The Wayback Machine - https://web.archive.org/web/20201004073816/https://github.com/openssl/openssl/issues/11677
Skip to content

/ openssl

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use memory mapped files for `pkeyutl -rawin` #11677

Open
romen opened this issue Apr 29, 2020 · 0 comments
Open

Use memory mapped files for `pkeyutl -rawin` #11677

romen opened this issue Apr 29, 2020 · 0 comments
Labels
branch: master good first issue help wanted triaged: feature

Comments

@romen
Copy link
Member

@romen romen commented Apr 29, 2020

This was partially discussed in #8431, in which we added support to pkeyutl, through the new 3.0 -rawin argument, to support "oneshot" sign/verify operations (such as Ed25519/Ed448).

At the moment we allocate a buffer as big as the filesize (hoping it does not fail) and use BIO_read() to copy the file contents into memory, before running the oneshot operation.

openssl/apps/pkeyutl.c

Lines 692 to 703 in 5e427a4

mbuf = app_malloc(filesize, "oneshot sign/verify buffer");
switch(pkey_op) {
case EVP_PKEY_OP_VERIFY:
if (EVP_DigestVerifyInit(mctx, NULL, md, NULL, pkey) != 1)
goto end;
buf_len = BIO_read(in, mbuf, filesize);
if (buf_len != filesize) {
BIO_printf(bio_err, "Error reading raw input data\n");
goto end;
}
rv = EVP_DigestVerify(mctx, sig, (size_t)siglen, mbuf, buf_len);
break;

It is desirable to use mmap() to avoid creating a buffer in the heap and copy the file contents into it, for performance and to better support large files.

Unfortunately, quoting @levitte ,

mmap-ed files would be ok, if mmap was implemented on all platforms... sadly, it is not, so we're not getting away from the problem of loading the whole file...

So we need to enable the mmap alternative only on supported platforms.

Good first issue

I am marking this as a good first issue, even if it is not necessarily meant for beginners.
Still it seems like a quite self-contained and bite-sized change, and could be a nice gateway item to start to familiarize with the project development process, and as good a starting point as any to dig into OpenSSL.
@romen romen mentioned this issue Apr 29, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
branch: master good first issue help wanted triaged: feature
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants
@romen @mattcaswell
You can’t perform that action at this time.