gnu: gcc-toolchain: Reword description.

[jackhill/guix/guix.git] / tests / guix-authenticate.sh

diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh
index 35ec7ff..7734434 100644 (file)
--- a/tests/guix-authenticate.sh
+++ b/tests/guix-authenticate.sh
@@ -1,5 +1,5 @@
 # GNU Guix --- Functional package management for GNU
-# Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
+# Copyright © 2013, 2014, 2020 Ludovic Courtès <ludo@gnu.org>
 #
 # This file is part of GNU Guix.
 #
@@ -29,34 +29,18 @@ rm -f "$sig" "$hash"
 trap 'rm -f "$sig" "$hash"' EXIT
 
 # A hexadecimal string as long as a sha256 hash.
-echo "2749f0ea9f26c6c7be746a9cff8fa4c2f2a02b000070dba78429e9a11f87c6eb" \
-    > "$hash"
+hash="2749f0ea9f26c6c7be746a9cff8fa4c2f2a02b000070dba78429e9a11f87c6eb"
 
-guix authenticate rsautl -sign                         \
-    -inkey "$abs_top_srcdir/tests/signing-key.sec"     \
-    -in "$hash" > "$sig"
+guix authenticate sign                         \
+    "$abs_top_srcdir/tests/signing-key.sec"    \
+    "$hash" > "$sig"
 test -f "$sig"
 
-hash2="`guix authenticate rsautl -verify               \
-          -inkey $abs_top_srcdir/tests/signing-key.pub \
-          -pubin -in $sig`"
-test "$hash2" = `cat "$hash"`
-
-# Same thing in a pipeline, using the command line syntax that Nix/Crypto.pm
-# uses.
-hash2="`                                               \
-  cat "$hash"                                          \
-  | guix authenticate rsautl -sign                     \
-    -inkey "$abs_top_srcdir/tests/signing-key.sec"     \
-  | guix authenticate rsautl -verify                   \
-          -inkey $abs_top_srcdir/tests/signing-key.pub \
-          -pubin`"
-test "$hash2" = `cat "$hash"`
+hash2="`guix authenticate verify "$sig"`"
+test "$hash2" = "$hash"
 
 # Detect corrupt signatures.
-if guix authenticate rsautl -verify                            \
-          -inkey "$abs_top_srcdir/tests/signing-key.pub"       \
-          -pubin -in /dev/null
+if guix authenticate verify /dev/null
 then false
 else true
 fi
@@ -66,9 +50,22 @@ fi
 # modifying this hash.
 sed -i "$sig"                                                                                  \
     -e's|#[A-Z0-9]\{64\}#|#0000000000000000000000000000000000000000000000000000000000000000#|g'
-if guix authenticate rsautl -verify                            \
-          -inkey "$abs_top_srcdir/tests/signing-key.pub"       \
-          -pubin -in "$sig"
+if guix authenticate verify "$sig"
 then false
 else true
 fi
+
+
+# Test for <http://bugs.gnu.org/17312>: make sure 'guix authenticate' produces
+# valid signatures when run in the C locale.
+hash="5eff0b55c9c5f5e87b4e34cd60a2d5654ca1eb78c7b3c67c3179fed1cff07b4c"
+
+LC_ALL=C
+export LC_ALL
+
+guix authenticate sign "$abs_top_srcdir/tests/signing-key.sec" "$hash" \
+     > "$sig"
+
+guix authenticate verify "$sig"
+hash2="`guix authenticate verify "$sig"`"
+test "$hash2" = "$hash"