Re: X509_STORE and X509_verify performance

[Chris Jarshant]

And just to be clear, it was the for() loop that calls X509_STORE_add_cert() for each cert that was taking forever, not the actual verification, which took no perceivable (in terms of user interface delay) time.   cj   ----- Original Message ----- From: Chris Jarshant To: [EMAIL PROTECTED] Sent: Monday, March 31, 2003 7:18 PM Subject: X509_STORE and X509_verify performance I generated 1000 test self-signed CA certs, and wrote a small program to add them all to an X509_STORE in preparation for verifying a certificate.. But this operation took a LONG, LONG time.  Even adding 500 certs took approx. 30 seconds!  It appeared to go real fast for the first 100 certs, then decelerate, so I suspect some kind of sorting or linear search algorithm that is slowing things down.   Has anyone else experienced this?  I am fearful of what is going to happen (or not happen) when I try my test 1000-cert deep chained cert verification.   cj