* build-aux/git-authenticate.scm (load-keyring-from-blob)
(load-keyring-from-reference): New procedures.
(authenticate-commits): Add #:keyring-reference and use
'load-keyring-from-reference'.
* build-aux/git-authenticate.scm (read-authorizations)
(commit-authorized-keys): New procedures.
(authenticate-commit): Use it instead of %AUTHORIZED-SIGNING-KEYS.
It can now authenticate 14K+ commits in 23s instead of 4mn20.
* build-aux/git-authenticate.scm (%authorized-signing-keys): Turn
fingerprints into bytevectors.
(with-temporary-files): Remove.
(commit-signing-key): Add 'keyring' parameter. Use
'string->openpgp-packet' and 'verify-openpgp-signature' instead of (guix
gnupg) procedures.
(authenticate-commit): Add 'keyring' parameter. Pass it to
'commit-signing-key'. Adjust to SIGNING-KEY being an <openpgp-public-key>.
(authenticate-commits): Remove 'parameterize'. Load keyring with
'get-openpgp-keyring'.
(git-authenticate): When printing stats, adjust to SIGNER being an
<openpgp-public-key>.
* guix/openpgp.scm (string->openpgp-packet): New procedure.
* tests/openpgp.scm ("verify-openpgp-signature, missing key")
("verify-openpgp-signature, good signatures")
("verify-openpgp-signature, bad signature"): Use it.
Previously, 'lookup-key-by-{id,fingerprint}' would always return the
list of packets where the primary key is first. Thus, the caller would
need to use 'find' to actually find the requested key.
* guix/openpgp.scm (keyring-insert): Always add KEY to PACKETS.
(lookup-key-by-id, lookup-key-by-fingerprint): Change to return the key
as the first value.
(verify-openpgp-signature): Remove now unneeded call to 'find'.
* tests/openpgp.scm ("get-openpgp-keyring"): Adjust accordingly.
* guix/openpgp.scm (verify-openpgp-signature): Use
'lookup-key-by-fingerprint' when SIG contains a fingerprint.
Honor FINGERPRINT in the 'find' predicate. Upon missing-key, return
FINGERPRINT if available.
* tests/openpgp.scm ("verify-openpgp-signature, missing key"): Adjust
expected value accordingly.
* guix/openpgp.scm (SUBPACKET-ISSUER-FINGERPRINT): New variable.
(openpgp-signature-issuer-fingerprint): New procedure.
(key-id-matches-fingerprint?): New procedure.
(get-signature): Look for the 'issuer and 'issuer-fingerprint
subpackets. Ensure the issuer key ID matches the fingerprint when both
are available.
(parse-subpackets): Handle SUBPACKET-ISSUER-FINGERPRINT.
* tests/openpgp.scm (%rsa-key-fingerprint)
(%dsa-key-fingerprint, %ed25519-key-fingerprint): New variables.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Check the
result of 'openpgp-signature-issuer-fingerprint'.
Follow-up to 23b37c3d40.
* gnu/build/file-systems.scm (bytevector-utf16-length): New procedure.
(null-terminated-utf16->string): New procedure.
(f2fs-superblock-volume-name): Use it.
This is to fix an issue with gnome-boxes when trying to start a virtual
machine:
unsupported type name: smartcard
* gnu/packages/spice.scm (spice)[inputs]: Add libcacard.
This fixes an error in gnome-boxes when starting virtual machines:
Unable to start domain: unsupported configuration: this QEMU binary lacks
smartcard passthrough mode support
* gnu/packages/virtualization.scm (qemu)[inputs]: Add libcacard.
This hardcodes the path of SCClassLibrary to fix a lookup error that was
preventing SCServer's boot.
* gnu/packages/audio.scm (supercollider)[source]: Fetch via git,
[arguments]: build release target and add a new 'patch-scclass-dir phase to
hardcode SCClassLibrary path.
Signed-off-by: Mathieu Othacehe <m.othacehe@gmail.com>