That is good to know, and I assumed it will hash only once, but I want to skip that one time as well, and have the verification done only once on the certificate, and then while my application may run for a year, I just want to compare the public key with memcpy even without that one time hash, (unless that hash also is done automaticly when loading the cert into the X509 before calling the compare function.
Thanks, Joe On 1/26/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > On Thu, Jan 26, 2006, Joe Gluck wrote: > > > Hi, > > > > > > I am using OpenSSL and although they have the X509_cmp() function, I > > prefer not to use it because it rehashes the certificate (or at least > > it seems so to me) and I want to get the maximum performance I can > > get., so I built my own compare function and I would like to hear your > > opinion. > > > > It calculates the certificate hash once and caches the result. > > Various operations in OpenSSL automatically calculate the hash: for example > the standard certificate verification process. > > So after the first hash it simply does a memcmp() of two 20 byte buffers which > should be efficient enough for anyone... > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
