Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve OidLookup.ToOid perf, in particular for X509Certificate2.Extensions #46819

Merged
merged 2 commits into from
Jan 11, 2021
Merged

Improve OidLookup.ToOid perf, in particular for X509Certificate2.Extensions #46819

merged 2 commits into from
Jan 11, 2021

Conversation

stephentoub
Copy link
Member

See commit descriptions.

This halves the time it takes to execute CertificateManager.Instance.EnsureAspNetCoreHttpsDevelopmentCertificate (https://github.com/dotnet/aspnetcore/blob/b3aa128ae4d124701f7bb2c636f20c057eb3aa46/src/Shared/CertificateGeneration/CertificateManager.cs#L166) when there's already a certificate installed.

cc: @bartonjs, @brianrob, @DamianEdwards

Contributes to #44598

@stephentoub
Avoid OidLookup.ToOid call per extension in X509Certificate2.Extensions
a335994 
`X509Certificate2.Extensions` invokes `CertificatePal.Extensions`, which in turn creates the extensions collection, invoking `new Oid(string)` for each.  This in turn calls `OidLookup.ToOid` in order to gather the friendly name, even though in many situations, no one actually cares about the friendly name.  We can instead call `new Oid(string, null)`, which makes the friendly name lazily initialized on first use, saving the `OidLookup.ToOid` call when it's not needed, and significantly reducing the time to call Extensions (in particular when the predefined OID lookup tables don't contain the OID for an extension and when it can't be found on lookup).
@stephentoub
Allow OidLookup.ToOid to cache failure
5596cf6 
ToOid has a cache, but it only caches successful results.  If ToOid fails to find the relevant OID, nothing is cached, which makes the failure path very expensive, as every ToOid call for that OID takes the slow path.  This lets it be cached.
@stephentoub stephentoub added this to the 6.0.0 milestone Jan 11, 2021
@ghost
Copy link

ghost commented Jan 11, 2021

Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq
See info in area-owners.md if you want to be subscribed.

Issue Details

See commit descriptions.

This halves the time it takes to execute CertificateManager.Instance.EnsureAspNetCoreHttpsDevelopmentCertificate (https://github.com/dotnet/aspnetcore/blob/b3aa128ae4d124701f7bb2c636f20c057eb3aa46/src/Shared/CertificateGeneration/CertificateManager.cs#L166) when there's already a certificate installed.

cc: @bartonjs, @brianrob, @DamianEdwards

Contributes to #44598

Author: stephentoub
Assignees: -
Labels:

area-System.Security
Milestone: 6.0.0

@stephentoub stephentoub added the tenet-performance Performance related issue label Jan 11, 2021
@stephentoub stephentoub merged commit 323e7a3 into dotnet:master Jan 11, 2021
@stephentoub stephentoub deleted the oidperf branch January 11, 2021 21:00
@stephentoub stephentoub mentioned this pull request Jan 23, 2021
Closed
36 tasks
@ghost ghost locked as resolved and limited conversation to collaborators Feb 10, 2021
@stephentoub stephentoub changed the title Improve OidLookup.ToLookup perf, in particular for X509Certificate2.Extensions Improve OidLookup.ToOid perf, in particular for X509Certificate2.Extensions Aug 3, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bartonjs bartonjs bartonjs approved these changes

Assignees
No one assigned
Labels
area-System.Security tenet-performance Performance related issue
Projects
None yet
Milestone
6.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@stephentoub @bartonjs @Dotnet-GitSync-Bot