DB signature verification is slow

[lazka]

example: time pacman - 0.598s - this will load all databases and verify their signatures using gpgme.

Most of the time is spend in _alpm_gpgme_checksig, skipping it brings us down to 0.036s.

Things I've tried:

• Build libgcrypt with asm support (needs some hackery to detect cygwin in some places and enable USE_MS_ABI). This didn't change much performance wise, and I don't feel comfortable patching this downstream. Upstreaming would be a possibility.

• Bump the IO buffer size for gpgme in pacman ->only saves 10ms https://gist.github.com/lazka/542641bc69b36630dc6d652699c8773a

• Try to re-use the gpgme context in _alpm_gpgme_checksig.

  This saves 100ms, but requires some logic from gpgme being pulled into libalpm, which is not very nice. We could ask gpgme for a gpgme_get_key() that doesn't create a new context.

  https://gist.github.com/lazka/f8076fbd3beec6b4eff2a7e34b3ae70e

With that we are down to 0.474s, but this doesn't feel upstreamable.. likely the difference is less on Linux.

I'm gonna leave that as is for now.

[lazka]

gpgme_get_key() really has a 40% overhead due to the extra context even on Linux. I'm going to ask upstream.

edit: I've proposed a new API upstream: https://dev.gnupg.org/T6369