As part of a NodeJS application, I'm regularly generating signed AWS CloudFront URLs. When a lot of simultaneous requests hit the server, I've noticed a performance bottleneck in our application during the generation of the signature. Specifically, the function from aws-cloudfront-sign here:
function _createPolicySignature(policy, privateKey) {
var sign = crypto.createSign('RSA-SHA1');
sign.update(policy.toJSON());
return sign.sign(privateKey, 'base64');
}
Profiling the node app gives the following output:
ticks parent name
21043 98.4% UNKNOWN
1775 8.4% LazyCompile: *_createPolicySignature node_modules\aws-cloudfront-sign\lib\cloudfrontUtil.js:157:32
1775 100.0% LazyCompile: ~getSignedUrl node_modules\aws-cloudfront-sign\lib\cloudfrontUtil.js:19:22
1363 76.8% LazyCompile: *getCDNDownloadURL
1363 100.0% LazyCompile: *getImageObject
1305 95.7% LazyCompile: ~<anonymous>
58 4.3% LazyCompile: ~<anonymous>
412 23.2% LazyCompile: ~getCDNDownloadURL
206 50.0% LazyCompile: ~getImageObject
206 100.0% LazyCompile: ~<anonymous>
206 50.0% LazyCompile: *getImageObject
179 86.9% LazyCompile: ~<anonymous>
27 13.1% LazyCompile: ~<anonymous>
I'm looking for ways to improve this. Is there a library I can use which will perform better in this case? The private key always remains the same, so maybe something which doesn't have to create new signing objects / buffers each time it is used? Unfortunately, as the profiler only gives an UNKNOWN for the code inside the crypto library, I'm not sure where the exact bottleneck is occurring. Is there a way to get the profiller to also show the stack trace when calling NodeJS libraries?