On Fri, Nov 22, 2024 at 01:53:11PM +0100, Julian Andres Klode wrote: > On Thu, Nov 21, 2024 at 11:52:38PM +0100, Marco d'Itri wrote: > > On Nov 21, Julian Andres Klode <j...@debian.org> wrote: > > > > > I've just finished more or less, adjusting the APT test suite > > > to test gpgv-sq. I plan to upload APT that tests gpgv-sq > > > tomorrow. This ensures full compatibility between apt and > > > gpgv-sq going forward. > > OK, but why? > > > > Did you make an analysis of how much the size of a minimal system would > > change? > > We currently see a size increase of 8% (9MB uncompressed, 4MB gzipped) in an > essential + apt bootstrap: > > $ mmdebstrap --variant=essential --include=apt unstable unstable.tar > $ mmdebstrap --variant=essential --include=gpgv-from-sq,apt,gpgv- unstable > unstable-with-sq.tar > $ $ ls -lh unstable*.tar > -rw-r--r-- 1 jak jak 114M Nov 22 13:39 unstable.tar > -rw-r--r-- 1 jak jak 123M Nov 22 13:39 unstable-with-sq.tar > $ gzip unstable*.tar > $ ls -lh unstable*.tar* > -rw-r--r-- 1 jak jak 46M Nov 22 13:39 unstable.tar.gz > -rw-r--r-- 1 jak jak 50M Nov 22 13:39 unstable-with-sq.tar.gz > $ diff <(tar xOf unstable.tar.gz ./var/lib/dpkg/status | grep > ^Package\\\|Installed-Size) <(tar xOf unstable-with-sq.tar.gz > ./var/lib/dpkg/status | grep ^Package\\\|Installed-Size) -U0 > diff --git dev/fd/63 dev/fd/62 > --- dev/fd/63 > +++ dev/fd/62 > @@ -29,2 +29,4 @@ Installed-Size: 109 > -Package: gpgv > -Installed-Size: 509 > +Package: gpgv-from-sq > +Installed-Size: 14 > +Package: gpgv-sq > +Installed-Size: 8167 > @@ -110,0 +113,2 @@ Installed-Size: 368 > +Package: libsqlite3-0 > +Installed-Size: 1833 > > There are a bunch of toolchain/crate-splitting issues here: Rust > overlinks, neither do we use all 8MB of the code that's linked > into gpgv-sq, nor does it actually need libsqlite3-0. This happens > because gpgv-sq uses gpg-sq crate, if they were split up, things > should go down quite a bit is my understanding.
I also have an sopv implementation in progress. The issues there
are quite funny:
- If verification fails we more or less can't tell you why. You'll
get
Verification with sopv failed with code 3:
No acceptable signatures found
- No tests
- Can't set a crypto policy on it, aka enforce hashes or algorithms,
need to rely on backend.
But aside from that, it's only 2 MB with sqopv as the implementation.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
signature.asc
Description: PGP signature
