Re: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buffer copy in Pkcs7Verify()

Thu, 09 Sep 2021 09:33:56 -0700 

Hi, Any feedback or status update on this?

Thanks,

-bob

-----Original Message-----
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Bob Morgan via 
groups.io
Sent: Friday, August 27, 2021 2:07 PM
To: devel@edk2.groups.io
Cc: jiewen....@intel.com; jian.j.w...@intel.com; xiaoyux...@intel.com; 
guomin.ji...@intel.com; Bob Morgan <b...@nvidia.com>
Subject: [edk2-devel] [PATCH] CryptoPkg/BaseCryptLib: Eliminate extra buffer 
copy in Pkcs7Verify()

External email: Use caution opening links or attachments


Create a read-only openSSL BIO wrapper for the existing input buffer passed to 
Pkcs7Verify() instead of copying the buffer into an empty writable BIO which 
causes memory allocations within openSSL.

Signed-off-by: Bob Morgan <b...@nvidia.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
index d99597d181..8eda98f7b2 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7VerifyCommon.c
@@ -864,15 +864,11 @@ Pkcs7Verify (
   // For generic PKCS#7 handling, InData may be NULL if the content is present
   // in PKCS#7 structure. So ignore NULL checking here.
   //
-  DataBio = BIO_new (BIO_s_mem ());
+  DataBio = BIO_new_mem_buf (InData, (int) DataLength);
   if (DataBio == NULL) {
     goto _Exit;
   }

-  if (BIO_write (DataBio, InData, (int) DataLength) <= 0) {
-    goto _Exit;
-  }
-
   //
   // Allow partial certificate chains, terminated by a non-self-signed but
   // still trusted intermediate certificate. Also disable time checks.
--
2.17.1








-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#80447): https://edk2.groups.io/g/devel/message/80447
Mute This Topic: https://groups.io/mt/85195547/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to