--weak-digest SHA1 causes significant slowdown in --check-trustdb (2.1.10)

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Jan 6 10:44:24 CET 2016


On Wed 2016-01-06 00:05:32 -0800, Werner Koch <wk at gnupg.org> wrote:
> On Tue,  5 Jan 2016 17:42, dkg at fifthhorseman.net said:
>
>> Hm, the sig-cache definitely speeds things up, but it seems orthogonal
>> to the --weak-digest SHA1 situation:
>
> Thanks.  This is consistent with my tests although my test setting is
> simpler.  I need to setup a test similar to yours.

fwiw, my test setup has a fair number of local (non-exportable)
certifications as well.  (i haven't counted how many of them are made
with SHA1) I don't know whether that has any relevance to the tests,
though.

here's a separate test that i ran using keys from the debian-keyring
package:

---------------
export GNUPGHOME="$(mktemp -d)"
otrust="$GNUPGHOME/otrust.txt"
gpgconf="$GNUPGHOME/gpg.conf"
echo no-auto-check-trustdb > "$gpgconf"
cat /usr/share/keyrings/* | gpg2 --import
add_trust() {
  count="$1"
  level="$2"

  for fpr in $(gpg2 --fingerprint --with-colons | \
               awk -F:  '/^fpr/{ print $10 }' | \
               sort -R | head -n "$count"); do
    printf '%s:%d:\n' "$fpr" "$level"
  done
}
echo '# randomly-generated ownertrust' > "$otrust"
add_trust 1 6    >> "$otrust" # one ultimate
add_trust 2 5    >> "$otrust" # two full
add_trust 3 4    >> "$otrust" # three marginal
add_trust 4 3    >> "$otrust" # four never
add_trust 5 128  >> "$otrust" # five disabled keys
try() {
 rm -f "$GNUPGHOME/trustdb.gpg"
 gpg2 --import-ownertrust < "$otrust" 2>/dev/null
 printf "==> gpg2 %s --check-trustdb <==\n" "$*"
 time gpg2 "$@" --check-trustdb
}
try
try --weak-digest SHA1
try --no-sig-cache
try --no-sig-cache  --weak-digest SHA1
---------------

interestingly, this shows severe performance degradation (and a lot of
kernel-space activity) the --no-sig-cache --weak-digest SHA1 case, but
doesn't show any degradation in the plain --weak-digest SHA1 case for
me.

The random otrust.txt i generated was:

--------
2517B724C5F6CA9953296E612FF9CD59612616B5:6:
F962EF7FBF67B18C96108BFAE7E6F782283D6300:5:
B82CDC351FC8191C3B75290DBE5CF687DC5AB7C2:5:
9A303F9907A03230D188B75A2EF5710914C6A712:4:
35E876FAB4D3732E93B4D237631DE7553BE8AFD4:4:
D95C32042EE54FFDB25EC3489F2733F40928D23A:4:
6791403B68AE2690517C42EAE6FFF1E38DC968B0:3:
5919FC3BDC30CE4135F1DC070F5E1ED4664196E2:3:
AC297E5C46B9D0B61C717681D6D09BE48405BBF6:3:
4C8F6B0D121EB15F076FEB1704EE131AE6D621BE:3:
8A7F208C6D9E73291657414D2135D123D8C19BEC:128:
AC297E5C46B9D0B61C717681D6D09BE48405BBF6:128:
4D1B7796C03E0831991BDD423F490DEB871EF9FA:128:
BBBD45EA818AB86FF67E7285D3E17383CFA7FF06:128:
276D7B77B69B756C7CB68669DD29F88442839ED3:128:
--------

and, also interestingly, i note that --weak-digest SHA1 --check-trustdb
thinks it can reach one fewer key with --no-sig-cache  is set :/

==> gpg2 --weak-digest SHA1 --check-trustdb <==
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: Note: signatures using the SHA1 algorithm are rejected
gpg: depth: 0  valid:   1  signed:   9  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   9  signed: 283  trust: 9-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2016-01-15


==> gpg2 --no-sig-cache --weak-digest SHA1 --check-trustdb <==
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: Note: signatures using the SHA1 algorithm are rejected
gpg: Note: signatures using the MD5 algorithm are rejected
gpg: depth: 0  valid:   1  signed:   9  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:   9  signed: 284  trust: 9-, 0q, 0n, 0m, 0f, 0u
gpg: next trustdb check due at 2016-01-15

sorry for just reporting weird corner cases here without helping to fix
them.

thanks for looking into it,

     --dkg



More information about the Gnupg-devel mailing list