You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

99 lines
3.7 KiB

  1. ;;; GNU Guix --- Functional package management for GNU
  2. ;;; Copyright © 2013 Ludovic Courtès <ludo@gnu.org>
  3. ;;;
  4. ;;; This file is part of GNU Guix.
  5. ;;;
  6. ;;; GNU Guix is free software; you can redistribute it and/or modify it
  7. ;;; under the terms of the GNU General Public License as published by
  8. ;;; the Free Software Foundation; either version 3 of the License, or (at
  9. ;;; your option) any later version.
  10. ;;;
  11. ;;; GNU Guix is distributed in the hope that it will be useful, but
  12. ;;; WITHOUT ANY WARRANTY; without even the implied warranty of
  13. ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. ;;; GNU General Public License for more details.
  15. ;;;
  16. ;;; You should have received a copy of the GNU General Public License
  17. ;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
  18. (define-module (guix scripts authenticate)
  19. #:use-module (guix config)
  20. #:use-module (guix utils)
  21. #:use-module (guix pk-crypto)
  22. #:use-module (guix ui)
  23. #:use-module (rnrs io ports)
  24. #:use-module (ice-9 match)
  25. #:export (guix-authenticate))
  26. ;;; Commentary:
  27. ;;;
  28. ;;; This program is used internally by the daemon to sign exported archive
  29. ;;; (the 'export-paths' RPC), and to authenticate imported archives (the
  30. ;;; 'import-paths' RPC.)
  31. ;;;
  32. ;;; Code:
  33. (define (read-gcry-sexp file)
  34. "Read a gcrypt sexp from FILE and return it."
  35. (call-with-input-file file
  36. (compose string->gcry-sexp get-string-all)))
  37. (define (read-hash-data file)
  38. "Read sha256 hash data from FILE and return it as a gcrypt sexp."
  39. (let* ((hex (call-with-input-file file get-string-all))
  40. (bv (base16-string->bytevector (string-trim-both hex))))
  41. (bytevector->hash-data bv)))
  42. ;;;
  43. ;;; Entry point with 'openssl'-compatible interface. We support this
  44. ;;; interface because that's what the daemon expects, and we want to leave it
  45. ;;; unmodified currently.
  46. ;;;
  47. (define (guix-authenticate . args)
  48. (match args
  49. (("rsautl" "-sign" "-inkey" key "-in" hash-file)
  50. ;; Sign the hash in HASH-FILE with KEY, and return an sexp that includes
  51. ;; both the hash and the actual signature.
  52. (let* ((secret-key (read-gcry-sexp key))
  53. (data (read-hash-data hash-file)))
  54. (format #t
  55. "(guix-signature ~a (payload ~a))"
  56. (gcry-sexp->string (sign data secret-key))
  57. (gcry-sexp->string data))
  58. #t))
  59. (("rsautl" "-verify" "-inkey" key "-pubin" "-in" signature-file)
  60. ;; Read the signature as produced above, check it against KEY, and print
  61. ;; the signed data to stdout upon success.
  62. (let* ((public-key (read-gcry-sexp key))
  63. (sig+data (read-gcry-sexp signature-file))
  64. (data (find-sexp-token sig+data 'payload))
  65. (signature (find-sexp-token sig+data 'sig-val)))
  66. (if (and data signature)
  67. (if (verify signature data public-key)
  68. (begin
  69. (display (bytevector->base16-string
  70. (hash-data->bytevector data)))
  71. #t) ; success
  72. (begin
  73. (format (current-error-port)
  74. "error: invalid signature: ~a~%"
  75. (gcry-sexp->string signature))
  76. (exit 1)))
  77. (begin
  78. (format (current-error-port)
  79. "error: corrupt signature data: ~a~%"
  80. (gcry-sexp->string sig+data))
  81. (exit 1)))))
  82. (("--help")
  83. (display (_ "Usage: guix authenticate OPTION...
  84. Sign or verify the signature on the given file. This tool is meant to
  85. be used internally by 'guix-daemon'.\n")))
  86. (("--version")
  87. (show-version-and-exit "guix authenticate"))
  88. (else
  89. (leave (_ "wrong arguments")))))
  90. ;;; authenticate.scm ends here