[gnutls-devel] CRLs
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jun 4 17:45:40 CEST 2014
On Wed, Jun 4, 2014 at 3:16 PM, Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On Wed, Jun 4, 2014 at 11:38 AM, Nikos Mavrogiannopoulos
> <nmav at gnutls.org> wrote:
>> However, to get further improvements an API change is required, i.e.,
>> an iterator based function to read values for large sequences or sets
>> that are read in a serialized way.
> It seems that using the low-level API of libtasn1 could help. I've
> managed to reduce to 1/3 of the running time using some caching, but
> unfortunately it requires a new function as it would change the
> semantics of gnutls_x509_crl_get_crt_serial(). Nevertheless the time
> for the command
> time ./certtool --outfile /dev/null --inder --crl-info < gsorganizationvalg2.crl
> user 29m23.138s
> when converted to gnutls_x509_crl_get_crt_serial2() reduces to:
> user 9m10.781s
And that drops to one second using the libtasn1 from git.
regards,
Nikos
More information about the Gnutls-devel
mailing list