node/benchmark/crypto/webcrypto-verify.js at e11737be9587b263b331c16661cc8a2371ec09f5 · nodejs/node · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
'use strict';

const common = require('../common.js');
const { hasOpenSSL } = require('../../test/common/crypto.js');
const { subtle } = globalThis.crypto;

const kAlgorithms = {
  'ec': { name: 'ECDSA', namedCurve: 'P-256' },
  'rsassa-pkcs1-v1_5': {
    name: 'RSASSA-PKCS1-v1_5',
    modulusLength: 2048,
    publicExponent: new Uint8Array([1, 0, 1]),
    hash: 'SHA-256',
  },
  'rsa-pss': {
    name: 'RSA-PSS',
    modulusLength: 2048,
    publicExponent: new Uint8Array([1, 0, 1]),
    hash: 'SHA-256',
  },
  'ed25519': { name: 'Ed25519' },
};

if (hasOpenSSL(3, 5)) {
  kAlgorithms['ml-dsa-44'] = { name: 'ML-DSA-44' };
}

const kSignParams = {
  'ec': { name: 'ECDSA', hash: 'SHA-256' },
  'rsassa-pkcs1-v1_5': { name: 'RSASSA-PKCS1-v1_5' },
  'rsa-pss': { name: 'RSA-PSS', saltLength: 32 },
  'ed25519': { name: 'Ed25519' },
  'ml-dsa-44': { name: 'ML-DSA-44' },
};

const data = globalThis.crypto.getRandomValues(new Uint8Array(256));

let publicKeys;
let signature;

const bench = common.createBenchmark(main, {
  keyType: Object.keys(kAlgorithms),
  mode: ['serial', 'parallel'],
  keyReuse: ['shared', 'unique'],
  n: [1e3],
}, {
  combinationFilter(p) {
    // Unique only differs from shared when operations overlap (parallel);
    // sequential calls have no contention so unique+serial adds no value.
    if (p.keyReuse === 'unique') return p.mode === 'parallel';
    return true;
  },
});

async function measureSerial(n, verifyParams, sharedKey) {
  bench.start();
  for (let i = 0; i < n; ++i) {
    await subtle.verify(verifyParams, sharedKey || publicKeys[i], signature, data);
  }
  bench.end(n);
}

async function measureParallel(n, verifyParams, sharedKey) {
  const promises = new Array(n);
  bench.start();
  for (let i = 0; i < n; ++i) {
    promises[i] = subtle.verify(verifyParams, sharedKey || publicKeys[i], signature, data);
  }
  await Promise.all(promises);
  bench.end(n);
}

async function main({ n, mode, keyReuse, keyType }) {
  const algorithm = kAlgorithms[keyType];
  const verifyParams = kSignParams[keyType];

  if (!publicKeys || publicKeys.length !== n ||
      publicKeys[0].algorithm.name !== verifyParams.name) {
    publicKeys = new Array(n);
    // Generate one key pair, then import its spki bytes n times to get
    // distinct CryptoKey instances.
    const kp = await subtle.generateKey(algorithm, true, ['sign', 'verify']);
    const spki = await subtle.exportKey('spki', kp.publicKey);
    for (let i = 0; i < n; ++i) {
      publicKeys[i] = await subtle.importKey('spki', spki, algorithm, false, ['verify']);
    }
    signature = await subtle.sign(verifyParams, kp.privateKey, data);
  }

  const sharedKey = keyReuse === 'shared' ? publicKeys[0] : undefined;

  switch (mode) {
    case 'serial':
      await measureSerial(n, verifyParams, sharedKey);
      break;
    case 'parallel':
      await measureParallel(n, verifyParams, sharedKey);
      break;
  }
}