(#637) cache private keys

Cache private keys so that decoding password protected keys happen
only once in multi batch requests

Signed-off-by: R.I.Pienaar <rip@devco.net>

lib/mcollective/security/choria.rb

@@ -602,14 +602,18 @@ def callerid
       def sign(string, id=nil)
         key = client_private_key
 
-        if has_client_private_key?
-          Log.debug("Signing request using client private key %s" % key)
-        else
-          raise("Cannot find private key %s, cannot sign message" % key)
+        @_keys ||= {}
+        if @_keys[key].nil?
+          if has_client_private_key?
+            Log.debug("Signing request using client private key %s" % key)
+          else
+            raise("Cannot find private key %s, cannot sign message" % key)
+          end
+
+          @_keys[key] ||= OpenSSL::PKey::RSA.new(File.read(key))
         end
 
-        key = OpenSSL::PKey::RSA.new(File.read(key))
-        signed = key.sign(OpenSSL::Digest.new("SHA256"), string)
+        signed = @_keys[key].sign(OpenSSL::Digest.new("SHA256"), string)
 
         Base64.encode64(signed).chomp
       end

spec/unit/mcollective/security/choria_spec.rb

@@ -503,7 +503,9 @@ module MCollective
       it "should produce correct client signatures" do
         signed = File.read("spec/fixtures/too_many_secrets.sig")
         security.initiated_by = :client
-        choria.expects(:client_private_key).returns(File.expand_path("spec/fixtures/rip.mcollective.key")).twice
+        choria.expects(:client_private_key).returns(File.expand_path("spec/fixtures/rip.mcollective.key")).times(4)
+        expect(security.sign("too many secrets")).to eq(signed)
+        expect(security.sign("too many secrets")).to eq(signed)
         expect(security.sign("too many secrets")).to eq(signed)
       end
     end