SignedXml.CheckSignature very slow!

Thread view:

Enable EMail Alerts

Start New Thread

Thread rating:

Ulrich Proeller - 23 Feb 2008 15:23 GMT

When trying to verify the signature of a SignedXml object, the call to
SignedXml.CheckSignature(rsaKey) takes up to 20 seconds. Obviously this
happens only, if the machine on which the code is running is member of a
windows domain.
I tried to debug into the .NET Framework code and found, that the delay
happens in X509Utils._GetOidFromFriendlyName(name).
There is an issue reported in KB948080 which describes the reported
behavior. In the article, it is recommended to use
RSACryptoProvider.VerifyHash() instead of RSACryptoProvider.VerifyData().
How can I accomplish that when using a SignedXml object?

Thanks in advance for any idea!

Reply to this Message

Jeroen Mostert - 24 Feb 2008 00:45 GMT

> When trying to verify the signature of a SignedXml object, the call to
> SignedXml.CheckSignature(rsaKey) takes up to 20 seconds. Obviously this
[quoted text clipped - 6 lines]
> RSACryptoProvider.VerifyHash() instead of RSACryptoProvider.VerifyData().
> How can I accomplish that when using a SignedXml object?

Well, obviously you can't modify the implementation of SignedXml, but it
should be possible to avoid the call to X509Utils._GetOidFromFriendlyName().
This call is coming from CryptoConfig.MapNameToOID(), which, I'm guessing
(but if you could provide a stack trace, please be so kind), is called from
X509Utils.OidToAlgId(), which in turn is called from
RSAPKCS1SignatureDeformatter.VerifySignature() <-
SignedXml.CheckSignedInfo() <- SignedXml.CheckSignature().

There's a bug in how X509Utils.OidToAlgId() and CryptoConfig.MapNameToOID()
interact. CryptoConfig.MapNameToOID() uses two lookup tables, the default
lookup table and the machine lookup table, to match friendly names to OIDs.
The machine table is normally empty, and the default lookup table contains
mappings from all standard .NET algorithm names to OIDs. If both lookups
fail, .MapNameToOID() issues a domain query to resolve the name.

Now, X509Utils.OidToAlgId() calls CryptoConfig.MapNameToOID() with an *OID*
rather than a name, but the latter doesn't know how to handle OIDs. The
default lookup table doesn't contain any OIDs, it contains names. You don't
need a lookup call to match an OID to an OID, after all! Therefore, *any*
call to X509Utils.OidToAlgId() using an OID will invoke a domain query,
hence the slowdown.

That's the long and boring explanation, now on to the solution. The machine
lookup table is editable. If you add "mappings" from OIDs to OIDs, the
slowdown should disappear. The relevant section is in the machine.config of
the framework directory.

The following should do the trick for all framework-implemented hash
algorithms (it does not include third-party ones):

<configuration>
<mscorlib>
<cryptographySettings>
<oidMap>

<oidEntry OID="1.2.840.113549.2.5" name="1.2.840.113549.2.5"/>

<oidEntry OID="1.3.36.3.2.1" name="1.3.36.3.2.1"/> 

<oidEntry OID="1.3.14.3.2.26" name="1.3.14.3.2.26"/> 
<oidEntry OID="2.16.840.1.101.3.4.2.1"
name="2.16.840.1.101.3.4.2.1"/> 
<oidEntry OID="2.16.840.1.101.3.4.2.2"
name="2.16.840.1.101.3.4.2.2"/> 
<oidEntry OID="2.16.840.1.101.3.4.2.3"
name="2.16.840.1.101.3.4.2.3"/> 
</oidMap>
</cryptographySettings>
</mscorlib>
</configuration>

If this turns out to be of any help to you, please let us know; I'd be
interested in the results -- in particular if I'm right, because I haven't
tested any of this, but also if this just set you on the right track.

Signature

Reply to this Message

Ulrich Proeller - 24 Feb 2008 09:31 GMT

Hello Jeroen,

your guess concerning the callstack is right and the proposed entries in the
machine.config fixed the problem on my machine.
Thank you very much!
This code is running when our application is trying to validate its license
file. Naturally, no one who bought the product want to be punished with a 20
seconds extra wait time. So is it harmless that the installer of the
application enters this entries in the machine.config file of all of our
customers?

Kind regards

Ulrich

Reply to this Message

Jeroen Mostert - 24 Feb 2008 11:28 GMT

> your guess concerning the callstack is right and the proposed entries in the
> machine.config fixed the problem on my machine.
> Thank you very much!

Great! You can thank Lutz Roeder and his Reflector for this too. And the
fact that I'm too lazy to use a debugger. :-)

> This code is running when our application is trying to validate its license
> file. Naturally, no one who bought the product want to be punished with a 20
> seconds extra wait time. So is it harmless that the installer of the
> application enters this entries in the machine.config file of all of our
> customers?

I would say yes. Although these entries will obviously affect every
application using the crypto functions, literally the worst thing that can
happen is that none of them suffer slowdowns while looking up OIDs. There is
no legitimate reason for applications to add alternate OID mappings that
don't match yours, so application compatibility shouldn't be affected either.

You *do* have to take care not to add these entries more than once, since
this could have unexpected side-effects (I haven't checked whether it does
nothing or causes a runtime error, but it's best not to count on this
behavior anyway). Make sure to have your installer check that you do not add
a mapping whose name already exists.

Finally, it's possible that Microsoft will one day bring out a patch for
this problem itself that will not cooperate nicely with these extra entries,
and if that happens your application might break. I suggest reporting this
problem (and your fix) to Microsoft Support as well, to lessen the chances
of this.

Signature

Reply to this Message

Ulrich Proeller - 06 Mar 2008 14:43 GMT

Thank you very much! This anwered all my questions.

Ulrich

Reply to this Message

Rate this thread:

SignedXml.CheckSignature very slow!

Free Magazines