New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/tls: tls.X509KeyPair is slow #6626
Comments
Not going to touch anything for Go 1.2. That said, what if you change rsa.PrivateKey.Validate's ProbablyPrime(20) to ProbablyPrime(1)? There was a mistake transcribing Knuth's pseudocode in creating Plan 9's probably_prime function, so that even when asked to do 20 rounds it did just 1 round, so I looked into the importance of the extra rounds a while back. My summary is at http://9fans.net/archive/2010/03/250. For real RSA keys, I believe one round suffices. A followup message suggested that it might be worth varying the number of rounds based on the length of the prime. http://9fans.net/archive/2010/03/252 Labels changed: added priority-later, go1.3maybe, removed priority-triage. Status changed to Accepted. |
I would like to see this issue added to the 1.5 milestone. RSA private key validation is prohibitively slow, to the point where it is dominating the startup time for a server that loads just a few keypairs. I have submitted a CL for benchmarks that cover tls.X509KeyPair. Here is a sample run on my machine:
Switching the
|
Adam, thoughts? |
The text was updated successfully, but these errors were encountered: