From 2fde6a1bf738f5940c41df78b828644c9e14b4f4 Mon Sep 17 00:00:00 2001 From: HarrisonPearl Date: Thu, 22 Dec 2022 21:57:15 +0000 Subject: [PATCH 1/4] reimplements signRequest in load test to avoid redundant connection setup --- cmd/load_test.go | 77 +++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 70 insertions(+), 7 deletions(-) diff --git a/cmd/load_test.go b/cmd/load_test.go index cf3a4cd3..556e3bd7 100644 --- a/cmd/load_test.go +++ b/cmd/load_test.go @@ -8,14 +8,20 @@ import ( "testing" "time" + "encoding/hex" "github.com/IABTechLab/adscert/pkg/adscert/api" + "github.com/IABTechLab/adscert/pkg/adscert/logger" + "github.com/IABTechLab/adscert/pkg/adscert/signatory" "gonum.org/v1/plot" "gonum.org/v1/plot/plotter" "gonum.org/v1/plot/plotutil" "gonum.org/v1/plot/vg" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials/insecure" + "google.golang.org/protobuf/encoding/prototext" ) -func DeactivatedTestLoadNoOp(t *testing.T) { +func TestLoadNoOp(t *testing.T) { timeoutList := []time.Duration{10 * time.Millisecond, 100 * time.Millisecond, 1000 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, true) @@ -23,7 +29,7 @@ func DeactivatedTestLoadNoOp(t *testing.T) { } -func DeactivatedTestLoadSigning(t *testing.T) { +func TestLoadSigning(t *testing.T) { timeoutList := []time.Duration{10 * time.Millisecond, 100 * time.Millisecond, 1000 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, false) @@ -68,6 +74,17 @@ func signBatchesAndPlot(timeout time.Duration, isNoOp bool) { testsPerTestSize := 10 c := make(chan api.SignatureOperationStatus) + + // Establish the gRPC connection that the client will use to connect to the + // signatory server. This basic example uses unauthenticated connections + // which should not be used in a production environment. + opts := []grpc.DialOption{grpc.WithTransportCredentials(insecure.NewCredentials())} + conn, err := grpc.Dial(testsignParams.serverAddress, opts...) + if err != nil { + logger.Fatalf("Failed to dial: %v", err) + } + defer conn.Close() + iterationResults := map[int][]float64{} lowestSuccessPercent := 1.00 numOfRequests := 1 @@ -81,7 +98,7 @@ func signBatchesAndPlot(timeout time.Duration, isNoOp bool) { iterationResults[numOfRequests] = []float64{} lowestSuccessPercent = 1.00 for i := 0; i < testsPerTestSize; i++ { - iterationResult := sendSignatureRequests(numOfRequests, testsignParams, c) + iterationResult := sendSignatureRequestsOverConnection(numOfRequests, testsignParams, c, conn) iterationResultSuccessPercent := float64(iterationResult[1]) / float64(numOfRequests) if lowestSuccessPercent > iterationResultSuccessPercent { lowestSuccessPercent = iterationResultSuccessPercent @@ -107,9 +124,9 @@ func signBatchesAndPlot(timeout time.Duration, isNoOp bool) { } -func sendSignatureRequests(numOfRequests int, testsignParams *testsignParameters, c chan api.SignatureOperationStatus) []int { +func sendSignatureRequestsOverConnection(numOfRequests int, testsignParams *testsignParameters, c chan api.SignatureOperationStatus, conn *grpc.ClientConn) []int { for i := 0; i < numOfRequests; i++ { - go signToChannel(testsignParams, c) + go signToChannelOverConnection(testsignParams, c, conn) } var res []api.SignatureOperationStatus @@ -126,8 +143,8 @@ func sendSignatureRequests(numOfRequests int, testsignParams *testsignParameters return iterationResult } -func signToChannel(testsignParams *testsignParameters, c chan api.SignatureOperationStatus) { - signatureStatus := signRequest(testsignParams) +func signToChannelOverConnection(testsignParams *testsignParameters, c chan api.SignatureOperationStatus, conn *grpc.ClientConn) { + signatureStatus := signRequestOverConnection(testsignParams, conn) c <- signatureStatus.GetSignatureOperationStatus() // send status to c } @@ -564,3 +581,49 @@ func plotResults(iterationResults