git.ipfire.org Git - thirdparty/openssl.git/commit

author	Matt Caswell <matt@openssl.org>
	Mon, 10 Jul 2023 16:41:06 +0000 (17:41 +0100)
committer	Pauli <pauli@openssl.org>
	Sun, 16 Jul 2023 22:12:06 +0000 (08:12 +1000)
commit	32d3c3abf3b74df1d9ebe562ba90f4dc3bdf2d4f
tree	5949bc935f8b7b7500e9ed543c89ebdf0c3571ac	tree \| snapshot
parent	1e398bec538978b9957e69bf9e12b3c626290bea	commit \| diff

Optimise PKEY decoders

The most expensive part of using a PKEY decoder is the
OSSL_DECODER_CTX_new_for_pkey() call. This builds up all of the decoder
chains, which is a complex and time consuming operation. However, if no
new providers have been loaded/unloaded since the last time it was called
we can expect the same results for the same parameters. Note that this
operation takes place *before* we event parse the data for decoding so it
is not dependent on the parsed data at all.

We introduce a cache for OSSL_DECODER_CTX objects. If we have been called
with the same parameters then we just duplicate an existing
OSSL_DECODER_CTX. This should be significantly faster than creating a new
one every time.

Partially addressed the issue in #15199

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21426)

crypto/context.c		diff \| blob \| blame \| history
crypto/encode_decode/decoder_lib.c		diff \| blob \| blame \| history
crypto/encode_decode/decoder_pkey.c		diff \| blob \| blame \| history
crypto/evp/evp_fetch.c		diff \| blob \| blame \| history
crypto/provider_core.c		diff \| blob \| blame \| history
include/crypto/decoder.h		diff \| blob \| blame \| history
include/internal/cryptlib.h		diff \| blob \| blame \| history
include/internal/decoder.h	[new file with mode: 0644]	blob
providers/implementations/storemgmt/file_store.c		diff \| blob \| blame \| history