RFR: 8284694: Avoid evaluating SSLAlgorithmConstraints twice

[Daniel Jeliński]

On Tue, 12 Apr 2022 11:28:12 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:

> During TLS handshake, hundreds of constraints are evaluated to determine which cipher suites are usable. Most of the evaluations are performed using `HandshakeContext#algorithmConstraints` object. By default that object contains a `SSLAlgorithmConstraints` instance wrapping another `SSLAlgorithmConstraints` instance. As a result the constraints defined in `SSLAlgorithmConstraints` are evaluated twice.
> 
> This PR improves the default case; if the user-specified constraints are left at defaults, we use a single `SSLAlgorithmConstraints` instance, and avoid duplicate checks.

Results of the attached benchmark:
Before:

Benchmark                 (resume)  (tlsVersion)   Mode  Cnt     Score     Error  Units
SSLHandshake.doHandshake      true       TLSv1.2  thrpt    5  1407.320 ± 302.562  ops/s
SSLHandshake.doHandshake      true           TLS  thrpt    5   391.037 ±  13.014  ops/s
SSLHandshake.doHandshake     false       TLSv1.2  thrpt    5   280.003 ±  69.273  ops/s
SSLHandshake.doHandshake     false           TLS  thrpt    5   233.401 ±   9.371  ops/s


After:

Benchmark                 (resume)  (tlsVersion)   Mode  Cnt     Score     Error  Units
SSLHandshake.doHandshake      true       TLSv1.2  thrpt    5  2267.325 ± 119.800  ops/s
SSLHandshake.doHandshake      true           TLS  thrpt    5   490.465 ±  24.698  ops/s
SSLHandshake.doHandshake     false       TLSv1.2  thrpt    5   340.275 ±  72.833  ops/s
SSLHandshake.doHandshake     false           TLS  thrpt    5   271.656 ±   5.444  ops/s


The results show a nice double-digit improvement across the board.

-------------

PR: https://git.openjdk.java.net/jdk/pull/8199