map[int][]float64, maxNumOfRequests int, timeo panic(err) } } + +func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.ClientConn) *api.AuthenticatedConnectionSignatureResponse { + logger.Infof("Connecting to signatory server at %s\n", testsignParams.serverAddress) + + // Create a reusable Signatory Client that provides a lightweight wrapper + // around the RPC client stub. This code performs some basic request + // timeout and error handling logic. + clientOpts := &signatory.AuthenticatedConnectionsSignatoryClientOptions{Timeout: testsignParams.signingTimeout} + signatoryClient := signatory.NewAuthenticatedConnectionsSignatoryClient(conn, clientOpts) + + // Rewrite an HTTP url as HTTPS if requested by command line flag. + var urlToSign string + if strings.HasPrefix(testsignParams.url, "http://") && testsignParams.signURLAsHTTPS { + urlToSign = "https://" + testsignParams.url[7:] + logger.Infof("Rewrote URL to HTTPS (from %s to %s)", testsignParams.url, urlToSign) + } else { + urlToSign = testsignParams.url + } + + // The RequestInfo proto contains details about the individual ad request + // being signed. A SetRequestInfo helper function derives a hash of the + // destination URL and body, setting these value on the RequestInfo message. + reqInfo := &api.RequestInfo{} + signatory.SetRequestInfo(reqInfo, urlToSign, []byte(testsignParams.body)) + + logger.Infof("Calculated hashes:\n\t URL: %s\n\tBody: %s", hex.EncodeToString(reqInfo.UrlHash), hex.EncodeToString(reqInfo.BodyHash)) + + // Request the signature. + logger.Infof("Signing request for URL: %v", urlToSign) + signatureResponse, err := signatoryClient.SignAuthenticatedConnection( + &api.AuthenticatedConnectionSignatureRequest{ + RequestInfo: reqInfo, + }) + if err != nil { + logger.Warningf("unable to sign message: %v", err) + } + + // In most circumstances a signatureResponse will be returned which includes + // detals about the successful or failed signature attempt. + if signatureResponse != nil { + logger.Infof("signature response:\n%s", prototext.Format(signatureResponse)) + } else { + logger.Warningf("signature response is missing") + } + return signatureResponse +} From 09dda299f87e95d9ee4349436e33e428154310b7 Mon Sep 17 00:00:00 2001 From: HarrisonPearl Date: Thu, 22 Dec 2022 22:05:16 +0000 Subject: [PATCH 2/4] reduces timeout --- cmd/load_test.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cmd/load_test.go b/cmd/load_test.go index 556e3bd7..25291d04 100644 --- a/cmd/load_test.go +++ b/cmd/load_test.go @@ -22,7 +22,7 @@ import ( ) func TestLoadNoOp(t *testing.T) { - timeoutList := []time.Duration{10 * time.Millisecond, 100 * time.Millisecond, 1000 * time.Millisecond} + timeoutList := []time.Duration{1 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, true) } @@ -30,7 +30,7 @@ func TestLoadNoOp(t *testing.T) { } func TestLoadSigning(t *testing.T) { - timeoutList := []time.Duration{10 * time.Millisecond, 100 * time.Millisecond, 1000 * time.Millisecond} + timeoutList := []time.Duration{1 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, false) } From b81086f3ceb19626a66f9187c2ec2e981c54aab5 Mon Sep 17 00:00:00 2001 From: HarrisonPearl Date: Thu, 22 Dec 2022 22:12:10 +0000 Subject: [PATCH 3/4] removed logging during signing --- cmd/load_test.go | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) diff --git a/cmd/load_test.go b/cmd/load_test.go index 25291d04..e367eb29 100644 --- a/cmd/load_test.go +++ b/cmd/load_test.go @@ -8,7 +8,6 @@ import ( "testing" "time" - "encoding/hex" "github.com/IABTechLab/adscert/pkg/adscert/api" "github.com/IABTechLab/adscert/pkg/adscert/logger" "github.com/IABTechLab/adscert/pkg/adscert/signatory" @@ -18,11 +17,10 @@ import ( "gonum.org/v1/plot/vg" "google.golang.org/grpc" "google.golang.org/grpc/credentials/insecure" - "google.golang.org/protobuf/encoding/prototext" ) func