Skip to content

Add DefaultMutualHandshakeContext* benchmarks #4277

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
LoopedBard3 merged 3 commits into from
Jul 15, 2024
Merged

Add DefaultMutualHandshakeContext* benchmarks #4277

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b126078
Add DefaultMutualHandshakeContext* benchmarks
rzikm Jun 19, 2024
402ae0c
Cleanup
rzikm Jun 19, 2024
e064550
Merge branch 'dotnet:main' into defaultmutualcontext
rzikm Jul 15, 2024
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 12 additions & 5 deletions src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.Context.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.

using System;
using System.IO;
using System.IO.Pipes;
using System.Net.Security;
Expand All @@ -29,26 +28,34 @@ public partial class SslStreamTests
[BenchmarkCategory(Categories.NoAOT)]
public Task DefaultHandshakeContextIPv6Async() => DefaultContextHandshake(_clientIPv6, _serverIPv6);

private async Task DefaultContextHandshake(Stream client, Stream server)
[Benchmark]
[BenchmarkCategory(Categories.NoAOT)]
public Task DefaultMutualHandshakeContextIPv4Async() => DefaultContextHandshake(_clientIPv4, _serverIPv4, true);

[Benchmark]
[BenchmarkCategory(Categories.NoAOT)]
public Task DefaultMutualHandshakeContextIPv6Async() => DefaultContextHandshake(_clientIPv6, _serverIPv6, true);

private async Task DefaultContextHandshake(Stream client, Stream server, bool requireClientCert = false)
{
if (_context == null)
{
_context = SslStreamCertificateContext.Create(_cert, null);
}

SslServerAuthenticationOptions serverOptions = new SslServerAuthenticationOptions
{
AllowRenegotiation = false,
EnabledSslProtocols = SslProtocols.None,
CertificateRevocationCheckMode = X509RevocationMode.NoCheck,
ServerCertificateContext = _context,
ServerCertificateContext = _context,
};

using (var sslClient = new SslStream(client, leaveInnerStreamOpen: true, delegate { return true; }))
using (var sslServer = new SslStream(server, leaveInnerStreamOpen: true, delegate { return true; }))
{
await Task.WhenAll(
sslClient.AuthenticateAsClientAsync("localhost", null, SslProtocols.None, checkCertificateRevocation: false),
sslClient.AuthenticateAsClientAsync("localhost", requireClientCert ? new X509CertificateCollection() { _clientCert } : null, SslProtocols.None, checkCertificateRevocation: false),
Copy link
Member

@adamsitnik adamsitnik Jul 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just for my education: Why do you want to create a new instance of X509CertificateCollection every time the benchmark is called? Does this reflect typical real-life scenario?
Copy link
Member Author

@rzikm rzikm Jul 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to mirror what we do in non-context benchmarks for SslStream.

performance/src/benchmarks/micro/libraries/System.Net.Security/SslStreamTests.cs

Line 130 in b69d1bd

ClientCertificates = requireClientCert ? new X509CertificateCollection() { _clientCert } : null,

Typical real-world scenarios would probably always use the overload accepting Ssl(Client|Server)AuthenticationOptions and reuse a single instance of it for multiple connections, or always create new instance entirely from scratch (as we do in linked source code).
sslServer.AuthenticateAsServerAsync(serverOptions, default));

// In Tls1.3 part of handshake happens with data exchange.
Expand Down