As usual, just when you think you have things sorted, something spoils your fun!
All I wanted to do was to create a signed URL to a Google Cloud Storage bucket. It took a bit of trial and error, but then I solved it. The problem now being that the crypto sign blows my 50ms CPU time.
I had been using NodeJS crypto package, the function to sign was simple …
const sign = (input, key) => crypto.createSign(‘RSA-SHA256’).update(input).sign(key, ‘base64’)
The key being passed is in PEM format private key (a string). Functionally this works, and I can use the result to access my Google bucket. I know that the sign process is consuming the >50ms CPU. With the signing process stubbed out - my worker is consuming 18ms per request.
My first thought was to preprocess the key using crypto.createPrivateKey - caching the result and using this instead of the plain text key. However, crypto.createPrivateKey is not available to the Worker.
Second thought is to use the Worker’s Web Crypto API. This seems to be similar, but I can’t find any examples of usage for an equivalent to what I have coded in Node crypto. I’ve even seen a suggestion that it’s not possible to create it.
Can anyone advise/suggest anything to improve the performance of the signing process. I know that I can implement as a Google Cloud Function - but I’m trying to keep it simple.