OpenSSL SSL_CTX_set_default_verify_paths Slow

[Viktor Dukhovni]

> On 27 Sep 2021, at 11:24 am, Jay Foster <jayf0ster at roadrunner.com> wrote:
> 
> I don't think so.  The file system is a UBIFS on nand flash, and it works with 1.0.2 and 1.1.1.  Even 1.1.1 is a *little* bit slower than 1.0.2, but nowhere near as much slower as 3.0.0.
> 
> It looks like the OpenSSL library is reading the cert.pem file in 4KB blocks at a time and doing some processing on the data read. It appears that this processing is what is taking longer.

OpenSSL 3.0.0 has a new OSSL_DECODER API, it may still need some
performance tuning?  For example, in Postfix + OpenSSL 3.0.0 I'm
decoding the compiled-in DER DH group via:

+static void load_builtin(void)
+{
+    EVP_PKEY *tmp = 0;
+    OSSL_DECODER_CTX *d;
+    const unsigned char *endp = builtin_der;
+    size_t  dlen = sizeof(builtin_der);
+
+    d = OSSL_DECODER_CTX_new_for_pkey(&tmp, "DER", NULL, "DH",
+                                     OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
+                                     NULL, NULL);
+    /* Check decode succeeds and consumes all data (final dlen == 0) */
+    if (d && OSSL_DECODER_from_data(d, &endp, &dlen) && tmp && !dlen) {
+       dhp = tmp;
+    } else {
+       EVP_PKEY_free(tmp);
+       msg_warn("error loading compiled-in DH parameters");
+       tls_print_errors();
+    }
+    OSSL_DECODER_CTX_free(d);
+}

IIRC the loading of certificates now uses this API.  There was perhaps
also some work on new X509_STORE infrastructure.  Performance issues in
the new code are not implausible, and I hope can be addressed in upcoming
releases.

-- 
	Viktor.