Improve allocations in NegotiateStreamPal

[filipnavara]

This reduces allocations during NTLM/Negotiate authentication by reusing an existing buffer. It saves about 3Kb of allocated memory for a typical NTLM authentication exchange on Windows.

It also converts a couple of the internals to use Span/Memory. This would be a prerequisite for offering public API for encryption/decryption on NegotiateAuthentication class. As a side effect, it removes a big chunk of cumbersome interop marshaling on Windows.

[ghost]

Tagging subscribers to this area: @dotnet/ncl, @vcsjones
See info in area-owners.md if you want to be subscribed.

Issue Details

---

This reduces allocations during NTLM/Negotiate authentication by reusing an existing buffer. It saves about 3Kb of allocated memory for a typical NTLM authentication exchange.

It also converts a couple of the internals to use Span/Memory. This would be a prerequisite for offering public API for encryption/decryption on NegotiateAuthentication class. As a side effect, it removes a big chunk of cumbersome interop marshaling on Windows.

Author:	filipnavara
Assignees:	-
Labels:	area-System.Net.Security
Milestone:	-

[filipnavara]

While refactoring the code I found a couple of bugs that I plan to fix in subsequent PRs:

• Negotiate authentication on SMTP only works by happy coincidence, the last token in authentication is not processed correctly
• Incorrect error code is used on the wire for NegotiateStream to indicate denied login. This happened during conversion to support multiple platforms
• Some of the code in NegotiateStream is reading numbers using BitConverter which would produce incorrect results on big-endian machines

[wfurt]

Do we need offset any more? It feels like if we pass pointer we can just do count.

[filipnavara]

We don't. Unfortunately, dotnet/sqlclient uses the native APIs, so I didn't feel confident in changing it. I am quite sure they don't use this particular API though.

[MichalPetryka]

Wouldn't the pointer change by itself be breaking for them?

[filipnavara]

It doesn't change the native code side, the prototype remains unchanged there. They basically copied the managed side of the interop. (We cannot change the signature, add parameters, remove parameters, or change their types. We can change how they are marshalled on the C# side though.)

[wfurt]

cc: @JRahnama just in case.

[filipnavara]

I cross-checked with the SqlClient source and this particular native method is not referenced so we can remove the offset parameter. I will do that in a follow-up PR (#71373) since I need to update the native interop there anyway.

[wfurt]

nice. Thanks @filipnavara