[openssl-users] i2d_PKCS7_bio() very slow for large file when reading in memory
Jan Kohnert
nospam001-lists at jankoh.mooo.com
Thu May 5 21:13:04 UTC 2016
Hi again,
I promised to update, when results are ready…
Am Mittwoch, 4. Mai 2016, 00:21:57 schrieb Jan Kohnert:
> Am Freitag, 29. April 2016, 15:23:02 schrieb Dr. Stephen Henson:
> > If you read the data into a block of memory and call d2i_CMS_ContentInfo()
> > on it you shouldn't get this problem. Alternatively if you have to use a
> > memory BIO you can retrieve the pointer to the contained memory block
> > using
> > BIO_get_mem_data() and call d2i_CMS_ContentInfo() on the result.
> >
> > A third option of to make the BIO read only and call d2i_CMS_bio() on
> > that:
> > read only memory BIOs are handled more efficiently.
The code now reads:
----------------------------------
// init, keys, certs, stuff...
// read file
BIO *bioCryptedData = NULL;
bioCryptedData = BIO_new_file( dataFile, "r" );
// infile DER to internal format
PKCS7 *cryptData = NULL;
d2i_PKCS7_bio( bioCryptedData, &cryptData );
// decrypt
BIO *bioSignedData = NULL;
bioSignedData = BIO_new( BIO_s_mem() );
PKCS7_decrypt(cryptData, m_PKey, NULL, bioSignedData, NULL);
// magic from ML
long length = 0;
unsigned char *pointer = NULL;
length = BIO_get_mem_data(bioSignedData, &pointer);
CMS_ContentInfo *signedData = NULL;
d2i_CMS_ContentInfo(&signedData, (const unsigned char **) &pointer, length);
// verify
BIO *bioClearText = NULL;
bioClearText = BIO_new_file( clearFile, "w" ) );
CMS_verify(signedData, NULL, m_VeriStore, NULL, bioClearText, NULL);
// do stuff with the decrypted file, close bio's etc...
----------------------------------
And BOOOM! The decryption/verification of my 65MiB testfile reduces from >10m
to <2sec. *yeah*
Thanks again, folks!
--
MfG Jan
More information about the openssl-users
mailing list