The encryption function within OpenSSL calls a blinding function to randomise the amount of time spent in the crypto operation. Within that function it calls on the random generator to get some random bits.
What platform are you on? I wonder if the generator has not been seeded properly for some reason?
Do you have a debug version of openssl that you can trace down to exactly where the time is?
Cheers,
BerinGRU Samuel wrote:
Hi Berin,
I have traced the process and all time is being spent in the RSA_private_encrypt function called in OpenSSLCryptoKeyRSA::signSHA1PKCS1Base64Signature(..)
Has you got an idea ?
Samuel.
GRU Samuel a �crit :
I don't trace the process for the moment (i don't have the time, i have an over bug in a other part of my code :-( )
but i do this and i had this result :
- The first time i called "sign()" after i launched apache : ~1 s the first time and ~0.1 s after (in the same process)
- After when i called it : the time increased each time ! (~1, 4s ->... -> ~2s->........->~15s->...)
- And when i stop and restart apache , the new first time : ~1s
I will tell you when i will trace the process !
Samuel.
Berin Lautenbach a �crit :
Samuel,
15 seconds is a long time! It would be interesting to know where the time is being spent. Are you able to trace the process?
I am assuming you are calling sign() multiple times from the same process?
Cheers, Berin
GRU Samuel wrote:
Hi,
First, i work on Windows 2000 and i used VC7 to compile the library.
I use the security library to sign my XML but i have a problem of when i call the sign() method.
I use it with OpenSSL, and i used RSA.
In a application, the first time, i spend 1 second in it. After, just 0,01 second
In a DLL (a web service with apache), the first time, i spend 15-20 seconds in it. After, just 0,01 second
It is too much. ;-) Why? And Why the difference ?
Samuel Gru
