RFR: 8259065: java.security.Provider should cache default constructors
Claes Redestad
redestad at openjdk.java.net
Tue Jan 5 10:18:07 UTC 2021
By caching default constructors used in `java.security.Provider::newInstanceUtil` in a `ClassValue`, we can reduce the overhead of allocating instances in a variety of places, e.g., `MessageDigest::getInstance`, without compromising thread-safety or security.
On the provided microbenchmark `MessageDigest.getInstance(digesterName)` improves substantially for any `digesterName` - around -90ns/op and -120B/op:
Benchmark (digesterName) Mode Cnt Score Error Units
GetMessageDigest.getInstance md5 avgt 30 293.929 ± 11.294 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm md5 avgt 30 424.028 ± 0.003 B/op
GetMessageDigest.getInstance SHA-1 avgt 30 322.928 ± 16.503 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm SHA-1 avgt 30 688.039 ± 0.003 B/op
GetMessageDigest.getInstance SHA-256 avgt 30 338.140 ± 13.902 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm SHA-256 avgt 30 640.037 ± 0.002 B/op
GetMessageDigest.getInstanceWithProvider md5 avgt 30 312.066 ± 12.805 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm md5 avgt 30 424.029 ± 0.003 B/op
GetMessageDigest.getInstanceWithProvider SHA-1 avgt 30 345.777 ± 16.669 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm SHA-1 avgt 30 688.040 ± 0.003 B/op
GetMessageDigest.getInstanceWithProvider SHA-256 avgt 30 371.134 ± 18.485 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm SHA-256 avgt 30 640.039 ± 0.004 B/op
Patch:
Benchmark (digesterName) Mode Cnt Score Error Units
GetMessageDigest.getInstance md5 avgt 30 210.629 ± 6.598 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm md5 avgt 30 304.021 ± 0.002 B/op
GetMessageDigest.getInstance SHA-1 avgt 30 229.161 ± 8.158 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm SHA-1 avgt 30 568.030 ± 0.002 B/op
GetMessageDigest.getInstance SHA-256 avgt 30 260.013 ± 15.032 ns/op
GetMessageDigest.getInstance:·gc.alloc.rate.norm SHA-256 avgt 30 520.030 ± 0.002 B/op
GetMessageDigest.getInstanceWithProvider md5 avgt 30 231.928 ± 10.455 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm md5 avgt 30 304.020 ± 0.002 B/op
GetMessageDigest.getInstanceWithProvider SHA-1 avgt 30 247.178 ± 11.209 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm SHA-1 avgt 30 568.029 ± 0.002 B/op
GetMessageDigest.getInstanceWithProvider SHA-256 avgt 30 265.625 ± 10.465 ns/op
GetMessageDigest.getInstanceWithProvider:·gc.alloc.rate.norm SHA-256 avgt 30 520.030 ± 0.003 B/op
See: https://cl4es.github.io/2021/01/04/Investigating-MD5-Overheads.html#reflection-overheads for context.
-------------
Commit messages:
- NSPE
- Add provider-based micro, reduce digesters checked by default
- Add GetMessageDigests micro
- Missing static
- 8259065: java.security.Provider should cache default constructors
Changes: https://git.openjdk.java.net/jdk/pull/1933/files
Webrev: https://webrevs.openjdk.java.net/?repo=jdk&pr=1933&range=00
Issue: https://bugs.openjdk.java.net/browse/JDK-8259065
Stats: 98 lines in 2 files changed: 94 ins; 2 del; 2 mod
Patch: https://git.openjdk.java.net/jdk/pull/1933.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/1933/head:pull/1933
PR: https://git.openjdk.java.net/jdk/pull/1933
More information about the security-dev
mailing list