summaryrefslogtreecommitdiff
path: root/guix/openpgp.scm
AgeCommit message (Collapse)Author
2020-10-14openpgp: '&openpgp-unrecognized-packet-error' includes type tag.Ludovic Courtès
* guix/openpgp.scm (&openpgp-unrecognized-packet-error)[type]: New field. (get-data, parse-subpackets): Initialize 'type' field.
2020-09-29openpgp: Fix argument order of 'fxbit-set?'.Lars-Dominik Braun
* guix/openpgp.scm (fxbit-set?): Change to swap arguments compared to 'bit-set?'. * tests/openpgp.scm (%binary-sample): New test vector. ("port-ascii-armored?, #t"): Add test. ("port-ascii-armored?, #f"): Add another test. Co-authored-by: Ludovic Courtès <ludo@gnu.org>
2020-06-23openpgp: Use Libgcrypt's crc24 implementation.Ludovic Courtès
This gives an 18% speedup on the wall-clock time of: guile -c '(use-modules (git) (guix git-authenticate)) (load-keyring-from-reference (repository-open ".") "keyring")' * guix/openpgp.scm (crc24): Rewrite by calling out to 'bytevector-hash'.
2020-05-04openpgp: Add missing type predicate for '&openpgp-invalid-signature-error'.Ludovic Courtès
Reported by brendyyn on #guix. The mistake led to a macro expansion error on Guile 2.2 but not on 3.0.2. * guix/openpgp.scm (&openpgp-invalid-signature-error): Add missing type predicate.
2020-05-04openpgp: Raise error conditions instead of calling 'error'.Ludovic Courtès
* guix/openpgp.scm (&openpgp-error, &openpgp-unrecognized-packet-error) (&openpgp-invalid-signature-error): New error conditions. (openpgp-hash-algorithm): Add 'signature-port' parameter. Raise an error condition instead of calling 'error'. (parse-subpackets): Likewise. (get-data): Raise instead of calling 'error'. (get-openpgp-detached-signature/ascii): Likewise. (get-signature): Likewise.
2020-05-04openpgp: Add 'string->openpgp-packet'.Ludovic Courtès
* guix/openpgp.scm (string->openpgp-packet): New procedure. * tests/openpgp.scm ("verify-openpgp-signature, missing key") ("verify-openpgp-signature, good signatures") ("verify-openpgp-signature, bad signature"): Use it.
2020-05-04openpgp: 'lookup-key-by-{id,fingerprint}' return the key first.Ludovic Courtès
Previously, 'lookup-key-by-{id,fingerprint}' would always return the list of packets where the primary key is first. Thus, the caller would need to use 'find' to actually find the requested key. * guix/openpgp.scm (keyring-insert): Always add KEY to PACKETS. (lookup-key-by-id, lookup-key-by-fingerprint): Change to return the key as the first value. (verify-openpgp-signature): Remove now unneeded call to 'find'. * tests/openpgp.scm ("get-openpgp-keyring"): Adjust accordingly.
2020-05-04openpgp: 'verify-openpgp-signature' looks up by fingerprint when possible.Ludovic Courtès
* guix/openpgp.scm (verify-openpgp-signature): Use 'lookup-key-by-fingerprint' when SIG contains a fingerprint. Honor FINGERPRINT in the 'find' predicate. Upon missing-key, return FINGERPRINT if available. * tests/openpgp.scm ("verify-openpgp-signature, missing key"): Adjust expected value accordingly.
2020-05-04openpgp: Add 'lookup-key-by-fingerprint'.Ludovic Courtès
* guix/openpgp.scm (<openpgp-keyring>)[table]: Rename to... [ids]: ... this. [fingerprints]: New field. (keyring-insert, lookup-key-by-fingerprint): New procedures. (%empty-keyring): Adjust. (get-openpgp-keyring): Manipulate KEYRING instead of its vhash, use 'keyring-insert'. * tests/openpgp.scm ("get-openpgp-keyring"): Test 'lookup-key-by-fingerprint'.
2020-05-04openpgp: Store the issuer key id and fingerprint in <openpgp-signature>.Ludovic Courtès
* guix/openpgp.scm (<openpgp-signature>)[issuer, issuer-fingerprint]: New fields. (openpgp-signature-issuer, openpgp-signature-issuer-fingerprint): Remove. (verify-openpgp-signature): Use 'openpgp-signature-issuer-key-id'. (get-signature): Initialize 'issuer' and 'issuer-fingerprint'. * tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Adjust accordingly.
2020-05-04openpgp: Decode the issuer-fingerprint signature subpacket.Ludovic Courtès
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable. (openpgp-signature-issuer-fingerprint): New procedure. (key-id-matches-fingerprint?): New procedure. (get-signature): Look for the 'issuer and 'issuer-fingerprint subpackets. Ensure the issuer key ID matches the fingerprint when both are available. (parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT. * tests/openpgp.scm (%rsa-key-fingerprint) (%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables. * tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the result of 'openpgp-signature-issuer-fingerprint'.
2020-05-04Add (guix openpgp).Ludovic Courtès
* guix/openpgp.scm, tests/openpgp.scm, tests/civodul.key, tests/dsa.key, tests/ed25519.key, tests/rsa.key, tests/ed25519.sec: New files. * Makefile.am (MODULES): Add guix/openpgp.scm. (SCM_TESTS): Add tests/openpgp.scm. (EXTRA_DIST): Add tests/*.key and tests/ed25519.sec.