Skip to content

Proliferation of BouncyCastleProvider instances causing large memory consumption #94

New issue
New issue
Closed
Closed
Proliferation of BouncyCastleProvider instances causing large memory consumption#94
Milestone
0.9.17
@bbrowning

Description

@bbrowning
bbrowning
opened on May 31, 2016

The upgrade to BouncyCastle 1.54 has introduced a bug where we're creating a new BouncyCastleProvider instance for every X509AuxCertificate we create. The code path that leads to this is:

jruby-openssl/src/main/java/org/jruby/ext/openssl/x509store/X509AuxCertificate.java

Line 81 in eb200e5

CertificateFactory factory = SecurityHelper.getCertificateFactory("X.509");

which calls

jruby-openssl/src/main/java/org/jruby/ext/openssl/SecurityHelper.java

Line 194 in f1ca23c

static CertificateFactory getCertificateFactory(final String type, final Provider provider)

which ends up creating a new instance of org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory that instantiates a new BCJcaJceHelper at
https://github.com/bcgit/bc-java/blob/r1rv54/prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java#L40
which ends up returning a new instance of BouncyCastleProvider at
https://github.com/bcgit/bc-java/blob/r1rv54/prov/src/main/java/org/bouncycastle/jcajce/util/BCJcaJceHelper.java#L22 unless the provider is registered already.

This causes the memory consumption of each X509AuxCertificate to explode for me, leading to a baseline memory usage of about 65MB of just BouncyCastleProvider objects in every JRuby runtime. This may be related to #86.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions