[gnutls-devel] CRLs
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jun 4 15:16:48 CEST 2014
On Wed, Jun 4, 2014 at 11:38 AM, Nikos Mavrogiannopoulos
<nmav at gnutls.org> wrote:
> However, to get further improvements an API change is required, i.e.,
> an iterator based function to read values for large sequences or sets
> that are read in a serialized way.
It seems that using the low-level API of libtasn1 could help. I've
managed to reduce to 1/3 of the running time using some caching, but
unfortunately it requires a new function as it would change the
semantics of gnutls_x509_crl_get_crt_serial(). Nevertheless the time
for the command
time ./certtool --outfile /dev/null --inder --crl-info < gsorganizationvalg2.crl
user 29m23.138s
when converted to gnutls_x509_crl_get_crt_serial2() reduces to:
user 9m10.781s
regards,
Nikos
More information about the Gnutls-devel
mailing list