logo
tencent/TencentKona/TencentKona-17
Public
25
3
WeChat Login
CodeIssuesPull requestsEventsPackagesInsights

Native EdDSA signature#31

Closed
momo
created 2025-08-22
RhinoBird2025-P2
lucifer-2025/TencentKona-17-lucifer:RhinoBird2025-P2
Edit
OverviewCommits
10
Files changed
6
Attachments
momo

Summary

Add optimized native EdDSA signature implementation using OpenSSL for Ed25519 and Ed448 curves.

Changes

  • Integrated native EdDSA support in SunEC provider with automatic fallback to Java implementation
  • Added comprehensive JNI implementation with thread-local caching and performance optimizations
  • Included JTREG test suite and JMH performance benchmarks

TencentKona-17 EdDSA Native实现优化设计方案详解

一、设计目标

核心目标: 为TencentKona-17 JDK的EdDSA算法实现基于OpenSSL的native加速,实现7x以上性能提升,同时保证功能正确性和向后兼容性。

设计原则:

  • 简单性优于复杂性: 避免过度优化,直接利用OpenSSL成熟的EdDSA实现
  • 性能最大化: 减少JNI调用开销,最小化内存拷贝
  • 兼容性保证: 完全兼容现有Java EdDSA API,支持回退机制

二、设计架构

image-20250822232332825

三、测试效果

JMH测试
纯Java实现
Benchmark                                              (algorithm)  (dataSize)  (provider)   Mode  Cnt     Score     Error  Units
  NativeEdDSASignatureBench.keyGen                           Ed25519         512              thrpt    5  2366.653 ±  26.064  ops/s
  NativeEdDSASignatureBench.keyGen                           Ed25519        1024              thrpt    5  2339.721 ±  58.585  ops/s
  NativeEdDSASignatureBench.keyGen                           Ed25519       16384              thrpt    5  2199.078 ± 617.381  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448         512              thrpt    5   651.676 ±  32.955  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448        1024              thrpt    5   644.769 ±  82.722  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448       16384              thrpt    5   650.092 ±  56.311  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519         512              thrpt    5  1124.606 ± 183.342  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519        1024              thrpt    5  1139.048 ±  44.932  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519       16384              thrpt    5  1037.205 ± 132.772  ops/s
  NativeEdDSASignatureBench.sign                               Ed448         512              thrpt    5   310.399 ±  51.187  ops/s
  NativeEdDSASignatureBench.sign                               Ed448        1024              thrpt    5   313.845 ±  36.349  ops/s
  NativeEdDSASignatureBench.sign                               Ed448       16384              thrpt    5   294.979 ±  18.212  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519         512              thrpt    5   564.006 ±  45.226  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519        1024              thrpt    5   568.529 ±  13.767  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519       16384              thrpt    5   526.242 ±  29.717  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448         512              thrpt    5   159.110 ±  23.181  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448        1024              thrpt    5   161.086 ±   5.003  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448       16384              thrpt    5   152.107 ±   7.510  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519         512              thrpt    5  1124.214 ± 132.426  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519        1024              thrpt    5  1131.503 ±  12.387  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519       16384              thrpt    5  1057.171 ±  15.031  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448         512              thrpt    5   316.390 ±  10.488  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448        1024              thrpt    5   316.527 ±   7.026  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448       16384              thrpt    5   296.940 ±   2.550  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519         512              thrpt    5  1134.414 ±  14.477  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519        1024              thrpt    5  1138.847 ±  70.285  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519       16384              thrpt    5  1041.025 ±  74.791  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448         512              thrpt    5   319.244 ±   1.735  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448        1024              thrpt    5   312.309 ±  19.572  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448       16384              thrpt    5   294.910 ±   9.561  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519         512              thrpt    5  1127.278 ±  28.788  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519        1024              thrpt    5  1123.146 ±  56.069  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519       16384              thrpt    5  1081.931 ±  24.951  ops/s
  NativeEdDSASignatureBench.verify                             Ed448         512              thrpt    5   326.780 ±   9.273  ops/s
  NativeEdDSASignatureBench.verify                             Ed448        1024              thrpt    5   326.892 ±   6.211  ops/s
  NativeEdDSASignatureBench.verify                             Ed448       16384              thrpt    5   314.539 ±  12.014  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519         512              thrpt    5  1115.430 ±  38.205  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519        1024              thrpt    5  1110.946 ±  74.127  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519       16384              thrpt    5  1075.284 ±  28.790  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448         512              thrpt    5   326.577 ±   7.150  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448        1024              thrpt    5   328.103 ±  11.803  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448       16384              thrpt    5   309.428 ±  20.038  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519         512              thrpt    5  1108.976 ±  19.609  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519        1024              thrpt    5  1134.389 ±  19.905  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519       16384              thrpt    5  1078.647 ±  12.796  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448         512              thrpt    5   326.314 ±   9.317  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448        1024              thrpt    5   327.355 ±  12.387  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448       16384              thrpt    5   307.366 ±  48.464  ops/s
