From mboxrd@z Thu Jan  1 00:00:00 1970
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
Subject: Re: =?utf-8?Q?=E2=80=98guix_authenticate=E2=80=99=3A?= Throw to key
	`gcry-error' with args `(536871113)'.
Date: Tue, 11 Feb 2014 23:26:21 +0100
Message-ID: <878uth4776.fsf@gnu.org>
References: <87r479720q.fsf@karetnikov.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38739)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1WDLme-0001qe-Tf
	for guix-devel@gnu.org; Tue, 11 Feb 2014 17:26:34 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ludo@gnu.org>) id 1WDLma-0003mk-8N
	for guix-devel@gnu.org; Tue, 11 Feb 2014 17:26:28 -0500
Received: from hera.aquilenet.fr ([2a01:474::1]:42811)
	by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
	id 1WDLma-0003mg-2A
	for guix-devel@gnu.org; Tue, 11 Feb 2014 17:26:24 -0500
In-Reply-To: <87r479720q.fsf@karetnikov.org> (Nikita Karetnikov's message of
	"Wed, 12 Feb 2014 01:49:57 +0400")
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
To: Nikita Karetnikov <nikita@karetnikov.org>
Cc: guix-devel@gnu.org

Nikita Karetnikov <nikita@karetnikov.org> skribis:

> The keypair was created this way:
>
> $ openssl genrsa -out ./cache-key.sec 2048
> $ openssl rsa -in ./cache-key.sec -pubout > ./cache-key.pub
>
> All the tests pass.  What=E2=80=99s wrong?
>
> $ guix authenticate rsautl -sign -inkey cache-key.sec -in 3r2n9zm3kxb28kl=
pzgarjxj8x3y3y6wf.narinfo.hash

[...]

> In guix/scripts/authenticate.scm:
>   60: 1 [guix-authenticate "rsautl" "-sign" ...]
> In ice-9/boot-9.scm:
>  793: 0 [call-with-input-file "cache-key.sec" ...]
>
> ice-9/boot-9.scm:793:17: In procedure call-with-input-file:
> ice-9/boot-9.scm:793:17: Throw to key `gcry-error' with args `(536871113)=
'.

=E2=80=98guix authenticate=E2=80=99 expects cache-key.sec to be a key in =
=E2=80=9Ccanonical
sexp=E2=80=9D format, like in tests/signing-key.sec.  That=E2=80=99s why it=
 barfs here.

IOW, the idea is that it=E2=80=99s a drop-in replacement for =E2=80=98opens=
sl=E2=80=99 in terms
of command-line handling, but what happens behind is very different (see
<https://lists.nongnu.org/archive/html/guix-devel/2013-12/msg00135.html>
and related messages.)

(The command-line compatibility requirement stems from the fact that for
now I want to avoid Guix-specific modifications to the daemon.)

HTH,
Ludo=E2=80=99.