[13] RFR JDK-7107615 "scalability bloker in javax.crypto.JceSecurity"

Valerie Peng valerie.peng at oracle.com
Wed May 22 16:54:06 UTC 2019

Thanks, we do have optimization in place for default providers bundled 
with JDK. But for 3rd party providers, provider verification may get 
complicated and recursive.

Thanks again for the comments/feedbacks,
On 5/22/2019 3:20 AM, Alan Bateman wrote:
> On 22/05/2019 01:02, Valerie Peng wrote:
>> Well, I initially tried to use the computeIfAbsent, and I really like 
>> how the resulting code looks. But then as I checked the javadoc of 
>> the computeIfAbsent method, it seems that the provider verification 
>> code does not meet the criteria of short, simple requirement of the 
>> mapping func. In addition, the verification of 3rd party provider may 
>> trigger the verification of other providers which means updating the 
>> other mappings of the same map which the javadoc says the mapping 
>> func *must not* do. I don't know the internals of ConcurrentHashMap, 
>> would this possibly lead to a deadlock? So, I just followed the 
>> existing model of sync'ing on JceSecurity class. I didn't proceed 
>> with performance measuring of computeIfAbsent given the above reason.
> Fair enough, if it does indeed take a lot of time to compute then what 
> you have is okay.
> -Alan

More information about the security-dev mailing list