aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-01-04 18:00:23 +0100
committerLudovic Courtès <ludo@gnu.org>2015-01-04 22:46:51 +0100
commit828c0bec6b95a6dcfffd28d0a28caecf4f69addf (patch)
treeceb25b2c311b8d022472edb0caeb13ed7ebffd2f
parentfcdebadf39a073516df4b3e2c39fda87032d4394 (diff)
downloadguix-828c0bec6b95a6dcfffd28d0a28caecf4f69addf.tar.gz
guix-828c0bec6b95a6dcfffd28d0a28caecf4f69addf.zip
pk-crypto: Improve docstring of signature-related procedures.
* guix/pk-crypto.scm (bytevector->hash-data, sign): Augment docstring.
-rw-r--r--guix/pk-crypto.scm14
1 files changed, 8 insertions, 6 deletions
diff --git a/guix/pk-crypto.scm b/guix/pk-crypto.scm
index 71104128c1..e5d4dc9ecc 100644
--- a/guix/pk-crypto.scm
+++ b/guix/pk-crypto.scm
@@ -1,5 +1,5 @@
;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2015 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -254,9 +254,9 @@ Return #f if that element does not exist, or if it's a list."
#:optional
(hash-algo "sha256")
#:key (key-type 'ecc))
- "Given BV, a bytevector containing a hash, return an s-expression suitable
-for use as the data for 'sign'. KEY-TYPE must be a symbol: 'dsa, 'ecc, or
-'rsa."
+ "Given BV, a bytevector containing a hash of type HASH-ALGO, return an
+s-expression suitable for use as the 'data' argument for 'sign'. KEY-TYPE
+must be a symbol: 'dsa, 'ecc, or 'rsa."
(string->canonical-sexp
(format #f "(data (flags ~a) (hash \"~a\" #~a#))"
(case key-type
@@ -289,8 +289,10 @@ Return #f if DATA does not conform."
(let* ((ptr (libgcrypt-func "gcry_pk_sign"))
(proc (pointer->procedure int ptr '(* * *))))
(lambda (data secret-key)
- "Sign DATA (an s-expression) with SECRET-KEY (an s-expression whose car
-is 'private-key'.)"
+ "Sign DATA, a canonical s-expression representing a suitable hash, with
+SECRET-KEY (a canonical s-expression whose car is 'private-key'.) Note that
+DATA must be a 'data' s-expression, as returned by
+'bytevector->hash-data' (info \"(gcrypt) Cryptographic Functions\")."
(let* ((sig (bytevector->pointer (make-bytevector (sizeof '*))))
(err (proc sig (canonical-sexp->pointer data)
(canonical-sexp->pointer secret-key))))