authenticate: Store the public key as part of the signature.

* guix/scripts/authenticate.scm (signature-sexp): New procedure.
  (guix-authenticate): Use it to produce the signature.  Adjust
  verification code accordingly.
* tests/store.scm ("import corrupt path"): Adjust test accordingly.
This commit is contained in:
Ludovic Courtès 2013-12-28 00:42:07 +01:00
parent b0a33ac157
commit 6df1fb8991
2 changed files with 22 additions and 8 deletions

View file

@ -44,6 +44,17 @@ (define (read-hash-data file)
(bv (base16-string->bytevector (string-trim-both hex)))) (bv (base16-string->bytevector (string-trim-both hex))))
(bytevector->hash-data bv))) (bytevector->hash-data bv)))
(define (signature-sexp data secret-key public-key)
"Return a SPKI-style sexp for the signature of DATA with SECRET-KEY that
includes DATA, the actual signature value (with a 'sig-val' tag), and
PUBLIC-KEY (see <http://theworld.com/~cme/spki.txt> for examples.)"
(string->canonical-sexp
(format #f
"(signature ~a ~a ~a)"
(canonical-sexp->string data)
(canonical-sexp->string (sign data secret-key))
(canonical-sexp->string public-key))))
;;; ;;;
;;; Entry point with 'openssl'-compatible interface. We support this ;;; Entry point with 'openssl'-compatible interface. We support this
@ -57,18 +68,21 @@ (define (guix-authenticate . args)
;; Sign the hash in HASH-FILE with KEY, and return an sexp that includes ;; Sign the hash in HASH-FILE with KEY, and return an sexp that includes
;; both the hash and the actual signature. ;; both the hash and the actual signature.
(let* ((secret-key (read-canonical-sexp key)) (let* ((secret-key (read-canonical-sexp key))
(data (read-hash-data hash-file))) (public-key (if (string-suffix? ".sec" key)
(format #t (read-canonical-sexp
"(guix-signature ~a (payload ~a))" (string-append (string-drop-right key 4) ".pub"))
(canonical-sexp->string (sign data secret-key)) (leave (_ "cannot find public key for secret key '~a'")
(canonical-sexp->string data)) key)))
(data (read-hash-data hash-file))
(signature (signature-sexp data secret-key public-key)))
(display (canonical-sexp->string signature))
#t)) #t))
(("rsautl" "-verify" "-inkey" key "-pubin" "-in" signature-file) (("rsautl" "-verify" "-inkey" key "-pubin" "-in" signature-file)
;; Read the signature as produced above, check it against KEY, and print ;; Read the signature as produced above, check it against KEY, and print
;; the signed data to stdout upon success. ;; the signed data to stdout upon success.
(let* ((public-key (read-canonical-sexp key)) (let* ((public-key (read-canonical-sexp key))
(sig+data (read-canonical-sexp signature-file)) (sig+data (read-canonical-sexp signature-file))
(data (find-sexp-token sig+data 'payload)) (data (find-sexp-token sig+data 'data))
(signature (find-sexp-token sig+data 'sig-val))) (signature (find-sexp-token sig+data 'sig-val)))
(if (and data signature) (if (and data signature)
(if (verify signature data public-key) (if (verify signature data public-key)

View file

@ -373,8 +373,8 @@ (define (same? x y)
(cut export-paths %store (list file) <>)))) (cut export-paths %store (list file) <>))))
(delete-paths %store (list file)) (delete-paths %store (list file))
;; Flip a bit in the middle of the stream. ;; Flip a bit in the stream's payload.
(let* ((index (quotient (bytevector-length dump) 3)) (let* ((index (quotient (bytevector-length dump) 4))
(byte (bytevector-u8-ref dump index))) (byte (bytevector-u8-ref dump index)))
(bytevector-u8-set! dump index (logxor #xff byte))) (bytevector-u8-set! dump index (logxor #xff byte)))