Integrated: 8286433: Cache certificates decoded from TLS session tickets
Daniel Jeliński
djelinski at openjdk.java.net
Thu May 12 06:52:56 UTC 2022
On Mon, 9 May 2022 19:38:36 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
> When a TLS server resumes a session from a stateless session ticket, it populates the `SSLSessionImpl`'s `localCerts` and `peerCerts` fields with certificates deserialized from the session ticket. These certificates are often the same across a large number of tickets.
>
> This patch implements a certificate cache lookup for these certificates. This enables us to avoid deserializing the same certificates repeatedly, and saves memory by reusing the same certificate objects.
This pull request has now been integrated.
Changeset: 96d48f38
Author: Daniel Jeliński <djelinski at openjdk.org>
URL: https://git.openjdk.java.net/jdk/commit/96d48f386b59096c6d1c88c142037c44db5ccacf
Stats: 26 lines in 2 files changed: 13 ins; 8 del; 5 mod
8286433: Cache certificates decoded from TLS session tickets
Reviewed-by: coffeys, xuelei
-------------
PR: https://git.openjdk.java.net/jdk/pull/8608
More information about the security-dev
mailing list