Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Node crypto blocks the event loop #77

Closed
2 tasks done
ChadKillingsworth opened this issue Apr 8, 2020 · 2 comments
Closed
2 tasks done

Node crypto blocks the event loop #77

ChadKillingsworth opened this issue Apr 8, 2020 · 2 comments
Labels
enhancement New feature or request

Comments

@ChadKillingsworth
Copy link

Is your feature proposal related to a problem? Please describe.
Unfortunately node crypto operations block the event loop. We use signed JWTs for internal service authentication and end up signing thousands of JWTs. For performance, we've had to fork and write our own JWT library simply to offload the crypto operations to separate threads in Node JS using https://github.com/ronomon/crypto-async.

To assist this work I contributed back the RSA sign and verify functions to the crypto-async library: ronomon/crypto-async#7

Describe the solution you'd like
A library such as crypto-async is definitely not something ready for every use case. However, I'd like the option to utilize it with this library. Specifically, I'm simply looking for extension points so that I can use a custom crypto library.

Describe alternatives you've considered
Because the node native crypto operations are blocking, there are very few options. I'd rather contribute to a standards based open source library that supports this than maintain my own.

Additional context
While guidance would be needed on the correct approach, I'd be willing to do the work to add this feature.

  • i have searched the configuration section for this feature and couldn't find it
  • i have searched the issues tracker on github for similar requests and couldn't find anything related.
@ChadKillingsworth ChadKillingsworth added the enhancement New feature or request label Apr 8, 2020
@panva
Copy link
Owner

panva commented Apr 8, 2020

Using or supporting anything but native crypto is out of scope for this library.

@ChadKillingsworth You can certainly push your sign/verify jose code that uses regular node crypto to a worker thread. Have one per process that you push your blocking code to.

@panva panva closed this as completed Apr 8, 2020
@ChadKillingsworth
Copy link
Author

We benchmarked worker threads and they didn't perform near as well as native threads.

@github-actions github-actions bot locked and limited conversation to collaborators Jul 8, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants