summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--guix/scripts/authenticate.scm8
-rw-r--r--tests/guix-authenticate.sh13
2 files changed, 20 insertions, 1 deletions
diff --git a/guix/scripts/authenticate.scm b/guix/scripts/authenticate.scm
index 8bc148d730..62717bb09c 100644
--- a/guix/scripts/authenticate.scm
+++ b/guix/scripts/authenticate.scm
@@ -90,14 +90,22 @@ to stdout upon success."
(define (guix-authenticate . args)
(match args
+ ;; As invoked by guix-daemon.
(("rsautl" "-sign" "-inkey" key "-in" hash-file)
(call-with-input-file hash-file
(lambda (port)
(sign-with-key key port))))
+ ;; As invoked by Nix/Crypto.pm (used by Hydra.)
+ (("rsautl" "-sign" "-inkey" key)
+ (sign-with-key key (current-input-port)))
+ ;; As invoked by guix-daemon.
(("rsautl" "-verify" "-inkey" _ "-pubin" "-in" signature-file)
(call-with-input-file signature-file
(lambda (port)
(validate-signature port))))
+ ;; As invoked by Nix/Crypto.pm (used by Hydra.)
+ (("rsautl" "-verify" "-inkey" _ "-pubin")
+ (validate-signature (current-input-port)))
(("--help")
(display (_ "Usage: guix authenticate OPTION...
Sign or verify the signature on the given file. This tool is meant to
diff --git a/tests/guix-authenticate.sh b/tests/guix-authenticate.sh
index aa6f9e9f01..35ec7ffd6a 100644
--- a/tests/guix-authenticate.sh
+++ b/tests/guix-authenticate.sh
@@ -1,5 +1,5 @@
# GNU Guix --- Functional package management for GNU
-# Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
+# Copyright © 2013, 2014 Ludovic Courtès <ludo@gnu.org>
#
# This file is part of GNU Guix.
#
@@ -42,6 +42,17 @@ hash2="`guix authenticate rsautl -verify \
-pubin -in $sig`"
test "$hash2" = `cat "$hash"`
+# Same thing in a pipeline, using the command line syntax that Nix/Crypto.pm
+# uses.
+hash2="` \
+ cat "$hash" \
+ | guix authenticate rsautl -sign \
+ -inkey "$abs_top_srcdir/tests/signing-key.sec" \
+ | guix authenticate rsautl -verify \
+ -inkey $abs_top_srcdir/tests/signing-key.pub \
+ -pubin`"
+test "$hash2" = `cat "$hash"`
+
# Detect corrupt signatures.
if guix authenticate rsautl -verify \
-inkey "$abs_top_srcdir/tests/signing-key.pub" \