Hi Tony & Sean,
As it turns out, caching the availability of algorithms is sufficient
to get a massive speedup here. Check out the results on
https://github.com/openjdk/jdk/pull/8349 and let me know what you
think.
Regards,
Daniel
śr., 20 kwi 2022 o 22:22 Seán Coffey napisał(a):
>
> I think the
I think the work done with 8284694 will help alot in any case since I
suspect the same SSLAlgorithmConstraints Object will be shared much more
now (rather than spin off new copies)
Some recent JFRs I looked at show that alot of CPU cycles[1] get taken
in the HandshakeContext methods of :
sun.
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains a `SSLAlgorithmConstraints` instance wrapping another
> `S
On Tue, 19 Apr 2022 17:16:29 GMT, Daniel Jeliński wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> conta
On Wed, 20 Apr 2022 10:28:39 GMT, Daniel Jeliński wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
>> line 94:
>>
>>> 92: AlgorithmConstraints userSpecifiedConstraints,
>>> 93: boolean withDefaultCertPathConstraints) {
>>> 94: i
On Wed, 20 Apr 2022 04:19:38 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Replace remaining constructors with factory methods
>
> src/java.base/share/classes/sun/security/ssl/SSLAlgori
On Tue, 19 Apr 2022 17:16:29 GMT, Daniel Jeliński wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> conta
On Tue, 19 Apr 2022 17:21:20 GMT, Daniel Jeliński wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
>> line 94:
>>
>>> 92: * @return a SSLAlgorithmConstraints instance
>>> 93: */
>>> 94: static AlgorithmConstraints forSocket(SSLSocket socket,
>>
On Tue, 19 Apr 2022 14:23:07 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - add more factory methods, update copyright
>> - return DEFAULT also when user constraints are null
>
> src/
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains a `SSLAlgorithmConstraints` instance wrapping another
> `S
On Thu, 14 Apr 2022 21:05:06 GMT, Daniel Jeliński wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> conta
On Wed, 13 Apr 2022 06:46:51 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - add more factory methods, update copyright
>> - return DEFAULT also when user constraints are null
>
> Nice
On Wed, 13 Apr 2022 06:46:51 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with two
>> additional commits since the last revision:
>>
>> - add more factory methods, update copyright
>> - return DEFAULT also when user constraints are null
>
> Nice
On Thu, 14 Apr 2022 21:05:06 GMT, Daniel Jeliński wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> conta
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains a `SSLAlgorithmConstraints` instance wrapping another
> `S
On Thu, 14 Apr 2022 15:53:53 GMT, Xue-Lei Andrew Fan wrote:
>> as of today, this method is never called with a `null` argument
>> (`SSLConfiguration#userSpecifiedAlgorithmConstraints` is initialized to
>> `DEFAULT` and cannot be reset to `null`), but I can add a null check for
>> future-proofi
On Thu, 14 Apr 2022 15:43:42 GMT, Daniel Jeliński wrote:
>>> @XueleiFan did you mean `||` (not `&&`) ?
>>
>> Thank you @dfuch. Yes, it should be "||".
>
> as of today, this method is never called with a `null` argument
> (`SSLConfiguration#userSpecifiedAlgorithmConstraints` is initialized to
On Thu, 14 Apr 2022 14:58:24 GMT, Xue-Lei Andrew Fan wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
>> line 73:
>>
>>> 71:
>>> 72: static AlgorithmConstraints wrap(AlgorithmConstraints
>>> userSpecifiedConstraints) {
>>> 73: if (userSpecifiedCo
On Thu, 14 Apr 2022 04:24:07 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Avoid nesting SSLAlgorithmConstraints
>
> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints
On Thu, 14 Apr 2022 04:24:07 GMT, Xue-Lei Andrew Fan wrote:
>> Daniel Jeliński has updated the pull request incrementally with one
>> additional commit since the last revision:
>>
>> Avoid nesting SSLAlgorithmConstraints
>
> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints
On Wed, 13 Apr 2022 20:32:02 GMT, Daniel Jeliński wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> conta
On Wed, 13 Apr 2022 16:02:50 GMT, Xue-Lei Andrew Fan wrote:
>> Thanks @XueleiFan for the review!
>> If we do that, this will result in a behavior change for cases where
>> `enabledX509DisabledAlgConstraints` = false; is that okay? Or should we set
>> `enabledX509DisabledAlgConstraints` = true i
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains a `SSLAlgorithmConstraints` instance wrapping another
> `S
Hi Sean,
Caching is an interesting idea. I've wondered for a while off and on
about how to speed it up, but hadn't come up with a solution I liked.
The complication with caching is while something like an algorithm name
only could be easy in a hashmap, it gets more complicated when you get
i
On Wed, 13 Apr 2022 07:50:55 GMT, Daniel Jeliński wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
>> line 72:
>>
>>> 70: }
>>> 71:
>>> 72: static AlgorithmConstraints wrap(AlgorithmConstraints
>>> userSpecifiedConstraints) {
>>
>> I may update all
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
On Wed, 13 Apr 2022 06:45:20 GMT, Xue-Lei Andrew Fan wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> co
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
On Tue, 12 Apr 2022 15:40:46 GMT, Claes Redestad wrote:
>> While this is technically true, `SSLAlgorithmConstraints` is an internal
>> class, so it's very unlikely that we will ever get `SSLAlgorithmConstraints`
>> other than `DEFAULT` here.
>
> Right, I see even `DEFAULT_SSL_ONLY` is only used
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
On Tue, 12 Apr 2022 15:19:41 GMT, Daniel Jeliński wrote:
>> src/java.base/share/classes/sun/security/ssl/SSLAlgorithmConstraints.java
>> line 73:
>>
>>> 71:
>>> 72: static AlgorithmConstraints wrap(AlgorithmConstraints
>>> userSpecifiedConstraints) {
>>> 73: if (userSpecifiedConst
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
On Tue, 12 Apr 2022 13:38:17 GMT, Claes Redestad wrote:
>> During TLS handshake, hundreds of constraints are evaluated to determine
>> which cipher suites are usable. Most of the evaluations are performed using
>> `HandshakeContext#algorithmConstraints` object. By default that object
>> contai
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
During TLS handshake, hundreds of constraints are evaluated to determine which
cipher suites are usable. Most of the evaluations are performed using
`HandshakeContext#algorithmConstraints` object. By default that object contains
a `SSLAlgorithmConstraints` instance wrapping another `SSLAlgorithm
On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński wrote:
> During TLS handshake, hundreds of constraints are evaluated to determine
> which cipher suites are usable. Most of the evaluations are performed using
> `HandshakeContext#algorithmConstraints` object. By default that object
> contains
37 matches
Mail list logo
