Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cleanup a few more allocations in X.509 #69831

Merged
merged 1 commit into from
May 27, 2022
Merged

Cleanup a few more allocations in X.509 #69831

merged 1 commit into from
May 27, 2022

Conversation

vcsjones
Copy link
Member

A few more small allocations that can be avoided, and a little bit of formatting cleanup in X509Certificate2.

@ghost ghost assigned vcsjones May 25, 2022
@ghost
Copy link

ghost commented May 25, 2022

Tagging subscribers to this area: @dotnet/area-system-security, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

A few more small allocations that can be avoided, and a little bit of formatting cleanup in X509Certificate2.

Author: vcsjones
Assignees: -
Labels:

area-System.Security
Milestone: -

vcsjones
vcsjones commented May 25, 2022
View reviewed changes
....Security.Cryptography/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs
if (publicKey == null)
{
string keyAlgorithmOid = GetKeyAlgorithm();
byte[] parameters = GetKeyAlgorithmParameters();
byte[] keyValue = GetPublicKey();
byte[] parameters = Pal.KeyAlgorithmParameters;
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The public APIs GetKeyAlgorithmParameters and GetPublicKey create defensive copies, then we were feeding them in to AsnEncodedData, which again created defensive copies. If we go to the PAL directly for the bytes we can avoid the first defensive copy.

...em.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/ChainPal.Apple.cs
@@ -118,7 +118,7 @@ public void Dispose()

private SafeCreateHandle PreparePoliciesArray(bool checkRevocation)
{
IntPtr[] policies = new IntPtr[checkRevocation ? 2 : 1];
Span<IntPtr> policies = checkRevocation ? stackalloc IntPtr[2] : stackalloc IntPtr[1];
Copy link
Member Author

@vcsjones vcsjones May 25, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's okay to put stack data in to CFArrayCreate as long as the items themselves are not from the stack. It creates a CoreFoundation array from the contents of the stack, it doesn't try to take ownership of the stack data.

We're also doing this in SafeDeleteSslContext as well.

runtime/src/libraries/System.Net.Security/src/System/Net/Security/Pal.OSX/SafeDeleteSslContext.cs

Lines 120 to 122 in cde8b0b

Span<IntPtr> handles = certList.Count <= 256
? stackalloc IntPtr[256]
: new IntPtr[certList.Count];

@bartonjs bartonjs merged commit 7f7c6a2 into dotnet:main May 27, 2022
@vcsjones vcsjones deleted the small-alloc-fix branch May 27, 2022 16:08
@ghost ghost locked as resolved and limited conversation to collaborators Jun 26, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bartonjs bartonjs bartonjs approved these changes

Assignees

@vcsjones vcsjones

Labels
area-System.Security
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@vcsjones @bartonjs