[botan-devel] quickest way if inporting an RSA private key?

Jack Lloyd lloyd at randombit.net
Fri Feb 25 06:11:26 EST 2011


The problem is almost certainly that when you import a key, botan
performs as many consistency checks as reasonably possible. You
can toggle these off at build time by manipulating these macros in
build.h:

#define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 1
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 1
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_GENERATE 1

There are two easy ways to make sure they are set every time:

You can edit src/build-data/buildh.in, which is the template for
build.h

Or you can write a new file with

#undef BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD
#define BOTAN_PUBLIC_KEY_STRONG_CHECKS_ON_LOAD 0

#undef BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD
#define BOTAN_PRIVATE_KEY_STRONG_CHECKS_ON_LOAD 0

(I would definitely not recommend disabling the strong checks for key
generation)

And loading it into build.h at configure time with

configure.py --with-local-config=<file>

Hope this helps.

-Jack

On Sat, Feb 19, 2011 at 01:57:23PM +0100, bert hubert wrote:
> Hi everybody,
> 
> While Botan continues to rock, I'm running into a small performance issue.
> 
> This line of code:
> 
>   d_key = shared_ptr<RSA_PrivateKey>(new RSA_PrivateKey(rng, p, q, e, d, n));
> 
> is costing me 7 msec for a 2048 bits key and 3 msec for a 1024 bits key.
> Given my 150k key experiments (see
> http://twitter.com/#!/PowerDNS_Bert/status/38734778597519361 ) this is
> tripping me up!
> 
> It strikes me that not a lot is/should be happening during this operations,
> is there any way to speed things up?
> 
> Or am I wrong and is there work to be done on reading a key from bigints?
> 
> 	Bert
> 
> 
> _______________________________________________
> botan-devel mailing list
> botan-devel at randombit.net
> http://lists.randombit.net/mailman/listinfo/botan-devel



More information about the botan-devel mailing list