Re: Desperately seeking JDK1.1.x Signature help!!!

Jeff Nisewanger (Jeff.Nisewanger@Eng)
Wed, 24 Jun 1998 16:48:03 -0700

Date: Wed, 24 Jun 1998 16:48:03 -0700
From: Jeff.Nisewanger@Eng (Jeff Nisewanger)
Message-Id: <199806242348.QAA25109@puuoo.eng.sun.com>
To: java-security@web4.javasoft.com, burati@pubweb.net
Subject: Re: Desperately seeking JDK1.1.x Signature help!!!

> This has all been working fine up until this afternoon. I generate
> keys in a standalone utility, so the above SecureRandom bug hasn't
> been affecting us. Up until this afternoon, signing messages up to
> and through 300K was taking a few seconds (5?) at most. I just
> configured another piece into my test system (so I have two servlets
> signing messages, instead of one signing/one verifying). Even though
> Only one is signing/verifying at a time, the signing of 170K bytes is
> now taking 604 to 605 seconds *EVERY TIME*. What could cause this?
>
> Is Signature.sign() using the above SecureRandom class in a way that
> would cause this looping bug?
>
> I upgraded my Java Web Server1.1 from 1.1.5 to 1.1.6 based on the
> above claimed fix, and it's still agonizingly slow!

I cannot speak to why you are seeing such slow numbers all of
the sudden. The SecureRandom initialization issue that Charlie Lai was
speaking of occurs only the first time a SecureRandom object is created
(perhaps during the first signing or SSL connection) so that should not
be an issue for subsequent signing.

One thing to note is that the message digest implementations of
MD5 and SHA1 have been greatly speeded up in the JWS1.1.1 upgrade
release. Since these are used in SSL and in digital signing you may see
significant performance improvements when handling large amounts of
data in general from upgrading to JWS 1.1.1.

Jeff