tomaswolf commented on issue #686:
URL: https://github.com/apache/mina-sshd/issues/686#issuecomment-2717994703
> the performance with the native provider got worse of about 20 percent
That is surprising.
So maybe back to the start: what SecurityProviders are available out of the
box on the device? Is there one that already has native AES? (I would assume
so.) If so, try forcing that one to be used for AES via a
SecurityProviderRegistrar.
Or: if there is no registrar supporting an algorithm and the
SecurityProviderChoice is EMPTY (the default), then SecurityUtils.getCipher()
should fall back to just calling Cipher.getInstance("AES"), which should give
the one from whatever the default security provider on the device is. I would
assume that that default provider would have an efficient implementation. So
maybe the solution is to configure the server to not use the Bouncy Castle
provider for ciphers. I think that could be done by defining system properties.
For instance `-Dorg.apache.sshd.security.provider.BC.Cipher=none` should switch
off using Bouncy Castle for any cipher. (And likewise for Macs via
`-Dorg.apache.sshd.security.provider.BC.Mac=none`.)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
