[openssl-users] i2d_PKCS7_bio() very slow for large file when reading in memory
Jan Kohnert
nospam001-lists at jankoh.mooo.com
Sat Apr 23 01:57:55 UTC 2016
Hello,
this is my very first post on this list, so thanks for letting me in. :)
I have question regarding i2d_PKCS7_bio() in Version 1.0.1c, 1.0.2g and
maybe
newer versions.
The code looks as follows (all error checking and other stuff removed
for reading purposes):
----------------------------------
// init, keys, certs, stuff...
// read file
BIO *bioCryptedData = NULL;
bioCryptedData = BIO_new_file( dataFile, "r" );
// infile DER to internal format
PKCS7 *cryptData = NULL;
d2i_PKCS7_bio( bioCryptedData, &cryptData );
// decrypt
BIO *bioSignedData = NULL;
bioSignedData = BIO_new( BIO_s_mem() );
PKCS7_decrypt(cryptData, m_PKey, NULL, bioSignedData, NULL);
// sigfile DER to internal format
PKCS7 *signedData = NULL;
d2i_PKCS7_bio( bioSignedData, &signedData );
// verify
BIO *bioClearText = NULL;
bioClearText = BIO_new_file( clearFile, "w" ) );
PKCS7_verify(signedData, NULL, m_VeriStore, NULL, bioClearText, NULL);
// do stuff with the decrypted file, close bio's etc...
----------------------------------
My problem occurs in the second call of d2i_PKCS7_bio() within memory:
while the entire rest of the code runs in seconds even for larger
(>60MB; >150MB) files, this single line takes about 10min for a 65MB
file. Basically I see one difference between the first and the second
call: the first call reads from a file-BIO, the second from a
memory-BIO. But could that one difference slow things down *that* much?
Or am I missing something obvious? I really don't want to save the
signed file, since I only need the verified one.
Thanks a lot for any suggestions.
Best regards Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160423/bdff2516/attachment-0001.html>
More information about the openssl-users
mailing list