(define-module (tests-openpgp)
#:use-module (guix openpgp)
+ #:use-module (gcrypt base16)
#:use-module (gcrypt hash)
#:use-module (gcrypt pk-crypto)
#:use-module (ice-9 binary-ports)
(define %dsa-key-id #x587918047BE8BD2C) ;dsa.key
(define %ed25519-key-id #x771F49CBFAAE072D) ;ed25519.key
+(define %rsa-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "385F86CFC86B665A5C165E6BAE25DA2A70DEED59")))
+(define %dsa-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "2884A980422330A4F33DD97F587918047BE8BD2C")))
+(define %ed25519-key-fingerprint
+ (base16-string->bytevector
+ (string-downcase "44D31E21AF7138F9B632280A771F49CBFAAE072D")))
+
\f
;;; The following are detached signatures created commands like:
;;; echo 'Hello!' | gpg -sba --digest-algo sha512
(keyring (get-openpgp-keyring
(open-bytevector-input-port
(call-with-input-file key read-radix-64)))))
- (match (lookup-key-by-id keyring %civodul-key-id)
- (((? openpgp-public-key? primary) packets ...)
- (and (= (openpgp-public-key-id primary) %civodul-key-id)
- (not (openpgp-public-key-subkey? primary))
- (string=? (openpgp-format-fingerprint
- (openpgp-public-key-fingerprint primary))
- %civodul-fingerprint)
- (string=? (openpgp-user-id-value (find openpgp-user-id? packets))
- "Ludovic Courtès <ludo@gnu.org>"))))))
+ (let-values (((primary packets)
+ (lookup-key-by-id keyring %civodul-key-id)))
+ (let ((fingerprint (openpgp-public-key-fingerprint primary)))
+ (and (= (openpgp-public-key-id primary) %civodul-key-id)
+ (not (openpgp-public-key-subkey? primary))
+ (string=? (openpgp-format-fingerprint fingerprint)
+ %civodul-fingerprint)
+ (string=? (openpgp-user-id-value (find openpgp-user-id? packets))
+ "Ludovic Courtès <ludo@gnu.org>")
+ (eq? (lookup-key-by-fingerprint keyring fingerprint)
+ primary))))))
(test-equal "get-openpgp-detached-signature/ascii"
- (list `(,%dsa-key-id dsa sha256)
- `(,%rsa-key-id rsa sha256)
- `(,%ed25519-key-id eddsa sha256)
- `(,%ed25519-key-id eddsa sha512)
- `(,%ed25519-key-id eddsa sha1))
+ (list `(,%dsa-key-id ,%dsa-key-fingerprint dsa sha256)
+ `(,%rsa-key-id ,%rsa-key-fingerprint rsa sha256)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha256)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha512)
+ `(,%ed25519-key-id ,%ed25519-key-fingerprint eddsa sha1))
(map (lambda (str)
(let ((signature (get-openpgp-detached-signature/ascii
(open-input-string str))))
- (list (openpgp-signature-issuer signature)
+ (list (openpgp-signature-issuer-key-id signature)
+ (openpgp-signature-issuer-fingerprint signature)
(openpgp-signature-public-key-algorithm signature)
(openpgp-signature-hash-algorithm signature))))
(list %hello-signature/dsa
%hello-signature/ed25519/sha1)))
(test-equal "verify-openpgp-signature, missing key"
- `(missing-key ,%rsa-key-id)
+ `(missing-key ,%rsa-key-fingerprint)
(let* ((keyring (get-openpgp-keyring (%make-void-port "r")))
- (signature (get-openpgp-packet
- (open-bytevector-input-port
- (call-with-input-string %hello-signature/rsa
- read-radix-64)))))
+ (signature (string->openpgp-packet %hello-signature/rsa)))
(let-values (((status key)
(verify-openpgp-signature signature keyring
(open-input-string "Hello!\n"))))
(keyring (get-openpgp-keyring
(open-bytevector-input-port
(call-with-input-file key read-radix-64))))
- (signature (get-openpgp-packet
- (open-bytevector-input-port
- (call-with-input-string signature
- read-radix-64)))))
+ (signature (string->openpgp-packet signature)))
(let-values (((status key)
(verify-openpgp-signature signature keyring
(open-input-string "Hello!\n"))))
"tests/ed25519.key" "tests/ed25519.key"
"tests/ed25519.key"))))
(map (lambda (signature)
- (let ((signature (get-openpgp-packet
- (open-bytevector-input-port
- (call-with-input-string signature
- read-radix-64)))))
+ (let ((signature (string->openpgp-packet signature)))
(let-values (((status key)
(verify-openpgp-signature signature keyring
(open-input-string "What?!"))))