GNU bug report logs - #53901
[PATCH] publish: Sign only normative narinfo fields.

Previous Next

Package: guix-patches;

Reported by: Ludovic Courtès <ludo <at> gnu.org>

Date: Wed, 9 Feb 2022 17:53:02 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 53901 <at> debbugs.gnu.org (full text, mbox):

From: Christopher Baines <mail <at> cbaines.net>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 53901 <at> debbugs.gnu.org
Subject: Re: [bug#53901] [PATCH] publish: Sign only normative narinfo fields.
Date: Wed, 09 Feb 2022 18:29:10 +0000

[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:

> A consequence is that a mirror operator who’d like to, say,
> remove some of the compression methods cannot do that, unless they
> are in a position to resign narinfos.
>
> This patch fixes it by computing the signature over the normative
> fields only (plus the “Deriver” field, although it’s not strictly
> necessary).  The result looks like this:

...

> Notice that URL/Compression come after the signature.
>
> I added a test to ‘tests/substitute.scm’ to be entirely sure
> that (guix narinfo) handles these correctly.
>
> Thoughts?

This sounds good to me.

Going back to talk of enabling zstd substitutes on
bordeaux.guix.gnu.org, this approach will be really helpful, as it means
it's something the nar-herder can do, without needing the signing key.

Also, at some point, it would be good to move narinfo-string out to
(guix narinfo), which would allow for the build coordinator to use it,
rather than it's own implementation.

Thanks,

Chris

[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 3 years and 152 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.