JNI实现
Benchmark                                              (algorithm)  (dataSize)  (provider)   Mode  Cnt      Score      Error  Units
  NativeEdDSASignatureBench.keyGen                           Ed25519         512              thrpt    5   2349.347 ±   23.669  ops/s
  NativeEdDSASignatureBench.keyGen                           Ed25519        1024              thrpt    5   2378.193 ±   13.043  ops/s
  NativeEdDSASignatureBench.keyGen                           Ed25519       16384              thrpt    5   2264.703 ±  286.777  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448         512              thrpt    5    644.170 ±   51.191  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448        1024              thrpt    5    650.096 ±   94.608  ops/s
  NativeEdDSASignatureBench.keyGen                             Ed448       16384              thrpt    5    657.142 ±   40.935  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519         512              thrpt    5  12013.823 ±  688.078  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519        1024              thrpt    5  11850.446 ±  252.324  ops/s
  NativeEdDSASignatureBench.sign                             Ed25519       16384              thrpt    5   6735.039 ± 1344.607  ops/s
  NativeEdDSASignatureBench.sign                               Ed448         512              thrpt    5   1890.900 ±    5.417  ops/s
  NativeEdDSASignatureBench.sign                               Ed448        1024              thrpt    5   1849.208 ±   86.870  ops/s
  NativeEdDSASignatureBench.sign                               Ed448       16384              thrpt    5   1529.732 ±  322.903  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519         512              thrpt    5   3781.384 ±  145.292  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519        1024              thrpt    5   3778.496 ±  131.356  ops/s
  NativeEdDSASignatureBench.signAndVerify                    Ed25519       16384              thrpt    5   2812.167 ±  158.243  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448         512              thrpt    5   1063.258 ±  121.244  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448        1024              thrpt    5   1080.735 ±   26.523  ops/s
  NativeEdDSASignatureBench.signAndVerify                      Ed448       16384              thrpt    5    933.593 ±    9.634  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519         512              thrpt    5  11645.418 ± 2576.161  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519        1024              thrpt    5  11733.740 ±  525.808  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates          Ed25519       16384              thrpt    5   6802.267 ±  537.629  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448         512              thrpt    5   1878.443 ±  122.245  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448        1024              thrpt    5   1876.965 ±   20.982  ops/s
  NativeEdDSASignatureBench.signWithMultipleUpdates            Ed448       16384              thrpt    5   1563.313 ±   20.478  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519         512              thrpt    5  10653.855 ±  131.736  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519        1024              thrpt    5  11802.615 ±  515.330  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates        Ed25519       16384              thrpt    5   6813.056 ±  568.741  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448         512              thrpt    5   1844.659 ±   13.926  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448        1024              thrpt    5   1871.447 ±   30.300  ops/s
  NativeEdDSASignatureBench.signWithSingleByteUpdates          Ed448       16384              thrpt    5   1556.364 ±   40.982  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519         512              thrpt    5   5613.807 ±  182.101  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519        1024              thrpt    5   5508.228 ±  682.660  ops/s
  NativeEdDSASignatureBench.verify                           Ed25519       16384              thrpt    5   4722.247 ±   35.577  ops/s
  NativeEdDSASignatureBench.verify                             Ed448         512              thrpt    5   2589.701 ±   47.187  ops/s
  NativeEdDSASignatureBench.verify                             Ed448        1024              thrpt    5   2557.778 ±  125.372  ops/s
  NativeEdDSASignatureBench.verify                             Ed448       16384              thrpt    5   2222.187 ±  228.894  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519         512              thrpt    5   5523.671 ±  301.797  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519        1024              thrpt    5   5486.459 ±  326.011  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates        Ed25519       16384              thrpt    5   4627.344 ±  297.762  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448         512              thrpt    5   2579.379 ±   51.434  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448        1024              thrpt    5   2559.175 ±   69.046  ops/s
  NativeEdDSASignatureBench.verifyWithMultipleUpdates          Ed448       16384              thrpt    5   2235.297 ±  296.035  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519         512              thrpt    5   5258.355 ±  169.193  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519        1024              thrpt    5   5574.862 ±   58.313  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates      Ed25519       16384              thrpt    5   4599.999 ±  176.861  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448         512              thrpt    5   2545.485 ±   62.504  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448        1024              thrpt    5   2528.947 ±  296.071  ops/s
  NativeEdDSASignatureBench.verifyWithSingleByteUpdates        Ed448       16384              thrpt    5   2191.998 ±  489.778  ops/s

