impl: run the signature verification on the IO thread

fioan89 · fioan89 · commit 270b94918148 · 2025-07-11T22:58:26.000+03:00
Signature verification some operations that are cpu bound that are light, like
decoding and decompressing signature data, some medium CPU intensive operations
like the cryptographic verifications and a couple of blocking IO operations:
- reading the cli file
- reading the signature file
- reading the public key file

These last should run on the IO thread to not block the main thread from drawing the screen.
The cpu bound operation should run on the default thread.
diff --git a/src/main/kotlin/com/coder/toolbox/cli/gpg/GPGVerifier.kt b/src/main/kotlin/com/coder/toolbox/cli/gpg/GPGVerifier.kt
@@ -5,6 +5,8 @@ import com.coder.toolbox.cli.gpg.VerificationResult.Failed
 import com.coder.toolbox.cli.gpg.VerificationResult.Invalid
 import com.coder.toolbox.cli.gpg.VerificationResult.SignatureNotFound
 import com.coder.toolbox.cli.gpg.VerificationResult.Valid
+import kotlinx.coroutines.Dispatchers
+import kotlinx.coroutines.withContext
 import org.bouncycastle.bcpg.ArmoredInputStream
 import org.bouncycastle.openpgp.PGPException
 import org.bouncycastle.openpgp.PGPPublicKeyRing
@@ -23,7 +25,7 @@ class GPGVerifier(
     private val context: CoderToolboxContext,
 ) {
 
-    fun verifySignature(
+    suspend fun verifySignature(
         cli: Path,
         signature: Path,
     ): VerificationResult {
@@ -33,10 +35,13 @@ class GPGVerifier(
                 return SignatureNotFound
             }
 
-            val signatureBytes = Files.readAllBytes(signature)
-            val cliBytes = Files.readAllBytes(cli)
+            val (cliBytes, signatureBytes, publicKeyRing) = withContext(Dispatchers.IO) {
+                val cliBytes = Files.readAllBytes(cli)
+                val signatureBytes = Files.readAllBytes(signature)
+                val publicKeyRing = getCoderPublicKeyRing()
 
-            val publicKeyRing = getCoderPublicKeyRing()
+                Triple(cliBytes, signatureBytes, publicKeyRing)
+            }
             return verifyDetachedSignature(
                 cliBytes = cliBytes,
                 signatureBytes = signatureBytes,
