[Mono-bugs] [Bug 55445][Wis] Changed - RSACryptoServiceProvider.ExportParameters method takes 35 seconds
Wed, 10 Mar 2004 19:51:31 -0500 (EST)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by email@example.com.
--- shadow/55445 2004-03-10 18:52:40.000000000 -0500
+++ shadow/55445.tmp.25960 2004-03-10 19:51:31.000000000 -0500
@@ -1,14 +1,14 @@
Product: Mono: Runtime
OS: SUSE 9.0
@@ -77,6 +77,59 @@
All of the time.
Running on a build of mono that is about a week old.
+------- Additional Comments From firstname.lastname@example.org 2004-03-10 19:51 -------
+This seems (only) a bit long but, I'm sorry to report, normal :-(
+Mono use a totally managed implementation for RSA (and DSA, DH ...).
+This has many advantages (http://pages.infinit.net/ctech/20040309-
+1036.html) but also some inconvenient – mostly performance. Creating
+a new key pair is a very CPU heavy process so every processor cycle
+counts. Using a high level language like C# on top of a JIT, even as
+good as Mono, can hardly compare to hand-tuned assembly language
+often found for doing the job (or at least "key" part of the job).
+The result is that it can take much more time to generate similar
+sized key pairs in managed code.
+"POTENTIAL" GOOD NEWS
+However it may not be "as bad" as it seems in the sample...
+Unlike MS implementation Mono doesn't generate a new key pair in its
+constructor (when no CspParameter object is specified as a
+parameter). This is because it's a common (and bad) pattern to
+create a RSACryptoServiceProvider object then immediately import an
+existing public key (or key pair) into it. Sadly I've seen this in
+too many samples on the Internet and this simply kills performance
+on the Windows platform (in particular for server applications).
+In order to avoid this pattern Mono doesn’t generate a new key pair
+until it is actually required. This is nice most of the time but
+this also means that, in the case a new key pair is really needed,
+the delay required generating a new key pair moves until later in an
+application process (when the UI may not expect this).
+But this also means that calling again a method requiring either the
+public or private key will be much faster because it doesn’t require
+generating (again) a new key pair (see sample). So this is "only" a
+one time hit... Hopefully most implementation do not require
+creating new key pairs very frequently as opposed to
+signing/verifying or encrypting/decrypting.
+// wow this is really fast !
+RSACryptoServiceProvider rsa = new RSACryptoServiceProvider (16384);
+// hey what’s going on ??? ... for about 24 hours ...
+string keypair = rsa.ToXmlString (true);
+// we seems awake now!
+string backup = rsa.ToXmlString (true);
+Another good news is that most optimization made to the JIT will
+results in improvement in the key generation performance. So it will
+keep going faster without changing the code ;-)