ryan77627/guix
1
0
Fork 0
mirror of https://git.in.rschanz.org/ryan77627/guix.git synced 2025-01-12 06:06:53 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

pk-crypto: Work around Libgcrypt bug <https://bugs.g10code.com/gnupg/issue1594>.

Browse source 
* guix/pk-crypto.scm (canonical-sexp-fold): Call 'nth-data' before
  'nth' to work around <https://bugs.g10code.com/gnupg/issue1594>.
* tests/pk-crypto.scm ("https://bugs.g10code.com/gnupg/issue1594"): New
  test.
This commit is contained in:
Ludovic Courtès 2013-12-30 22:19:19 +01:00
parent c909dab269
commit 36341854df
2 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
guix/pk-crypto.scm
View file

@ -298,8 +298,11 @@ (define (canonical-sexp-fold proc seed sexp)
(if (= index len)
result
(loop (+ 1 index)
(proc (or (canonical-sexp-nth sexp index)
(canonical-sexp-nth-data sexp index))
;; XXX: Call 'nth-data' *before* 'nth' to work around
;; <https://bugs.g10code.com/gnupg/issue1594>, which
;; affects 1.6.0 and earlier versions.
(proc (or (canonical-sexp-nth-data sexp index)
(canonical-sexp-nth sexp index))
result)))))
(error "sexp is not a list" sexp)))

12
tests/pk-crypto.scm
View file

@ -209,6 +209,18 @@ (define %key-pair
(map (compose canonical-sexp->sexp sexp->canonical-sexp)
lst)))
(let ((sexp `(signature
(public-key
(rsa
(n ,(make-bytevector 1024 1))
(e ,(base16-string->bytevector "010001")))))))
(test-equal "https://bugs.g10code.com/gnupg/issue1594"
;; The gcrypt bug above was primarily affecting our uses in
;; 'canonical-sexp->sexp', typically when applied to a signature sexp (in
;; 'guix authenticate -verify') with a "big" RSA key, such as 4096 bits.
sexp
(canonical-sexp->sexp (sexp->canonical-sexp sexp))))
(test-end)