Re: RFR: 8272875: Change the default key manager to PKIX [v2]

Thu, 24 Apr 2025 12:18:25 -0700 

On Thu, 24 Apr 2025 18:30:00 GMT, Artur Barashev <abaras...@openjdk.org> wrote:

>> The current key manager is SunX509, which is configured in the 
>> java.security. The SunX509 algorithm does not check the local certificate. 
>> The PKIX algorithm should be preferred now so that the default key manager 
>> could be more robust.
>> 
>> Compatibility considerations:
>> 
>> 1) Customers using local certificates signed using algorithms prohibited by 
>> the default configuration (notably MD5 and SHA1) no longer will be able to 
>> use such certificates without modifying algorithm constraints in 
>> `java.security` config file.
>> 
>> 2) Performance impact: there is about x2 performance decrease for full 
>> (non-resume) TLS handshake:
>> 
>> **SUNX509**
>> Benchmark                                    (resume)  (tlsVersion)   Mode  
>> Cnt      Score     Error  Units
>> SSLHandshake.doHandshake      true       TLSv1.2  thrpt   15  19758.012 ± 
>> 758.237  ops/s
>> SSLHandshake.doHandshake      true           TLS  thrpt   15   1861.695 ±  
>> 14.681  ops/s
>> SSLHandshake.doHandshake     false       TLSv1.2  thrpt   15   **1186.962** 
>> ±  12.085  ops/s
>> SSLHandshake.doHandshake     false           TLS  thrpt   15   **1056.288** 
>> ±   7.197  ops/s
>> Finished running test 'micro:java.security.SSLHandshake'
>> 
>> **PKIX**
>> Benchmark                                   (resume)  (tlsVersion)   Mode  
>> Cnt      Score     Error  Units
>> SSLHandshake.doHandshake      true       TLSv1.2  thrpt   15  19724.887 ± 
>> 393.636  ops/s
>> SSLHandshake.doHandshake      true           TLS  thrpt   15   1848.927 ±  
>> 22.946  ops/s
>> SSLHandshake.doHandshake     false       TLSv1.2  thrpt   15    **511.684** 
>> ±   5.405  ops/s
>> SSLHandshake.doHandshake     false           TLS  thrpt   15    **490.698** 
>> ±   6.453  ops/s
>> Finished running test 'micro:java.security.SSLHandshake'
>
> Artur Barashev has updated the pull request incrementally with one additional 
> commit since the last revision:
> 
>   Skip explicit KeyPair initialization and let the provider default set it

> The discussion of https://github.com/openjdk/jdk/pull/17956 contains an 
> extensive performance analyses.

TL;DR: PKCS12 decrypts the private key before every use. The performance hit 
comes from applying PBKDF2 to the key encryption password.

-------------

PR Comment: https://git.openjdk.org/jdk/pull/24756#issuecomment-2828625887

Reply via email to