gpg: Print more stats for the keydb and the signature cache.

* g10/sig-check.c (sig_check_dump_stats): New. (cache_stats): New struct. (check_key_signature2): Update stats. * g10/gpg.c (g10_exit): Call new function. * g10/keydb.c (kid_not_found_cache_count): Replace by ... (kid_not_found_stats): ... new struct. Change users. (keydb_stats): New struct. Update the counters. (keydb_dump_stats): Print all stats. Signed-off-by: Werner Koch <wk@gnupg.org>
2025-07-02 22:46:30 +02:00 · 2017-03-31 20:03:43 +02:00 · 2017-03-31 20:03:43 +02:00 · 3a10de3bfd
commit 3a10de3bfd
parent 52ba5e67ca
4 changed files with 109 additions and 12 deletions
--- a/g10/sig-check.c
+++ b/g10/sig-check.c
@ -42,6 +42,27 @@ static int check_signature_end (PKT_public_key *pk, PKT_signature *sig,
 static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig,
                                       gcry_md_hd_t digest);

+
+/* Statistics for signature verification.  */
+struct
+{
+  unsigned int total;  /* Total number of verifications.  */
+  unsigned int cached; /* Number of seen cache entries.  */
+  unsigned int goodsig;/* Number of good verifications from the cache.  */
+  unsigned int badsig; /* Number of bad verifications from the cache.  */
+} cache_stats;
+
+
+/* Dump verification stats.  */
+void
+sig_check_dump_stats (void)
+{
+  log_info ("sig_cache: total=%u cached=%u good=%u bad=%u\n",
+            cache_stats.total, cache_stats.cached,
+            cache_stats.goodsig, cache_stats.badsig);
+}
+
+
 /* Check a signature.  This is shorthand for check_signature2 with
   the unnamed arguments passed as NULL.  */
 int
@ -990,8 +1011,10 @@ check_key_signature2 (ctrl_t ctrl,
     cache refresh detects and clears these cases. */
  if ( !opt.no_sig_cache )
    {
+      cache_stats.total++;
      if (sig->flags.checked) /* Cached status available.  */
        {
+          cache_stats.cached++;
          if (is_selfsig)
            {
              u32 keyid[2];
@ -1005,7 +1028,13 @@ check_key_signature2 (ctrl_t ctrl,
          rc = check_signature_metadata_validity (pk, sig, r_expired, NULL);
          if (rc)
            return rc;
-          return sig->flags.valid? 0 : gpg_error (GPG_ERR_BAD_SIGNATURE);
+          if (sig->flags.valid)
+            {
+              cache_stats.goodsig++;
+              return 0;
+            }
+          cache_stats.badsig++;
+          return gpg_error (GPG_ERR_BAD_SIGNATURE);
        }
    }