Add well-known OIDs to System.Formats.Asn1 #75485
Conversation
This adds most of the OIDs that are read or written during the execution of any of the crypto tests or SslStream tests as a well-known pattern of bytes and a pre-allocated/ const/interned string. Reading a well-known OID drops from ~300ns to ~60ns and saves on allocating the output string, and possibly an `int[]` in BigInteger for large-RID OIDs, while increasing the cost for a less well-known OID by about 40ns. Writing a well-known OID drops from ~1000ms to ~90ms, and increases the cost for a less well-known OID by only about 10ms. For purposes of this initial list, an oid was well-known if (more or less): * It was the output of ReadObjectIdentifier more than twice, and * It was not a facetious/test value (e.g. 0.0), and * It was not a vendor-specific Certificate Practices Statement; or * It was an obviously linked OID potentially skewed out by our test data * e.g. EcdsaWithSha512 would be automatically included by closeness to EcdsaWithSha256.
bartonjs
added
tenet-performance
|
Tagging subscribers to this area: @dotnet/area-system-formats-asn1, @vcsjones Issue DetailsThis adds most of the OIDs that are read or written during the execution of any of the crypto tests or SslStream tests as a well-known pattern of bytes and a pre-allocated/ const/interned string. Reading a well-known OID drops from ~300ns to ~60ns and saves on allocating the output string, and possibly an Writing a well-known OID drops from ~1000ms to ~90ms, and increases the cost for a less well-known OID by only about 10ms. For purposes of this initial list, an oid was well-known if (more or less):
|
|
Low-level benchmarks:
Higher-level operations (measured on Linux/Ubuntu 18.04; 38% drop in allocations for reading a PFX):
|
| { | ||
| return contents switch | ||
| { | ||
| [ 0x2A, 0x86, 0x48, 0xCE, 0x38, 0x04, 0x01, ] => "1.2.840.10040.4.1", |
There was a problem hiding this comment.
I wrote a program to generate this file, so one can generally trust that the name/dotted-decimal/encoded-contents are the same in all three places. It didn't seem like we'd be changing it enough often enough to need to check it in... adding one OID at a time is easy to verify.
(string Oid, string Name, byte[]? Encoded)[] data =
{
("1.2.840.10040.4.1", "DSA", null),
("1.2.840.10040.4.3", "DSAWithSha1", null),
("1.2.840.10045.2.1", "EC", null),
...(the nulls got updated by calling WriteObjectIdentifier and saving the contents slice)
Is that the right unit? Writing an OID went from a whole second to 90ms? |
src/libraries/System.Formats.Asn1/src/System/Formats/Asn1/AsnDecoder.Oid.cs
Outdated
Show resolved
Hide resolved
| } | ||
| #endif | ||
|
|
||
| string ret = ReadObjectIdentifier(contents); |
There was a problem hiding this comment.
Probably as a follow up, but since most dotted-decimal OIDs fit in a stackalloc char[256], maybe this path could use ValueStringBuilder instead of StringBuilder.
No, per the table I meant |
This adds most of the OIDs that are read or written during the execution of any of the crypto tests or SslStream tests as a well-known pattern of bytes and a pre-allocated/ const/interned string.
Reading a well-known OID drops from ~300ns to ~60ns and saves on allocating the output string, and possibly an
int[]in BigInteger for large-RID OIDs, while increasing the cost for a less well-known OID by about 40ns.Writing a well-known OID drops from ~1200ns to ~90ns, and increases the cost for a less well-known OID by only about 10ns.
For purposes of this initial list, an oid was well-known if (more or less):