On 23/04/2016 03:57, Jan Kohnert wrote: > > Hello, > > this is my very first post on this list, so thanks for letting me in. :) > > I have question regarding i2d_PKCS7_bio() in Version 1.0.1c, 1.0.2g > and maybe > > newer versions. > > The code looks as follows (all error checking and other stuff removed > > for reading purposes): > > ---------------------------------- > > // init, keys, certs, stuff... > > // read file > > BIO *bioCryptedData = NULL; > > bioCryptedData = BIO_new_file( dataFile, "r" ); > > // infile DER to internal format > > PKCS7 *cryptData = NULL; > > d2i_PKCS7_bio( bioCryptedData, &cryptData ); > > // decrypt > > BIO *bioSignedData = NULL; > > bioSignedData = BIO_new( BIO_s_mem() ); > > PKCS7_decrypt(cryptData, m_PKey, NULL, bioSignedData, NULL); > > // sigfile DER to internal format > > PKCS7 *signedData = NULL; > > d2i_PKCS7_bio( bioSignedData, &signedData ); > > // verify > > BIO *bioClearText = NULL; > > bioClearText = BIO_new_file( clearFile, "w" ) ); > > PKCS7_verify(signedData, NULL, m_VeriStore, NULL, bioClearText, NULL); > > // do stuff with the decrypted file, close bio's etc... > > ---------------------------------- > > My problem occurs in the second call of d2i_PKCS7_bio() within memory: > > while the entire rest of the code runs in seconds even for larger > > (>60MB; >150MB) files, this single line takes about 10min for a 65MB > > file. Basically I see one difference between the first and the second > > call: the first call reads from a file-BIO, the second from a > > memory-BIO. But could that one difference slow things down *that* much? > > Or am I missing something obvious? I really don't want to save the > > signed file, since I only need the verified one. > > Just to get a more relevant speed comparison, since the two calls are parsing very different data, could you try the test again going via a file, just to double check the following: 1. Does parsing the same data also take 10 minutes when from a file? 2. Is the signed data encoded in some inefficient way (such as indefinite or chunked BER), which may slow down the BER/DER parser? Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
