Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-6591117

Poor preformance of PKCS#11 security provider compared to Sun default provider

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: P3 P3
    • 7
    • 1.4.2, 5.0u15
    • security-libs

        Poor performance of random number generation when using PKCS#11 security provider compared to Sun default security provider. See testcase below :

        % cat RandomTest.java
        import java.security.SecureRandom;
        import java.util.Random;
        import java.security.Security;
        import java.security.Provider;

        public class RandomTest
        {
            private static final char SESSION_CHARS[] = {
                'Q', 'B', 'C', 'D', 'G', 'F', 'G', 'H', 'L', 'J',
                'K', 'L', 'M', 'N', 'T', 'P', 'Q', 'R', 'S', 'T',
                'J', 'V', 'W', 'X', 'Y', 'Z', 'h', 'b', 'c', 'd',
                'p', 'f', 'g', 'h', 'v', 'j', 'k', 'l', 'm', 'n',
                'y', 'p', 'q', 'r', 's', 't', 'n', 'v', 'w', 'x',
                'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7',
                '8', '9', '2', '1'
            };
            
            private static int ID_LENGTH = 48;
            private static int COUNT = 10000;
            
            private SecureRandom securerandom;
            
            public static void main( String args[] ) throws Exception
            {
                RandomTest randomTest = new RandomTest();

                randomTest.printInfo();
                
                System.out.println( "Starting test...." );
                
                long startTime = System.currentTimeMillis();
                
                for( int i=0; i<COUNT; i++ )
                {
                    randomTest.getNextId();
                }
                
                long endTime = System.currentTimeMillis();
                
                System.out.println( "Test completed." );
                System.out.println( "Total time millis: " + (endTime - startTime) );
                System.out.println( "Average ID generation time millis: " + ((double)(endTime - startTime))/COUNT );
            }

            protected void printInfo() throws Exception
            {
              //securerandom = SecureRandom.getInstance("SHA1PRNG", "SUN");
              //securerandom = SecureRandom.getInstance("NativePRNG", "SUN");
              securerandom = new SecureRandom();

                System.out.println( "Used provider:" );
                System.out.println( securerandom.getProvider() );
                System.out.println( "Used algorithm:" );
                System.out.println( securerandom.getAlgorithm() );
            }

            private String getNextId()
            {
                char ac[] = new char[ID_LENGTH];
                int i = (int)(System.currentTimeMillis() / 1000L);
                
                //SecureRandom securerandom = LocalRJVM.getLocalRJVM().getSecureRandom();
                for(int j = 0; j < ID_LENGTH; j++)
                    if(j <= 3 || j >= 8)
                        ac[j] = SESSION_CHARS[securerandom.nextInt(SESSION_CHARS.length)];

                ac[4] = SESSION_CHARS[i >> 24 & 0x3f];
                ac[5] = SESSION_CHARS[i >> 16 & 0x3f];
                ac[6] = SESSION_CHARS[i >> 8 & 0x3f];
                ac[7] = SESSION_CHARS[i & 0x1f];
                
                return new String(ac);
            }
        }


        % uname -a
        SunOS xxx 5.10 Generic_118833-36 sun4u sparc SUNW,Sun-Blade-100
        % java -version
        java version "1.5.0_11"
        Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_11-b03)
        Java HotSpot(TM) Client VM (build 1.5.0_11-b03, mixed mode, sharing)
        % javac RandomTest.java
        % java RandomTest
        Used provider:
        SUN version 1.5
        Used algorithm:
        SHA1PRNG
        Starting test....
        Test completed.
        Total time millis: 1617
        Average ID generation time millis: 0.1617
        % javac RandomTest.java
        % java RandomTest
        Used provider:
        SUN version 1.5
        Used algorithm:
        NativePRNG
        Starting test....
        Test completed.
        Total time millis: 3633
        Average ID generation time millis: 0.3633
        % javac RandomTest.java
        % java RandomTest
        Used provider:
        SunPKCS11-Solaris version 1.5
        Used algorithm:
        PKCS11
        Starting test....
        Test completed.
        Total time millis: 8539
        Average ID generation time millis: 0.8539

              valeriep Valerie Peng
              apoddany Arnaud Poddany (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: