diff options
author | Matt Caswell <matt@openssl.org> | 2023-07-10 17:41:06 +0100 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2023-07-17 08:12:06 +1000 |
commit | 32d3c3abf3b74df1d9ebe562ba90f4dc3bdf2d4f (patch) | |
tree | 5949bc935f8b7b7500e9ed543c89ebdf0c3571ac /crypto/evp | |
parent | 1e398bec538978b9957e69bf9e12b3c626290bea (diff) |
Optimise PKEY decoders
The most expensive part of using a PKEY decoder is the
OSSL_DECODER_CTX_new_for_pkey() call. This builds up all of the decoder
chains, which is a complex and time consuming operation. However, if no
new providers have been loaded/unloaded since the last time it was called
we can expect the same results for the same parameters. Note that this
operation takes place *before* we event parse the data for decoding so it
is not dependent on the parsed data at all.
We introduce a cache for OSSL_DECODER_CTX objects. If we have been called
with the same parameters then we just duplicate an existing
OSSL_DECODER_CTX. This should be significantly faster than creating a new
one every time.
Partially addressed the issue in #15199
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21426)
Diffstat (limited to 'crypto/evp')
-rw-r--r-- | crypto/evp/evp_fetch.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index 9e4f80d218..b21c6f283b 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -17,6 +17,7 @@ #include "internal/core.h" #include "internal/provider.h" #include "internal/namemap.h" +#include "internal/decoder.h" #include "crypto/evp.h" /* evp_local.h needs it */ #include "evp_local.h" @@ -422,6 +423,7 @@ static int evp_set_parsed_default_properties(OSSL_LIB_CTX *libctx, OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, loadconfig); if (plp != NULL && store != NULL) { + int ret; #ifndef FIPS_MODULE char *propstr = NULL; size_t strsz; @@ -455,8 +457,12 @@ static int evp_set_parsed_default_properties(OSSL_LIB_CTX *libctx, #endif ossl_property_free(*plp); *plp = def_prop; - if (store != NULL) - return ossl_method_store_cache_flush_all(store); + + ret = ossl_method_store_cache_flush_all(store); +#ifndef FIPS_MODULE + ossl_decoder_cache_flush(libctx); +#endif + return ret; } ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR); return 0; |