tls: optimize root cert handling during startup, store as DER

[bnoordhuis]

The root certificates are currently baked into the binary as PEM - basically base64-encoded binary data.

On startup, node dutifully turns each of the ~140 certifcates into a X509 instance with PEM_read_bio_X509(), which decodes the PEM to DER before passing it to d2i_X509().

You can see where this is going: it's a lot more efficient to store the certificates as DER and pass them to d2i_X509() directly.

One caveat: tls.rootCertificates is documented to be an array of PEM strings. Can be fixed by turning the DER objects into PEM in GetRootCertificates() in src/crypto/crypto_context.cc.

[krk]

Performance looks like related to openssl/openssl#19119

[joyeecheung]

Cross referencing conversations in #56843 - I was looking into it since we are now appending root certificates from system store under --use-system-ca, so it's even weirder that we convert them into PEM to append them, only to deserialize later.

@joyeecheung

By the way I wonder what we think about migrating away from tools/mk-ca-bundle.pl, I am thinking about updating it to output the certificate data in octal literals in #56832 to skip the unnecessary serdes cost, but then if we are changing it substantially, we might as well just rewrite it in JavaScript instead of invoking a Perl script from JavaScript (and the Perl script already has some modifications from our side, like omitting TrustCor CAs)

@richardlau

I think if we're not planning to resync to upstream curl's version of the tool at any point in the future (I think it was tried once and abandoned) then rewriting in something other than Perl would be a plus.

Maybe this discussion should be an issue to itself. FWIW https://blog.mozilla.org/security/2021/05/10/beware-of-applications-misusing-root-stores/ recommends https://www.ccadb.org/resources rather than parsing certdata.txt.