You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The long test times in #112 are most likely due to PBES* tests. The recent release updated the default cycle count from 100k to 600k. This results in a roughly 4x increase in test runtime (~100s to 400s locally). When trying to locally develop a patch for the problematic algorithm runtime I believe I have found the root cause:
I believe if this is fixed, or PBES is not supported for opaque, and the tests are updated to set a much lower cycle count the entire test suite will complete in seconds instead of minutes. Local testing showed that of the ~400 seconds about 380 seconds were spent doing PBES iterations when permuted across all of the other encryption options etc...
It can be seen that this is done for the other much faster roundtrip JWE tests (2.5s locally):
The long test times in #112 are most likely due to PBES* tests. The recent release updated the default cycle count from 100k to 600k. This results in a roughly 4x increase in test runtime (~100s to 400s locally). When trying to locally develop a patch for the problematic algorithm runtime I believe I have found the root cause:
go-jose/shared.go
Lines 93 to 95 in aabe78e
The Opaque signer does not appear to respect PBES2Count & PBES2Salt from the Recipient structure:
go-jose/crypter.go
Lines 136 to 137 in aabe78e
I believe if this is fixed, or PBES is not supported for opaque, and the tests are updated to set a much lower cycle count the entire test suite will complete in seconds instead of minutes. Local testing showed that of the ~400 seconds about 380 seconds were spent doing PBES iterations when permuted across all of the other encryption options etc...
It can be seen that this is done for the other much faster roundtrip JWE tests (2.5s locally):
go-jose/crypter_test.go
Line 96 in aabe78e
The text was updated successfully, but these errors were encountered: