Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8284694

Avoid evaluating SSLAlgorithmConstraints twice

    XMLWordPrintable

    Details

      Backports

        Description

        Algorithm constraints from HandshakeContext#algorithmConstraints are heavily used during TLS handshake.
        The field contains an instance of SSLAlgorithmConstraints that wraps sslconfig.userAlgorithmConstraints, which by default is another instance of SSLAlgorithmConstraints.

        Both instances perform the same checks, namely, they verify if algorithms meet the constraints listed in jdk.tls.disabledAlgorithms and jdk.certpath.disabledAlgorithms. In effect every check is performed twice.

        Removing the duplicate checks should improve handshake performance.

          Attachments

            Issue Links

              Activity

                People

                Assignee:
                djelinski Daniel Jelinski
                Reporter:
                djelinski Daniel Jelinski
                Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: