RFR: 8324646: Avoid Class.forName in SecureRandom constructor [v2]
Weijun Wang
weijun at openjdk.org
Wed Jan 31 18:08:01 UTC 2024
On Wed, 24 Jan 2024 18:05:50 GMT, Oli Gillespie <ogillespie at openjdk.org> wrote:
>> Avoid expensive `Class.forName` call when constructing Providers such as `SecureRandom` which take constructor parameters. This can easily be cached in EngineDescription (this cache already existed before, it was removed in [JDK-8280970](https://bugs.openjdk.org/browse/JDK-8280970) as unused, I'm bringing it back unchanged to support this new usage).
>>
>> Benchmark results on my Linux x86 host show around a 20% reduction in time to create a new `SecureRandom` instance. Most of the remaining overhead is due to a failing constructor lookup - see [JDK-8324648](https://bugs.openjdk.org/browse/JDK-8324648).
>>
>>
>> Before
>> newSecureRandom avgt 2930 ± 50 ns/op
>>
>> After
>> newSecureRandom avgt 2400 ± 33 ns/op
>>
>>
>> I have seen multiple real-world applications which call `new SecureRandom()` on the hot path, so I believe efficiency here is important.
>
> Oli Gillespie has updated the pull request incrementally with two additional commits since the last revision:
>
> - Rename newSecureRandom -> create
> - Add copyright header to new file
You are converting from string to class anyway, and since this is only implementation detail inside one file, we can even backport it if it really helps.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/17559#issuecomment-1919637384
More information about the security-dev
mailing list