RFR: 8322767: TLS full handshake is slow with PKCS12KeyStore and X509KeyManagerImpl
Hai-May Chao
hchao at openjdk.org
Tue Mar 19 00:03:29 UTC 2024
For the PKIX KeyManager and PKCS12 Keystore, when the TLS server sends the ServerHello message and ultimately calls the X509KeyManagerImpl.chooseEngineServerAlias() method, it retrieves the private key from the keystore, decrypts it, and caches both the key and its certificate. This caching currently occurs only during a single handshake. Since decryption can be time-consuming, a modification has been implemented to cache the keystore entries at initialization time. This way, it won't be necessary to retrieve and decrypt the keys for multiple handshakes, which could lead to performance drawbacks.
A change was made to also update/refresh the cached entry as the certificates in the PKCS12 keystore may change, for scenarios like when the certificate expires and a new one is added under a different alias, and the certificate chain returned by the PKCS12 keystore is not the same as the one in the cache. While attempting to handle when to refresh a cached entry to accommodate keystore changes, we would like to know if you agree that this improvement is worth the risk. We would also like to know if you have a preference for other options:
1. Accept that PKIX+PKCS12 is slow.
2. Add a configuration option (system property, maybe) to decide the level of caching (1 - same as the existing one, 2 - same caching as in SunX509KeyManagerImpl, 3 - the new caching introduced in this change).
Additionally, the benchmark test SSLHandshake.java is modified to include a @Param annotation, allowing it to pass different KeyManagerFactory values (SunX509 and PKIX) to the benchmark method.
Running modified SSLHandshake.java test prior to the change that caches the PKCS12 keystore entries for PKIX:
Benchmark (keyMgr) (resume) (tlsVersion) Mode Cnt Score Error Units
SSLHandshake.doHandshake SunX509 true TLSv1.2 thrpt 15 9346.292 ? 379.023 ops/s
SSLHandshake.doHandshake SunX509 true TLS thrpt 15 940.175 ? 21.215 ops/s
SSLHandshake.doHandshake SunX509 false TLSv1.2 thrpt 15 594.418 ? 23.374 ops/s
SSLHandshake.doHandshake SunX509 false TLS thrpt 15 534.030 ? 16.709 ops/s
SSLHandshake.doHandshake PKIX true TLSv1.2 thrpt 15 9359.086 ? 246.257 ops/s
SSLHandshake.doHandshake PKIX true TLS thrpt 15 933.835 ? 81.388 ops/s
SSLHandshake.doHandshake PKIX false TLSv1.2 thrpt 15 104.764 ? 3.237 ops/s
SSLHandshake.doHandshake PKIX false TLS thrpt 15 99.397 ? 5.645 ops/s
Running modified SSLHandshake.java test with the change that caches the PKCS12 keystore entries for PKIX:
Benchmark (keyMgr) (resume) (tlsVersion) Mode Cnt Score Error Units
SSLHandshake.doHandshake SunX509 true TLSv1.2 thrpt 15 9580.548 ? 93.887 ops/s
SSLHandshake.doHandshake SunX509 true TLS thrpt 15 897.413 ? 49.559 ops/s
SSLHandshake.doHandshake SunX509 false TLSv1.2 thrpt 15 516.918 ? 54.658 ops/s
SSLHandshake.doHandshake SunX509 false TLS thrpt 15 472.145 ? 19.537 ops/s
SSLHandshake.doHandshake PKIX true TLSv1.2 thrpt 15 9283.989 ? 218.025 ops/s
SSLHandshake.doHandshake PKIX true TLS thrpt 15 838.580 ? 100.300 ops/s
SSLHandshake.doHandshake PKIX false TLSv1.2 thrpt 15 533.631 ? 57.975 ops/s
SSLHandshake.doHandshake PKIX false TLS thrpt 15 535.980 ? 10.160 ops/s
-------------
Commit messages:
- Remove synchronized (keyStore) code from ProcessCredentials()
- Update to address concurrent update and caching mismatch
- Update cached map properly for PKCS12KeyStore
- Update credentialsMap to accommodate when there is a change in the underlying KeyStore
- 8322767: TLS full handshake is slow with PKCS12KeyStore and X509KeyManagerImpl
Changes: https://git.openjdk.org/jdk/pull/17956/files
Webrev: https://webrevs.openjdk.org/?repo=jdk&pr=17956&range=00
Issue: https://bugs.openjdk.org/browse/JDK-8322767
Stats: 240 lines in 2 files changed: 234 ins; 1 del; 5 mod
Patch: https://git.openjdk.org/jdk/pull/17956.diff
Fetch: git fetch https://git.openjdk.org/jdk.git pull/17956/head:pull/17956
PR: https://git.openjdk.org/jdk/pull/17956
More information about the security-dev
mailing list