mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-24 21:38:07 -05:00
cdea30e061
* guix/scripts/substitute-binary.scm (narinfo-signature->canonical-sexp): Catch 'gcry-error' around 'string->canonical-sexp' call, and re-raise as a SRFI-35 &message and &nar-signature-error. (narinfo-maker): Handle when SIGNATURE is #f or an invalid canonical sexp. (&nar-signature-error, &nar-invalid-hash-error): New variables. (assert-valid-signature): Use them. Expect 'signature' to be a canonical sexp. (read-narinfo): Remove authentication and authorization checks. (%signature-line-rx): New variable. (assert-valid-narinfo, valid-narinfo?): New procedures. (guix-substitute-binary): Wrap body in 'with-error-handling'. [valid?]: New procedure. <--query>: Show only store items of narinfos that match 'valid-narinfo?'. <--substitute>: Call 'assert-valid-narinfo'. * tests/substitute-binary.scm (test-error*): Use 'test-equal'. (%keypair): Remove. (%public-key, %private-key): Load from signing-key.{pub,sec}. (signature-body): Add #:public-key parameter. (call-with-narinfo): New procedure. (with-narinfo): New macro. ("corrupt signature data", "unauthorized public key", "invalid signature"): Make the first argument to 'assert-valid-signature' a canonical sexp. ("invalid hash", "valid read-narinfo", "valid write-narinfo"): Remove. ("query narinfo with invalid hash", "query narinfo signed with authorized key", "query narinfo signed with unauthorized key", "substitute, invalid hash", "substitute, unauthorized key"): New tests. |
||
---|---|---|
.. | ||
base32.scm | ||
base64.scm | ||
build-utils.scm | ||
builders.scm | ||
derivations.scm | ||
guix-archive.sh | ||
guix-authenticate.sh | ||
guix-build.sh | ||
guix-daemon.sh | ||
guix-download.sh | ||
guix-gc.sh | ||
guix-hash.sh | ||
guix-package.sh | ||
guix-register.sh | ||
hash.scm | ||
monads.scm | ||
nar.scm | ||
packages.scm | ||
pk-crypto.scm | ||
pki.scm | ||
profiles.scm | ||
records.scm | ||
signing-key.pub | ||
signing-key.sec | ||
snix.scm | ||
store.scm | ||
substitute-binary.scm | ||
test.drv | ||
ui.scm | ||
union.scm | ||
utils.scm |