &nar-signature-error. (narinfo-maker): Handle when SIGNATURE is #f or an invalid canonical sexp. (&nar-signature-error, &nar-invalid-hash-error): New variables. (assert-valid-signature): Use them. Expect 'signature' to be a canonical sexp. (read-narinfo): Remove authentication and authorization checks. (%signature-line-rx): New variable. (assert-valid-narinfo, valid-narinfo?): New procedures. (guix-substitute-binary): Wrap body in 'with-error-handling'. [valid?]: New procedure. <--query>: Show only store items of narinfos that match 'valid-narinfo?'. <--substitute>: Call 'assert-valid-narinfo'. * tests/substitute-binary.scm (test-error*): Use 'test-equal'. (%keypair): Remove. (%public-key, %private-key): Load from signing-key.{pub,sec}. (signature-body): Add #:public-key parameter. (call-with-narinfo): New procedure. (with-narinfo): New macro. ("corrupt signature data", "unauthorized public key", "invalid signature"): Make the first argument to 'assert-valid-signature' a canonical sexp. ("invalid hash", "valid read-narinfo", "valid write-narinfo"): Remove. ("query narinfo with invalid hash", "query narinfo signed with authorized key", "query narinfo signed with unauthorized key", "substitute, invalid hash", "substitute, unauthorized key"): New tests.
2014-03-30substitute-binary: Support the Signature field of a narinfo file.Nikita Karetnikov
* guix/scripts/substitute-binary.scm (<narinfo>): Add the 'signature' and 'contents' fields. (narinfo-signature->canonical-sexp): New function. (narinfo-maker): Add the 'signature' argument and use it. (assert-valid-signature): New function. (read-narinfo): Support the Signature field. (write-narinfo): Use 'narinfo-contents'. (%allow-unauthenticated-substitutes?): New variable. * guix/base64.scm, tests/base64.scm, tests/substitute-binary.scm: New files. * Makefile.am (SCM_TESTS): Add tests/base64.scm and tests/substitute-binary.scm. (MODULES): Add guix/base64.scm. * test-env.in: Set 'GUIX_ALLOW_UNAUTHENTICATED_SUBSTITUTES'.