kreyren/guix-kreyren
1
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Activity

openpgp: Store the issuer key id and fingerprint in <openpgp-signature>.

Browse Source 
* guix/openpgp.scm (<openpgp-signature>)[issuer, issuer-fingerprint]:
New fields.
(openpgp-signature-issuer, openpgp-signature-issuer-fingerprint): Remove.
(verify-openpgp-signature): Use 'openpgp-signature-issuer-key-id'.
(get-signature): Initialize 'issuer' and 'issuer-fingerprint'.
* tests/openpgp.scm ("get-openpgp-detached-signature/ascii"): Adjust
accordingly.
This commit is contained in:
Ludovic Courtès 2020-04-26 16:03:46 +02:00
parent 4459c7859c
commit 7b2b3a13cc
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
2 changed files with 11 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
guix/openpgp.scm
View File

@ -32,7 +32,7 @@
port-ascii-armored? port-ascii-armored?
openpgp-signature? openpgp-signature?
openpgp-signature-issuer openpgp-signature-issuer-key-id
openpgp-signature-issuer-fingerprint openpgp-signature-issuer-fingerprint
openpgp-signature-public-key-algorithm openpgp-signature-public-key-algorithm
openpgp-signature-hash-algorithm openpgp-signature-hash-algorithm
@ -469,7 +469,7 @@ hexadecimal format for fingerprints."
(define-record-type <openpgp-signature> (define-record-type <openpgp-signature>
(make-openpgp-signature version type pk-algorithm hash-algorithm hashl16 (make-openpgp-signature version type pk-algorithm hash-algorithm hashl16
append-data hashed-subpackets unhashed-subpackets append-data hashed-subpackets unhashed-subpackets
value) value issuer issuer-fingerprint)
openpgp-signature? openpgp-signature?
(version openpgp-signature-version) (version openpgp-signature-version)
(type openpgp-signature-type) (type openpgp-signature-type)
@ -479,19 +479,9 @@ hexadecimal format for fingerprints."
(append-data openpgp-signature-append-data) ;append to data when hashing (append-data openpgp-signature-append-data) ;append to data when hashing
(hashed-subpackets openpgp-signature-hashed-subpackets) (hashed-subpackets openpgp-signature-hashed-subpackets)
(unhashed-subpackets openpgp-signature-unhashed-subpackets) (unhashed-subpackets openpgp-signature-unhashed-subpackets)
(value openpgp-signature-value)) (value openpgp-signature-value)
(issuer openpgp-signature-issuer-key-id) ;integer | #f
(define (openpgp-signature-issuer sig) (issuer-fingerprint openpgp-signature-issuer-fingerprint)) ;bytevector | #f
(cond ((assq 'issuer (openpgp-signature-unhashed-subpackets sig)) => cdr)
;; XXX: is the issuer always in the unhashed subpackets?
(else #f)))
(define (openpgp-signature-issuer-fingerprint sig)
"When it's available, return the fingerprint, a bytevector, or the issuer of
SIG. Otherwise, return #f."
(or (assoc-ref (openpgp-signature-hashed-subpackets sig) 'issuer-fingerprint)
(assoc-ref (openpgp-signature-unhashed-subpackets sig)
'issuer-fingerprint)))
(define (openpgp-signature-creation-time sig) (define (openpgp-signature-creation-time sig)
(cond ((assq 'signature-ctime (openpgp-signature-hashed-subpackets sig)) (cond ((assq 'signature-ctime (openpgp-signature-hashed-subpackets sig))
@ -573,7 +563,7 @@ the issuer's OpenPGP public key extracted from KEYRING."
;; TODO: Support SIGNATURE-TEXT. ;; TODO: Support SIGNATURE-TEXT.
(if (= (openpgp-signature-type sig) SIGNATURE-BINARY) (if (= (openpgp-signature-type sig) SIGNATURE-BINARY)
(let* ((issuer (openpgp-signature-issuer sig)) (let* ((issuer (openpgp-signature-issuer-key-id sig))
(key-data (lookup-key-by-id keyring issuer))) (key-data (lookup-key-by-id keyring issuer)))
;; Find the primary key or subkey that made the signature. ;; Find the primary key or subkey that made the signature.
(let ((key (find (lambda (k) (let ((key (find (lambda (k)
@ -651,7 +641,8 @@ FINGERPRINT, a bytevector."
(list (cons 'signature-ctime ctime)) (list (cons 'signature-ctime ctime))
;; Unhashed subpackets ;; Unhashed subpackets
(list (cons 'issuer keyid)) (list (cons 'issuer keyid))
value)))) value
keyid #f))))
((4) ((4)
(let*-values (((type pkalg halg) (get-integers p u8 u8 u8)) (let*-values (((type pkalg halg) (get-integers p u8 u8 u8))
((hashed-subpackets) ((hashed-subpackets)
@ -697,7 +688,8 @@ FINGERPRINT, a bytevector."
append-data append-data
hashed-subpackets hashed-subpackets
unhashed-subpackets unhashed-subpackets
value))))) value
issuer-key-id issuer)))))
(else (else
(print "Unsupported signature version: " version) (print "Unsupported signature version: " version)
'unsupported-signature-version)))) 'unsupported-signature-version))))

2
tests/openpgp.scm
View File

@ -179,7 +179,7 @@ Pz7oopeN72xgggYUNT37ezqN3MeCqw0=
(map (lambda (str) (map (lambda (str)
(let ((signature (get-openpgp-detached-signature/ascii (let ((signature (get-openpgp-detached-signature/ascii
(open-input-string str)))) (open-input-string str))))
(list (openpgp-signature-issuer signature) (list (openpgp-signature-issuer-key-id signature)
(openpgp-signature-issuer-fingerprint signature) (openpgp-signature-issuer-fingerprint signature)
(openpgp-signature-public-key-algorithm signature) (openpgp-signature-public-key-algorithm signature)
(openpgp-signature-hash-algorithm signature)))) (openpgp-signature-hash-algorithm signature))))