diff options
author | Ludovic Courtès <ludo@gnu.org> | 2014-04-22 11:30:51 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2014-04-22 11:30:58 +0200 |
commit | 6f69588529f9898dc4f2defd21603cc4abbaca17 (patch) | |
tree | d272d8bd84f0653e0d5b7d409df3211c29fec784 | |
parent | 6030d8493e13af81be63c3cee530d44b4dff1ad6 (diff) | |
download | guix-6f69588529f9898dc4f2defd21603cc4abbaca17.tar.gz guix-6f69588529f9898dc4f2defd21603cc4abbaca17.zip |
authenticate: Allow signatures with binary data to be written to stdout.
Fixes <http://bugs.gnu.org/17312>.
* guix/scripts/authenticate.scm (guix-authenticate): Add calls to
'set-port-encoding!' and 'set-port-conversion-strategy!'. Wrap body
in 'with-fluids' form that sets '%default-port-encoding' and
'%default-port-conversion-strategy'.
* tests/guix-authenticate.sh: Add test.
* tests/pk-crypto.scm ("hash corrupt due to restrictive locale
encoding"): Add reference to bug.
-rw-r--r-- | guix/scripts/authenticate.scm | 55 | ||||
-rw-r--r-- | tests/guix-authenticate.sh | 21 | ||||
-rw-r--r-- | tests/pk-crypto.scm | 2 |
3 files changed, 54 insertions, 24 deletions
diff --git a/guix/scripts/authenticate.scm b/guix/scripts/authenticate.scm index 62717bb09c..1b1e0b08ca 100644 --- a/guix/scripts/authenticate.scm +++ b/guix/scripts/authenticate.scm @@ -89,30 +89,39 @@ to stdout upon success." ;;; (define (guix-authenticate . args) - (match args - ;; As invoked by guix-daemon. - (("rsautl" "-sign" "-inkey" key "-in" hash-file) - (call-with-input-file hash-file - (lambda (port) - (sign-with-key key port)))) - ;; As invoked by Nix/Crypto.pm (used by Hydra.) - (("rsautl" "-sign" "-inkey" key) - (sign-with-key key (current-input-port))) - ;; As invoked by guix-daemon. - (("rsautl" "-verify" "-inkey" _ "-pubin" "-in" signature-file) - (call-with-input-file signature-file - (lambda (port) - (validate-signature port)))) - ;; As invoked by Nix/Crypto.pm (used by Hydra.) - (("rsautl" "-verify" "-inkey" _ "-pubin") - (validate-signature (current-input-port))) - (("--help") - (display (_ "Usage: guix authenticate OPTION... + ;; Signature sexps written to stdout may contain binary data, so force + ;; ISO-8859-1 encoding so that things are not mangled. See + ;; <http://bugs.gnu.org/17312> for details. + (set-port-encoding! (current-output-port) "ISO-8859-1") + (set-port-conversion-strategy! (current-output-port) 'error) + + ;; Same goes for input ports. + (with-fluids ((%default-port-encoding "ISO-8859-1") + (%default-port-conversion-strategy 'error)) + (match args + ;; As invoked by guix-daemon. + (("rsautl" "-sign" "-inkey" key "-in" hash-file) + (call-with-input-file hash-file + (lambda (port) + (sign-with-key key port)))) + ;; As invoked by Nix/Crypto.pm (used by Hydra.) + (("rsautl" "-sign" "-inkey" key) + (sign-with-key key (current-input-port))) + ;; As invoked by guix-daemon. + (("rsautl" "-verify" "-inkey" _ "-pubin" "-in" signature-file) + (call-with-input-file signature-file + (lambda (port) + (validate-signature port)))) + ;; As invoked by Nix/Crypto.pm (used by Hydra.) + (("rsautl" "-verify" "-inkey" _ "-pubin") + (validate-signature (current-input-port))) + (("--help") + (display (_ "Usage: guix authenticate OPTION... Sign or verify the signature on the given file. This tool is meant to be used internally by 'guix-daemon'.\n"))) - (("--version") - (show-version-and-exit "guix authenticate")) - (else - (leave (_ "wrong arguments"))))) + (("--version") + (show-version-and-exit "guix authenticate")) + (else + (leave (_ "wrong arguments")))))) ;;; authenticate.scm ends here diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh index 35ec7ffd6a..72c3d161d7 100644 --- a/tests/guix-authenticate.sh +++ b/tests/guix-authenticate.sh @@ -72,3 +72,24 @@ if guix authenticate rsautl -verify \ then false else true fi + + +# Test for <http://bugs.gnu.org/17312>: make sure 'guix authenticate' produces +# valid signatures when run in the C locale. +echo "5eff0b55c9c5f5e87b4e34cd60a2d5654ca1eb78c7b3c67c3179fed1cff07b4c" \ + > "$hash" + +LC_ALL=C +export LC_ALL + +guix authenticate rsautl -sign \ + -inkey "$abs_top_srcdir/tests/signing-key.sec" \ + -in "$hash" > "$sig" + +guix authenticate rsautl -verify \ + -inkey "$abs_top_srcdir/tests/signing-key.pub" \ + -pubin -in "$sig" +hash2="`guix authenticate rsautl -verify \ + -inkey $abs_top_srcdir/tests/signing-key.pub \ + -pubin -in $sig`" +test "$hash2" = `cat "$hash"` diff --git a/tests/pk-crypto.scm b/tests/pk-crypto.scm index 67bbc83d49..f5008f3248 100644 --- a/tests/pk-crypto.scm +++ b/tests/pk-crypto.scm @@ -153,7 +153,7 @@ ;; In Guix up to 0.6 included this test would fail because at some point ;; the hash value would be cropped to ASCII. In practice 'guix ;; authenticate' would produce invalid signatures that would fail - ;; signature verification. + ;; signature verification. See <http://bugs.gnu.org/17312>. (let ((locale (setlocale LC_ALL))) (dynamic-wind (lambda () |