diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-09-11 14:35:07 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-09-14 15:42:55 +0200 |
commit | 7d516c17da50dfc8ce635a21c37533d1fe27b43b (patch) | |
tree | 33baf0c3dad6d0afeba43705077f4129df79c118 /HACKING | |
parent | 64cf660f872fb7aaf0d2b463e45b4c756297f743 (diff) | |
download | guix-7d516c17da50dfc8ce635a21c37533d1fe27b43b.tar.gz |
authenticate: Cache the ACL and key pairs.
In practice we're always using the same key pair, /etc/guix/signing-key.{pub,sec}. Keeping them in cache allows us to avoid redundant I/O and parsing when signing multiple store items in a row. * guix/scripts/authenticate.scm (load-key-pair): New procedure. (sign-with-key): Remove 'key-file' parameter and add 'public-key' and 'secret-key'. Adjust accordingly. (validate-signature): Add 'acl' parameter and pass it to 'authorized-key?'. (guix-authenticate)[call-with-reply]: New procedure. [with-reply]: New macro. Call 'current-acl' upfront and cache its result. Add 'key-pairs' as an argument to 'loop' and use it as a cache of key pairs.
Diffstat (limited to 'HACKING')
0 files changed, 0 insertions, 0 deletions