gpg: Add signature cache support to the keybox.

* g10/keydb.c (parse_keyblock_image): Add arg SIGSTATUS. (keydb_get_keyblock): Handle it. (build_keyblock_image): Add arg SIGSTATUS. (keydb_insert_keyblock): Handle it. * kbx/keybox-blob.c (pgp_create_sig_part): Add arg SIGSTATUS. (_keybox_create_openpgp_blob): Ditto. * kbx/kbxutil.c (import_openpgp): Adjust for above change. * kbx/keybox.h (KEYBOX_FLAG_SIG_INFO): New. * kbx/keybox-search.c (_keybox_get_flag_location): Handle new flag. (keybox_get_keyblock): Add arg R_SIGSTATUS. * kbx/keybox-update.c (keybox_insert_keyblock): Add arg SIGSTATUS. -- With this change a key listing using the keybox format is now double as fast as using a keyring. The memory use dropped as well. Measured with about 1500 keys.
2025-07-02 22:46:30 +02:00 · 2012-12-28 17:17:56 +01:00 · 2012-12-28 17:17:56 +01:00 · 79f08fb069
commit 79f08fb069
parent 564d10ea5c
7 changed files with 155 additions and 27 deletions
--- a/kbx/keybox-blob.c
+++ b/kbx/keybox-blob.c
@ -408,13 +408,13 @@ pgp_create_uid_part (KEYBOXBLOB blob, keybox_openpgp_info_t info)


 static void
-pgp_create_sig_part (KEYBOXBLOB blob)
+pgp_create_sig_part (KEYBOXBLOB blob, u32 *sigstatus)
 {
  int n;

  for (n=0; n < blob->nsigs; n++)
    {
-      blob->sigs[n] = 0;  /* FIXME: check the signature here */
+      blob->sigs[n] = sigstatus? sigstatus[n+1] : 0;
    }
 }

@ -658,12 +658,14 @@ create_blob_finish (KEYBOXBLOB blob)
  return 0;
 }

+

 gpg_error_t
 _keybox_create_openpgp_blob (KEYBOXBLOB *r_blob,
                             keybox_openpgp_info_t info,
                             const unsigned char *image,
                             size_t imagelen,
+                             u32 *sigstatus,
                             int as_ephemeral)
 {
  gpg_error_t err;
@ -674,6 +676,11 @@ _keybox_create_openpgp_blob (KEYBOXBLOB *r_blob,
  if (!info->nuids || !info->nsigs)
    return gpg_error (GPG_ERR_BAD_PUBKEY);

+  /* If we have a signature status vector, check that the number of
+     elements matches the actual number of signatures.  */
+  if (sigstatus && sigstatus[0] != info->nsigs)
+    return gpg_error (GPG_ERR_INTERNAL);
+
  blob = xtrycalloc (1, sizeof *blob);
  if (!blob)
    return gpg_error_from_syserror ();
@ -704,7 +711,7 @@ _keybox_create_openpgp_blob (KEYBOXBLOB *r_blob,
  if (err)
    goto leave;
  pgp_create_uid_part (blob, info);
-  pgp_create_sig_part (blob);
+  pgp_create_sig_part (blob, sigstatus);

  init_membuf (&blob->bufbuf, 1024);
  blob->buf = &blob->bufbuf;