Hi again, I promised to update, when results are ready? Am Mittwoch, 4. Mai 2016, 00:21:57 schrieb Jan Kohnert: > Am Freitag, 29. April 2016, 15:23:02 schrieb Dr. Stephen Henson: > > If you read the data into a block of memory and call d2i_CMS_ContentInfo() > > on it you shouldn't get this problem. Alternatively if you have to use a > > memory BIO you can retrieve the pointer to the contained memory block > > using > > BIO_get_mem_data() and call d2i_CMS_ContentInfo() on the result. > > > > A third option of to make the BIO read only and call d2i_CMS_bio() on > > that: > > read only memory BIOs are handled more efficiently. The code now reads: ---------------------------------- // init, keys, certs, stuff... // read file BIO *bioCryptedData = NULL; bioCryptedData = BIO_new_file( dataFile, "r" ); // infile DER to internal format PKCS7 *cryptData = NULL; d2i_PKCS7_bio( bioCryptedData, &cryptData ); // decrypt BIO *bioSignedData = NULL; bioSignedData = BIO_new( BIO_s_mem() ); PKCS7_decrypt(cryptData, m_PKey, NULL, bioSignedData, NULL); // magic from ML long length = 0; unsigned char *pointer = NULL; length = BIO_get_mem_data(bioSignedData, &pointer); CMS_ContentInfo *signedData = NULL; d2i_CMS_ContentInfo(&signedData, (const unsigned char **) &pointer, length); // verify BIO *bioClearText = NULL; bioClearText = BIO_new_file( clearFile, "w" ) ); CMS_verify(signedData, NULL, m_VeriStore, NULL, bioClearText, NULL); // do stuff with the decrypted file, close bio's etc... ---------------------------------- And BOOOM! The decryption/verification of my 65MiB testfile reduces from >10m to <2sec. *yeah* Thanks again, folks! -- MfG Jan
