Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML]

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML]


Chronological Thread 
  • From:
  • To:
  • Subject: Re: [OpenSAML]
  • Date: Thu, 17 Jul 2008 09:20:09 -0400


OK, verified that you are correct - ran a quick test using different JVM's:

import java.security.SecureRandom;
public class SecureRandomTest {
        public static void main(String[] args) throws Exception {
                SecureRandom rand = SecureRandom.getInstance("SHA1PRNG");
                int cnt = 5;
                long startTime = System.currentTimeMillis();
                for(int i = 0; i < cnt; i++)
                        generateIdentifier(rand,16);

                long endTime = System.currentTimeMillis();
                System.out.println("Processed in " + ((endTime-startTime))/cnt + " milliseconds (avg).");
        }
    public static String generateIdentifier(SecureRandom random,int size) {
        byte[] buf = new byte[size];
        random.nextBytes(buf);
        return buf.toString();
    }
}

IBM JVM: Processed in 498 milliseconds (avg).
Sun JVM 1.4: Processed in 12 milliseconds (avg).

Thanx for pointing me in the right direction!

Edward Thompson


Authentication & Entitlements



Chad La Joie <>

07/17/2008 08:49 AM

Please respond to

To
cc
Subject
Re: [OpenSAML]





This could be an IBM JVM issue.  The other windows users that I know are
running on Sun's VM.

Are there any other Windows's user also using IBM's JVM that could test
this?


wrote:
> Sorry, should have provided more detail:
>
> WebSphere Platform 6.1 [BASE 6.1.0.2 cf20633.22]  running with process
> name DWS3WACH37czwc1Node01Cell\DWS3WACH37czwc1Node01\server1 and process
> id 4332
> Host Operating System is Windows XP, version 5.1 build 2600 Service Pack 2
> Java version = J2RE 1.5.0 IBM J9 2.3 Windows XP x86-32 j9vmwi3223-20060504
> (JIT enabled)
> J9VM - 20060501_06428_lHdSMR
> JIT  - 20060428_1800_r8
> GC   - 20060501_AA, Java Compiler = j9jit23, Java VM name = IBM J9 VM
>
> Here are the security providers for this JVM:
> security.provider.1=com.ibm.crypto.provider.IBMJCE
> security.provider.2=com.ibm.jsse.IBMJSSEProvider
> security.provider.3=com.ibm.jsse2.IBMJSSEProvider2
> security.provider.4=com.ibm.security.jgss.IBMJGSSProvider
> security.provider.5=com.ibm.security.cert.IBMCertPath
> security.provider.6=com.ibm.crypto.pkcs11.provider.IBMPKCS11
> security.provider.7=com.ibm.security.cmskeystore.CMSProvider
> security.provider.8=com.ibm.security.jgss.mech.spnego.IBMSPNEGO
>
> And I add bouncycastle in the code.  This is just my sandbox.
>
> Edward Thompson
>
>
>
>
>
> Chad La Joie <>
> 07/17/2008 08:13 AM
> Please respond to
>
>
>
> To
>
> cc
>
> Subject
> Re: [OpenSAML]
>
>
>
>
>
>
> Sun or IBM?
>
> wrote:
>> 1.5_15 running under websphere 6.1
>>
>> Edward Thompson
>>
>>
>>
>>
>>
>> Chad La Joie <>
>> 07/17/2008 08:03 AM
>> Please respond to
>>
>>
>>
>> To
>>
>> cc
>>
>> Subject
>> Re: [OpenSAML]
>>
>>
>>
>>
>>
>>
>> I know some other people are using this on Windows and I haven't heard
>> anything like this from them.  What JVM are you using?
>>
>> wrote:
>>> I am using the latest SAML2 library for Java.
>>> When I call the encrypt() method of an Encryter for an Attribute, it
>> looks
>>> like the downline code is using
>>> SecureRandom to generate an unique id for the Node.  On my XP machine
> at
>>> least, this is a VERY expensive operation, and I find it spending
>> 2.2-2.5
>>> seconds
>>> in the nextByte() .
>>>
>>> Do others find this to be true?  Is there a way I can generate my own
> id
>>> for the Node?
>>>
>>> SecureRandom is critical for key generation et al. but isn't it
> overkill
>>> for generating a simple id?
>>> What am I missing?
>>>
>>> Edward Thompson
>>> Charlotte, NC 28202
>>>
>

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
, http://www.switch.ch





Archive powered by MHonArc 2.6.16.

Top of Page