[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Signed archives (preliminary patch)
From: |
Ludovic Courtès |
Subject: |
Re: Signed archives (preliminary patch) |
Date: |
Mon, 31 Mar 2014 23:54:37 +0200 |
User-agent: |
Gnus/5.130007 (Ma Gnus v0.7) Emacs/24.3 (gnu/linux) |
address@hidden (Ludovic Courtès) skribis:
> Nikita Karetnikov <address@hidden> skribis:
[...]
>> + (raise (condition (&message (message "invalid hash"))
>> + (&nar-invalid-hash-error
>> + (port port) (file file)
>> + (signature signature)
>> + (expected (hash-data->bytevector data))
>> + (actual hash)))))
>> + (raise (condition (&message (message "unauthorized public key"))
>> + (&nar-signature-error
>> + (signature signature) (file file) (port
>> port)))))
>> + (raise (condition
>> + (&message (message "corrupt signature data"))
>> + (&nar-signature-error
>> + (signature signature) (file file) (port port)))))))
>
> Actually, the problem with making ‘assert-valid-signature’ public is
> that it raises &nar error conditions.
>
> It could be changed to raise a more generic &signature-error, but then
> ‘restore-file-set’ would have to guard against it to re-throw it along
> with a &nar-error (making a compound condition.) And then ui.scm would
> figure it out. Blech.
>
> It’s worth factorizing, but I don’t see how to do it nicely. Thoughts?
I ended up introducing a ‘signature-case’ macro in 81deef2. It
simplifies code, and fails to compile unless all the cases are covered.
In (guix scripts substitute-binary), the result looks like this:
(define* (assert-valid-signature narinfo signature hash
#:optional (acl (current-acl)))
(let ((uri (uri->string (narinfo-uri narinfo))))
(signature-case (signature hash acl)
(valid-signature #t)
(invalid-signature
(leave (_ "invalid signature for '~a'~%") uri))
(hash-mismatch
(leave (_ "hash mismatch for '~a'~%") uri))
(unauthorized-key
(leave (_ "'~a' is signed with an unauthorized key~%") uri))
(corrupt-signature
(leave (_ "signature on '~a' is corrupt~%") uri)))))
Ludo’.
- Re: Signed archives (preliminary patch), (continued)
- Re: Signed archives (preliminary patch), Ludovic Courtès, 2014/03/09
- Re: Signed archives (preliminary patch), Ludovic Courtès, 2014/03/09
- Re: Signed archives (preliminary patch), Nikita Karetnikov, 2014/03/11
- Re: Signed archives (preliminary patch), Nikita Karetnikov, 2014/03/12
- Re: Signed archives (preliminary patch), Ludovic Courtès, 2014/03/12
- [PATCH 2/2] guix substitute-binary: Support the Signature field of a narinfo file. (was: Signed archives (preliminary patch)), Nikita Karetnikov, 2014/03/12
- Re: [PATCH 2/2] guix substitute-binary: Support the Signature field of a narinfo file., Ludovic Courtès, 2014/03/13
- Re: [PATCH 2/2] guix substitute-binary: Support the Signature field of a narinfo file., Nikita Karetnikov, 2014/03/13
- Re: [PATCH 2/2] guix substitute-binary: Support the Signature field of a narinfo file., Ludovic Courtès, 2014/03/13
- Re: [PATCH 2/2] guix substitute-binary: Support the Signature field of a narinfo file., Nikita Karetnikov, 2014/03/15
- Re: Signed archives (preliminary patch),
Ludovic Courtès <=