[jira] Updated: (WSS-88) SecureRandom.getInstance("SHA1PRNG") is slow on IBM JDK 1.4.2 (And perhaps others)

Mon, 01 Oct 2007 07:28:12 -0700 

     [ 
https://issues.apache.org/jira/browse/WSS-88?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rasmus Rhein Helwigh updated WSS-88:
------------------------------------

    Attachment: patch.diff

This patch changes the files 

WSSecurityUtil
WSSecEncryptedKey

to use SecureRandom in the same way as

org.apache.ws.security.message.token.UsernameToken

This will make sure that each class only generates the random generator once.

> SecureRandom.getInstance("SHA1PRNG") is slow on IBM JDK 1.4.2 (And perhaps 
> others)
> ----------------------------------------------------------------------------------
>
>                 Key: WSS-88
>                 URL: https://issues.apache.org/jira/browse/WSS-88
>             Project: WSS4J
>          Issue Type: Improvement
>         Environment: Windows/ Solaris IBM JDK 1.4.2
>            Reporter: Rasmus Rhein Helwigh
>         Attachments: patch.diff
>
>
> The methods 
> org.apache.ws.security.message.WSSecEncryptedKey.generateEphemeralKey
> org.apache.ws.security.message.token ( static )
> org.apache.ws.security.util.generateNonce
> all use  the method
> java.security.SecureRandom.getInstance("SHA1PRNG") 
> generating random numbers with this instance is very slow on the IBM JDK ( 
> Generating 32 random bytes takes about 2 seconds, where it it takes less that 
> 1ms on SUN's jdk ).
> Would it be possible to use another random algorithm that performs better?
> The IBM JDK method SecureRandom.getInstance("IBMSecureRandom"); performs as 
> good as the one in the sun API.
> ----- Notes ----
> The reason I'm filing this improvement is because I'm using rampart to 
> request a Secure Token from a Tokenservice. Because of the above mentioned 
> problem, issuing a token takes 7.4 secons on a 2.4 ghz windows machine using 
> IBM jdk 1.4.2. On Suns JDK it takes 200ms. 
> As a result, I'm forced to use a custom build version of the WSS4J, but I'd 
> really prefer to use the std API.
> I know this could be seen as an error in the IBM jdk, but I'd prefer if I 
> could get the improvement done in the WSS4J API.
> Regards Rasmus Helwigh, Safewhere

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to