;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2013, 2014, 2016 Ludovic Courtès <ludo@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
(define-module (guix pki)
#:use-module (guix config)
- #:use-module (guix pk-crypto)
+ #:use-module (gcrypt pk-crypto)
#:use-module ((guix utils) #:select (with-atomic-file-output))
#:use-module ((guix build utils) #:select (mkdir-p))
#:use-module (ice-9 match)
- #:use-module (rnrs io ports)
+ #:use-module (ice-9 rdelim)
+ #:use-module (ice-9 binary-ports)
#:export (%public-key-file
%private-key-file
%acl-file
public-keys->acl
acl->public-keys
authorized-key?
+ write-acl
signature-sexp
signature-subject
(when (file-exists? %public-key-file)
(let ((public-key (call-with-input-file %public-key-file
(compose string->canonical-sexp
- get-string-all))))
+ read-string))))
(mkdir-p (dirname %acl-file))
(with-atomic-file-output %acl-file
(lambda (port)
- (display (canonical-sexp->string
- (public-keys->acl (list public-key)))
- port)))))))
+ (write-acl (public-keys->acl (list public-key))
+ port)))))))
+
+(define (write-acl acl port)
+ "Write ACL to PORT in canonical-sexp format."
+ (let ((sexp (sexp->canonical-sexp acl)))
+ (display (canonical-sexp->string sexp) port)))
(define (current-acl)
"Return the current ACL."
(call-with-input-file %acl-file
(compose canonical-sexp->sexp
string->canonical-sexp
- get-string-all))
+ read-string))
(public-keys->acl '()))) ; the empty ACL
(define (acl->public-keys acl)