It has been identified that when using OpenSSL version 3.x the message digest context initialization is much more expensive than using OpenSSL version 1.x. This update optimizes the use of OpenSSL contexts by making use of a simple cache.
We will create a second initialized openssl digest context when the message digest cipher is initialized. This second context, defined as context->cachedInitalizedDigestContext, will be copied over the working context, context->ctx, using the EVP_MD_CTX_copy_ex API whenever we wish to re-initalize this cipher. The restoration of a context occurs whenever a cipher is explictly reset or whenever a final digest is computed.
keithc-ca
commented
1 year ago
It has been identified that when using
OpenSSLversion3.xthe message digest context initialization is much more expensive than usingOpenSSLversion1.x. This update optimizes the use ofOpenSSLcontexts by making use of a simple cache.We will create a second initialized openssl digest context when the message digest cipher is initialized. This second context, defined as
context->cachedInitalizedDigestContext, will be copied over the working context,context->ctx, using theEVP_MD_CTX_copy_exAPI whenever we wish to re-initalize this cipher. The restoration of a context occurs whenever a cipher is explictly reset or whenever a final digest is computed.Backported from:
https://github.com/ibmruntimes/openj9-openjdk-jdk/pull/643
Signed-off by: Jason Katonica katonica@us.ibm.com