diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-03-25 15:35:48 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-03-25 16:54:19 +0100 |
| commit | baa33deeb67bf9ca6771b3be6a56bce018c5702c (patch) | |
| tree | bc76c48bf8b2f9739166998cd7a903cea05e1afd /sqv | |
| parent | bfd7e05a5103b48da92a38c80128d38891af984b (diff) | |
openpgp: Improve performance of detached signature verification.
- Previously, we transformed data and detached signatures into
signed messages on the fly, then used the streaming Verifier to
verify the message. However, this introduces a nontrivial
overhead, even if unnecessary copies are carefully avoided.
- Instead, specialize the streaming Decryptor to handle detached
signatures. use crypto::hash_buffered_reader to compute the
hashes over the data, then attach the computed signatures to the
signature packets, and use Decryptor's verification machinery.
- While this is arguably less elegant, it is much simpler, and a lot
faster. Notably, if we operate on files and can mmap them into
memory, we can compute the hash in one call to the compression
function. Verification of detached signatures is an important use
case, so this speedup outweighs the loss of elegance.
- Fixes #457.
Diffstat (limited to 'sqv')
| -rw-r--r-- | sqv/src/sqv.rs | 7 |
1 files changed, 2 insertions, 5 deletions
diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs index cb458797..74e2d078 100644 --- a/sqv/src/sqv.rs +++ b/sqv/src/sqv.rs @@ -4,7 +4,6 @@ /// the motivation. use std::process::exit; -use std::io; use chrono::{DateTime, offset::Utc}; extern crate clap; @@ -276,10 +275,8 @@ fn main() -> Result<()> { let h = VHelper::new(good_threshold, not_before, not_after, keyrings); - let mut v = DetachedVerifier::from_file( - p, sig_file, file, h, None)?; - - io::copy(&mut v, &mut io::sink())?; + let mut v = DetachedVerifier::from_file(p, sig_file, h, None)?; + v.verify_file(file)?; let h = v.into_helper(); |