[prev in list] [next in list] [prev in thread] [next in thread] 

List:       xmlrpc-user
Subject:    [jira] [Created] (WSS-673) Using default Java Security and Merlin is very slow for PKCS12
From:       "Joseph Athman (Jira)" <jira () apache ! org>
Date:       2020-05-29 0:50:00
Message-ID: JIRA.13308205.1590713391000.129970.1590713400037 () Atlassian ! JIRA
[Download RAW message or body]

Joseph Athman created WSS-673:
---------------------------------

             Summary: Using default Java Security and Merlin is very slow f=
or PKCS12
                 Key: WSS-673
                 URL: https://issues.apache.org/jira/browse/WSS-673
             Project: WSS4J
          Issue Type: Improvement
          Components: WSS4J Core
    Affects Versions: 2.2.5
            Reporter: Joseph Athman
            Assignee: Colm O hEigeartaigh


We use WSS4J to create SAML digital signatures. Recently, we switch from st=
oring our client private key from a JKS file to PKCS12 file. This seems to =
have had the unintended consequence of causing huge spikes in CPU usage.

After investigating the root cause, I believe the problem lies with the way=
 WSS4J will retrieve a new instance of the private key for every request. W=
ith a PKCS12 file this appears to be extremely slow and CPU intensive due t=
o the amount of time it takes to decrypt the private key.

I'm wondering if there is some way to have WSS4J cache this private key loo=
kup since it will always be the same each time.=C2=A0

Any ideas?



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org

[prev in list] [next in list] [prev in thread] [next in thread]