We ran into the same issue (part of our system is to verify the X509 certificate and digest information on signed Xml documents). When performance testing our system we found that the biggest bottleneck was the RSACryptoServiceProvider constructor (for the precise reason you mention - it creates a new key pair).
Our solution was to create a RSACryptoServiceProvider dispenser that is backed by a synchronised queue. All requests for RSACrytpoServiceProvider objects are made from this dispenser (i.e. no-one besides the dispenser creates RSACrytpoServiceProvider objects). The basic pattern is as follows: - Ask dispenser for RSACryptoServiceProvider object. - Dispenser attempts to dequeue RSACryptoServiceProvider object from synchronised queue. - If dequeue fails (.Dequeue will throw InvalidOperationException) create a new RSACrytpoServiceProvider object and return. - Else return dequeued RSACryptoServiceProvider object. When the RSACryptoServiceProvider object is no longer needed (all objects that use it implement IDisposable) the RSACryptoServiceProvider object is returned to the dispenser. Internally the dispenser then enqueues the RSACryptoServiceProvider object back onto the synchronised queue. Once the queue has stabilised (there are enough RSACryptoServiceProvider objects around to satisfy the demand) we realised a 150 to 300% increase in performance when verifying signatures. Last I heard was that the RSACryptoServiceProvider constructor would be fixed in Whidbey. Cheers, Stefan Stefan Delmarco -----Original Message----- From: Moderated discussion of advanced .NET topics. [mailto:[EMAIL PROTECTED] On Behalf Of Andreas Köpf Sent: 30 November 2003 16:43 To: [EMAIL PROTECTED] Subject: [ADVANCED-DOTNET] RSACryptoServiceProvider efficiently import a key... Hi all, I would like to create and initialize a RSACryptoServiceProvider with a pre-defined key-pair. But I would like to avoid the step of creating a new key-pair each time when I call the RSA-Ctor. Currently I do the following: RSAParameters lk_KeyParams = new RSAParameters(); // (...) Read PubKey Internal and set RSAParameters.... RSACryptoServiceProvider lk_RSA = new RSACryptoServiceProvider(384); // smallest accepted key-length is 384 bits lk_RSA.ImportParameters(lk_KeyParams); But I wonder whether there is no more efficient way of doing this. In my opinion a static member function or a constructor is missing that takes a RSAParameters object and creates an RSA instance from it. I do not like the idea of wasting the resources for creating a new key-pair each time just to overwrite it a microsecond later... Currently the only way I see is to store one key in the Machine-Key Store that I can specify with an CspParameters object each time during creation before setting the actual key... Does anybody have a better idea? /ak =================================== This list is hosted by DevelopMentor® http://www.develop.com Some .NET courses you may be interested in: Guerrilla ASP.NET, 26 Jan 2004, in Los Angeles http://www.develop.com/courses/gaspdotnetls Guerrilla .NET, 8 Dec 2003, in Los Angeles http://www.develop.com/courses/gdotnet View archives and manage your subscription(s) at http://discuss.develop.com =================================== This list is hosted by DevelopMentor® http://www.develop.com Some .NET courses you may be interested in: Guerrilla ASP.NET, 26 Jan 2004, in Los Angeles http://www.develop.com/courses/gaspdotnetls Guerrilla .NET, 8 Dec 2003, in Los Angeles http://www.develop.com/courses/gdotnet View archives and manage your subscription(s) at http://discuss.develop.com
