authenticate: Cache the ACL and key pairs. - guix

diff options

author	Ludovic Courtès <ludo@gnu.org>	2020-09-11 14:35:07 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2020-09-14 15:42:55 +0200
commit	7d516c17da50dfc8ce635a21c37533d1fe27b43b (patch)
tree	33baf0c3dad6d0afeba43705077f4129df79c118 /tests/signing-key.sec
parent	64cf660f872fb7aaf0d2b463e45b4c756297f743 (diff)
download	guix-7d516c17da50dfc8ce635a21c37533d1fe27b43b.tar.gz guix-7d516c17da50dfc8ce635a21c37533d1fe27b43b.zip

authenticate: Cache the ACL and key pairs.

In practice we're always using the same key pair, /etc/guix/signing-key.{pub,sec}. Keeping them in cache allows us to avoid redundant I/O and parsing when signing multiple store items in a row. * guix/scripts/authenticate.scm (load-key-pair): New procedure. (sign-with-key): Remove 'key-file' parameter and add 'public-key' and 'secret-key'. Adjust accordingly. (validate-signature): Add 'acl' parameter and pass it to 'authorized-key?'. (guix-authenticate)[call-with-reply]: New procedure. [with-reply]: New macro. Call 'current-acl' upfront and cache its result. Add 'key-pairs' as an argument to 'loop' and use it as a cache of key pairs.

Diffstat (limited to 'tests/signing-key.sec')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: