Ludovic Courtès skribis:
> The problem is that ‘guix substitute’ will accept such narinfos (when
> they are signed by an authorized key), even though the signature doesn’t
> cover the important parts (namely: StorePath, NarHash, and References;
> the rest is mostly informative.) A fix is attache
Hello Guix,
‘guix substitute’ checks the signature over everything that precedes the
“Signature:” field of a narinfo:
(define (narinfo-sha256 narinfo)
"Return the sha256 hash of NARINFO as a bytevector, or #f if NARINFO lacks a
'Signature' field."
(let ((contents (narinfo-contents nar
