aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2019-12-19 22:16:50 +0100
committerLudovic Courtès <ludo@gnu.org>2019-12-19 23:48:02 +0100
commitd8169d05bb9e7d70597a646c95ee4001809070ac (patch)
tree9278aa6faf92729874a6ed9c24f00d44afafdaf1
parent6a0b9500f91683ebc225ae06f01bb9c4d3c27d1d (diff)
downloadpatches-d8169d05bb9e7d70597a646c95ee4001809070ac.tar
patches-d8169d05bb9e7d70597a646c95ee4001809070ac.tar.gz
gnupg: Compile regexps only once.
This halves the run time on a large number of subsequent 'gnupg-verify' calls. * guix/gnupg.scm (sigid-rx, goodsig-rx, validsig-rx, expkeysig-rx) (errsig-rx): New variables, lifted from... (gnupg-verify)[status-line->sexp]: ... here.
-rw-r--r--guix/gnupg.scm36
1 files changed, 19 insertions, 17 deletions
diff --git a/guix/gnupg.scm b/guix/gnupg.scm
index 5b11aa93fa..35ab779e9c 100644
--- a/guix/gnupg.scm
+++ b/guix/gnupg.scm
@@ -59,6 +59,25 @@
;; unreliable.
(make-parameter "pool.sks-keyservers.net"))
+;; Regexps for status lines. See file `doc/DETAILS' in GnuPG.
+
+(define sigid-rx
+ (make-regexp
+ "^\\[GNUPG:\\] SIG_ID ([A-Za-z0-9+/]+) ([[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}) ([[:digit:]]+)"))
+(define goodsig-rx
+ (make-regexp "^\\[GNUPG:\\] GOODSIG ([[:xdigit:]]+) (.+)$"))
+(define validsig-rx
+ (make-regexp
+ "^\\[GNUPG:\\] VALIDSIG ([[:xdigit:]]+) ([[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}) ([[:digit:]]+) .*$"))
+(define expkeysig-rx ; good signature, but expired key
+ (make-regexp "^\\[GNUPG:\\] EXPKEYSIG ([[:xdigit:]]+) (.*)$"))
+(define errsig-rx
+ ;; Note: The fingeprint part (the last element of the line) appeared in
+ ;; GnuPG 2.2.7 according to 'doc/DETAILS', and it may be missing.
+ (make-regexp
+ "^\\[GNUPG:\\] ERRSIG ([[:xdigit:]]+) ([^ ]+) ([^ ]+) ([^ ]+) ([[:digit:]]+) ([[:digit:]]+)(.*)"))
+
+
(define* (gnupg-verify sig file
#:optional (keyring (current-keyring)))
"Verify signature SIG for FILE against the keys in KEYRING. All the keys in
@@ -71,23 +90,6 @@ revoked. Return a status s-exp if GnuPG failed."
(fpr fpr)))
(define (status-line->sexp line)
- ;; See file `doc/DETAILS' in GnuPG.
- (define sigid-rx
- (make-regexp
- "^\\[GNUPG:\\] SIG_ID ([A-Za-z0-9+/]+) ([[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}) ([[:digit:]]+)"))
- (define goodsig-rx
- (make-regexp "^\\[GNUPG:\\] GOODSIG ([[:xdigit:]]+) (.+)$"))
- (define validsig-rx
- (make-regexp
- "^\\[GNUPG:\\] VALIDSIG ([[:xdigit:]]+) ([[:digit:]]{4}-[[:digit:]]{2}-[[:digit:]]{2}) ([[:digit:]]+) .*$"))
- (define expkeysig-rx ; good signature, but expired key
- (make-regexp "^\\[GNUPG:\\] EXPKEYSIG ([[:xdigit:]]+) (.*)$"))
- (define errsig-rx
- ;; Note: The fingeprint part (the last element of the line) appeared in
- ;; GnuPG 2.2.7 according to 'doc/DETAILS', and it may be missing.
- (make-regexp
- "^\\[GNUPG:\\] ERRSIG ([[:xdigit:]]+) ([^ ]+) ([^ ]+) ([^ ]+) ([[:digit:]]+) ([[:digit:]]+)(.*)"))
-
(cond ((regexp-exec sigid-rx line)
=>
(lambda (match)