关键性能对比:

签名 (sign) 操作:

算法/数据大小纯Java (ops/s)JNI实现 (ops/s)性能提升
Ed25519/5121,124.60612,013.82310.7x
Ed25519/10241,139.04811,850.44610.4x
Ed448/512310.3991,890.9006.1x
Ed448/1024313.8451,849.2085.9x

验证 (verify) 操作:

算法/数据大小纯Java (ops/s)JNI实现 (ops/s)性能提升
Ed25519/5121,127.2785,613.8075.0x
Ed25519/10241,123.1465,508.2284.9x
Ed448/512326.7802,589.7017.9x
Ed448/1024326.8922,557.7787.8x

签名+验证 (signAndVerify):

算法/数据大小纯Java (ops/s)JNI实现 (ops/s)性能提升
Ed25519/512564.0063,781.3846.7x
Ed448/512159.1101,063.2586.7x
GC效果
Native版本

image-20250822235712548

JNI实现版本

image-20250822235606735

EdDSA签名性能 + GC对比 (Ed25519/512字节)

签名操作 (sign)

实现性能 (ops/s)内存分配 (B/op)GC时间 (ms)性能提升
Native12,175.5721,385.2452.000基准
Java1,149.77815,232.2612.00010.6x ⚡

验证操作 (verify)

实现性能 (ops/s)内存分配 (B/op)GC时间 (ms)性能提升
Native5,478.64921,719.00515.000基准
Java1,116.30858,442.3598.0004.9x

内存效率 (每操作分配):

  • 签名: Native版本内存分配减少 91% (1.4KB vs 15.2KB)
  • 验证: Native版本内存分配减少 63% (21.7KB vs 58.4KB)

GC暂停时间分析:

  • 所有GC暂停都在 1-5ms 范围内
  • 远低于10ms目标
  • Native实现确实减少了GC压力

总结效果

采用简化设计,直接调用OpenSSL EVP API实现EdDSA加速。测试结果显示Ed25519签名性能从1,124
ops/s提升至12,013 ops/s(10.7x),Ed448验证从326 ops/s提升至2,589 ops/s(7.9x),达到了预期的7x性能目标。实现保持了完整的Java
API兼容性,支持native/Java自动切换。

Closes #28

momo
changed title
feat: Add optimized native EdDSA implementation using OpenSSL
Native EdDSA signature
momo
pushedb092bdf9
View details
momo
pushed179f720c
View details
jiangsha
reviewed
src/jdk.crypto.ec/share/classes/sun/security/ec/NativeEdDSASignature.java
jiangsha

应该不需要一个新的EdDSASignature实现。
修改原来的ed包下面的EdDSASignature类就可以了。

momo

已删除多余的EdDSASignature实现

jiangsha
reviewed
src/jdk.crypto.ec/share/classes/sun/security/ec/SunEC.java
jiangsha

为什么要作此修改?

momo

当时是为了查看实现类型,通过Provider.getService().getAttribute("ImplementedIn")查看实际使用的实现类型;对于实现来说是非必要的,现在已回退到之前。

jiangsha
reviewed
src/jdk.crypto.ec/share/classes/sun/security/ec/ed/EdDSASignature.java
jiangsha

不要做此设计。
如果Native实现失败,就应该抛出异常。让用户尽早感知到这个问题。

momo

好嘞,已修改,现在设计为出错向上抛出

jiangsha
reviewed
test/jdk/sun/security/ec/ed/NativeEdDSASignature.java
jiangsha

不能写死openssl libcrypto的路径。
请参考test/jdk/sun/security/ec/native/NativeECDSASignatureTest.java

jiangsha
reviewed
test/micro/org/openjdk/bench/javax/crypto/full/NativeEdDSASignatureBench.java
jiangsha

不需要测试EdDSAKeyPairGenerator

momo

好嘞,新的提交已经移除

momo
pushed16fb9279
View details
momo
pushed09ba53ac
View details
momo
pushedacc6b31a
View details
momo
pushed3525042e
View details
jiangsha
administrator

任务二已经结束,专注于任务三即可。

jiangsha
closed the pull request
No conflicts between the source branch and the target branch
Reviewer
johnjiang
(jiangsha)
Assignee
None yet
Label
None yet
Participant
© 2026 Tencent, Inc. Supported by Tencent Cloud
About Us
Privacy Policy
Terms of Service
SLA
API
Docs
Showcase
Feedback
35/F,Tencent Building,Kejizhongyi Avenue,Nanshan District,Shenzhen
京ICP备11018762号-111
粤公网安备44030002006058号粤公网安备44030002006058号