I'm using nss with a sqlite database I noticed that
CERT_GetCertChainFromCert will rebuild the whole chain again and again
by going PKCS#11 calls that all go to the sqlite database.
Sqlite is very fast but if you have a deep CA chain and a larger number
of certificates it will start to add up.
Is there a reason an internal slot can't work with the cache
if (!PK11_IsInternal(nss3slot) && PK11_IsHW(nss3slot)) {
rvToken->cache = nssTokenObjectCache_Create(rvToken,
PR_TRUE, PR_TRUE,
PR_TRUE);
if (!rvToken->cache)
goto loser;
}
Regards,
Wolter
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
