|

»

EVP_SignFinal dramatically slow

View: New views

5 Messages — Rating Filter: Alert me

	EVP_SignFinal dramatically slow by armstrong :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Is someone here can help me? I am using "EVP Public Key Interface" to sign and verify some digital signatures. And i find the call to "EVP_SignFinal" is very slow. In the test, RSA1024-SHA1 was used, the call to "EVP_SignFinal" consuming almost 0.19~0.2 second. In contrast to the openssl benchmark(i.e openssl speed rsa1024), the benchmark reports 'rsa 1024 bit' sign operation only take 0.002s(approximate) on my computer. This result is close to my call to RSA_sign directly. And now, i am puzzling at the big difference of the two method( EVP interface and direct sign/verify API).Though i estimated that EVP interface will slower than directly sign/ verify , such big difference amazing me. Is there something wrong with EVP_SignFinal? Or the code call the EVP_SignFinal misused? following is the code i got from Internet, which call the EVP_SignFinal void sign_data_evp(EVP_PKEY key, FILE data_file, FILE signature_file) { unsigned char data; int data_len; unsigned char sig; int sig_len; int rv; LARGE_INTEGER start, finish, tmp; double duration, secondsPerTick; //some variables used to count time elapsed EVP_MD_CTX ctx = EVP_MD_CTX_create(); sig = malloc(EVP_PKEY_size(key)); sig_len = EVP_PKEY_size(key); rv = EVP_SignInit(ctx, EVP_sha1()); check_ssl_rv("EVP_SignInit", rv, 1); data = malloc(102400); data_len = fread(data, 1, 102400, data_file); while (data_len > 0) { rv = EVP_SignUpdate(ctx, data, data_len); check_ssl_rv("EVP_SignUpdate", rv, 1); data_len = fread(data, 1, 102400, data_file); } // start to count QueryPerformanceFrequency( &tmp ); secondsPerTick = 1.0 / tmp.QuadPart; QueryPerformanceCounter( &start ); rv = EVP_SignFinal(ctx, sig, &sig_len, key); //the time of call i am intreresting QueryPerformanceCounter( &finish ); // finish the count time elapsed duration = secondsPerTick * (finish.QuadPart - start.QuadPart); printf( "%f seconds\n", duration ); check_ssl_rv("EVP_SignFinal", rv, 1); if (sig_len > 0) { fwrite(sig, sig_len, 1, signature_file); } EVP_MD_CTX_destroy(ctx); free(sig); free(data); } By the way, my platform is Windows XP with Openssl library, the data file to be signed contain 1024 bit, using RSA1024-SHA1 i wish someone could help me. Any tips will be appreciated! Miaohua 2009-10-4
	Re: EVP_SignFinal dramatically slow by Kirk81 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Generally the interface is a bit slower than the common API functions. But to be honest I cannot understand this big difference. I'm gonna try both implementations and I'll let you know.
	Re: EVP_SignFinal dramatically slow by Kirk81 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, I've tried to use the function that u suggest but in fact I also have strange value. are they seconds [s] or milliseconds [ms]? Why don't u try to the CPU ticks instead? If u have an intel single core processor u simply use the follow function: LARGE_INTEGER RetrieveCPUTicks() { LARGE_INTEGER ticks; __asm { rdtsc mov ticks.LowPart, eax mov ticks.HighPart, edx } return ticks; } LARGE_INTEGER Ticks, StartT, StopT; // CPU-Ticks StartT = RetrieveCPUTicks(); // the function to benchmark StopT = RetrieveCPUTicks(); Ticks.QuadPart = StopT.QuadPart - StartT.QuadPart; printf(" --> CPU-Ticks.Low = %d\n", (Ticks.LowPart/100)); Now u can easily divide the #of Ticks for the frequency of your processor and u get the [s] that passed. armstrong wrote: Hi Is someone here can help me? I am using "EVP Public Key Interface" to sign and verify some digital signatures. And i find the call to "EVP_SignFinal" is very slow. In the test, RSA1024-SHA1 was used, the call to "EVP_SignFinal" consuming almost 0.19~0.2 second. In contrast to the openssl benchmark(i.e openssl speed rsa1024), the benchmark reports 'rsa 1024 bit' sign operation only take 0.002s(approximate) on my computer. This result is close to my call to RSA_sign directly. And now, i am puzzling at the big difference of the two method( EVP interface and direct sign/verify API).Though i estimated that EVP interface will slower than directly sign/ verify , such big difference amazing me. Is there something wrong with EVP_SignFinal? Or the code call the EVP_SignFinal misused? following is the code i got from Internet, which call the EVP_SignFinal void sign_data_evp(EVP_PKEY key, FILE data_file, FILE signature_file) { unsigned char data; int data_len; unsigned char sig; int sig_len; int rv; LARGE_INTEGER start, finish, tmp; double duration, secondsPerTick; //some variables used to count time elapsed EVP_MD_CTX ctx = EVP_MD_CTX_create(); sig = malloc(EVP_PKEY_size(key)); sig_len = EVP_PKEY_size(key); rv = EVP_SignInit(ctx, EVP_sha1()); check_ssl_rv("EVP_SignInit", rv, 1); data = malloc(102400); data_len = fread(data, 1, 102400, data_file); while (data_len > 0) { rv = EVP_SignUpdate(ctx, data, data_len); check_ssl_rv("EVP_SignUpdate", rv, 1); data_len = fread(data, 1, 102400, data_file); } // start to count QueryPerformanceFrequency( &tmp ); secondsPerTick = 1.0 / tmp.QuadPart; QueryPerformanceCounter( &start ); rv = EVP_SignFinal(ctx, sig, &sig_len, key); //the time of call i am intreresting QueryPerformanceCounter( &finish ); // finish the count time elapsed duration = secondsPerTick * (finish.QuadPart - start.QuadPart); printf( "%f seconds\n", duration ); check_ssl_rv("EVP_SignFinal", rv, 1); if (sig_len > 0) { fwrite(sig, sig_len, 1, signature_file); } EVP_MD_CTX_destroy(ctx); free(sig); free(data); } By the way, my platform is Windows XP with Openssl library, the data file to be signed contain 1024 bit, using RSA1024-SHA1 i wish someone could help me. Any tips will be appreciated! Miaohua 2009-10-4
	Re: EVP_SignFinal dramatically slow by Kirk81 () :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message armstrong wrote: Hi Is someone here can help me? I am using "EVP Public Key Interface" to sign and verify some digital signatures. And i find the call to "EVP_SignFinal" is very slow. In the test, RSA1024-SHA1 was used, the call to "EVP_SignFinal" consuming almost 0.19~0.2 second. In contrast to the openssl benchmark(i.e openssl speed rsa1024), the benchmark reports 'rsa 1024 bit' sign operation only take 0.002s(approximate) on my computer. This result is close to my call to RSA_sign directly. Hi, I've created a RSA application for MVS: RSA-1024 with SHA56 using the native functions (RSA_sign, SHA256, ...). Here u can find the code: rsa.cpp With an IA-32 Pentium M 1.5 GHz, I'm in the order of milliseconds: - signature: 3.6 ms - verify: 0.19 ms Now you can try the EVP interface. Kirk
	Re: EVP_SignFinal dramatically slow by armstrong :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Thank your help, Kirk. i have solved this problem now. the big difference of time is consumed by dll loading. So the benchmark is correct. thank you armstrong 2009-12-06 Kirk81 wrote: armstrong wrote: Hi Is someone here can help me? I am using "EVP Public Key Interface" to sign and verify some digital signatures. And i find the call to "EVP_SignFinal" is very slow. In the test, RSA1024-SHA1 was used, the call to "EVP_SignFinal" consuming almost 0.19~0.2 second. In contrast to the openssl benchmark(i.e openssl speed rsa1024), the benchmark reports 'rsa 1024 bit' sign operation only take 0.002s(approximate) on my computer. This result is close to my call to RSA_sign directly. Hi, I've created a RSA application for MVS: RSA-1024 with SHA56 using the native functions (RSA_sign, SHA256, ...). Here u can find the code: rsa.cpp With an IA-32 Pentium M 1.5 GHz, I'm in the order of milliseconds: - signature: 3.6 ms - verify: 0.19 ms Now you can try the EVP interface. Kirk