TestLoadNoOp(t *testing.T) { - timeoutList := []time.Duration{1 * time.Millisecond} + timeoutList := []time.Duration{1 * time.Millisecond, 10 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, true) } @@ -30,7 +28,7 @@ func TestLoadNoOp(t *testing.T) { } func TestLoadSigning(t *testing.T) { - timeoutList := []time.Duration{1 * time.Millisecond} + timeoutList := []time.Duration{1 * time.Millisecond, 10 * time.Millisecond} for _, timeout := range timeoutList { signBatchesAndPlot(timeout, false) } @@ -583,8 +581,6 @@ func plotResults(iterationResults map[int][]float64, maxNumOfRequests int, timeo } func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.ClientConn) *api.AuthenticatedConnectionSignatureResponse { - logger.Infof("Connecting to signatory server at %s\n", testsignParams.serverAddress) - // Create a reusable Signatory Client that provides a lightweight wrapper // around the RPC client stub. This code performs some basic request // timeout and error handling logic. @@ -595,7 +591,6 @@ func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.Cl var urlToSign string if strings.HasPrefix(testsignParams.url, "http://") && testsignParams.signURLAsHTTPS { urlToSign = "https://" + testsignParams.url[7:] - logger.Infof("Rewrote URL to HTTPS (from %s to %s)", testsignParams.url, urlToSign) } else { urlToSign = testsignParams.url } @@ -606,24 +601,11 @@ func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.Cl reqInfo := &api.RequestInfo{} signatory.SetRequestInfo(reqInfo, urlToSign, []byte(testsignParams.body)) - logger.Infof("Calculated hashes:\n\t URL: %s\n\tBody: %s", hex.EncodeToString(reqInfo.UrlHash), hex.EncodeToString(reqInfo.BodyHash)) - // Request the signature. - logger.Infof("Signing request for URL: %v", urlToSign) - signatureResponse, err := signatoryClient.SignAuthenticatedConnection( + signatureResponse, _ := signatoryClient.SignAuthenticatedConnection( &api.AuthenticatedConnectionSignatureRequest{ RequestInfo: reqInfo, }) - if err != nil { - logger.Warningf("unable to sign message: %v", err) - } - // In most circumstances a signatureResponse will be returned which includes - // detals about the successful or failed signature attempt. - if signatureResponse != nil { - logger.Infof("signature response:\n%s", prototext.Format(signatureResponse)) - } else { - logger.Warningf("signature response is missing") - } return signatureResponse } From 58e2d98efd6ac1baa766657be058beae4ed9833e Mon Sep 17 00:00:00 2001 From: HarrisonPearl Date: Tue, 27 Dec 2022 16:47:55 +0000 Subject: [PATCH 4/4] adds verifyRequestOverConnection --- cmd/load_test.go | 56 +++++++++++++--------------------------- cmd/test_helpers.go | 63 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+), 38 deletions(-) create mode 100644 cmd/test_helpers.go diff --git a/cmd/load_test.go b/cmd/load_test.go index e367eb29..4dba03aa 100644 --- a/cmd/load_test.go +++ b/cmd/load_test.go @@ -10,7 +10,6 @@ import ( "github.com/IABTechLab/adscert/pkg/adscert/api" "github.com/IABTechLab/adscert/pkg/adscert/logger" - "github.com/IABTechLab/adscert/pkg/adscert/signatory" "gonum.org/v1/plot" "gonum.org/v1/plot/plotter" "gonum.org/v1/plot/plotutil" @@ -35,8 +34,8 @@ func TestLoadSigning(t *testing.T) { } -func DeactivatedTestLoadVerification(t *testing.T) { - timeoutList := []time.Duration{10 * time.Millisecond, 100 * time.Millisecond, 1000 * time.Millisecond} +func TestLoadVerification(t *testing.T) { + timeoutList := []time.Duration{1 * time.Millisecond, 10 * time.Millisecond} for _, timeout := range timeoutList { verifyBatchesAndPlot(timeout) } @@ -156,6 +155,17 @@ func verifyBatchesAndPlot(timeout time.Duration) { testsPerTestSize := 10 c := make(chan api.SignatureDecodeStatus) + + // Establish the gRPC connection that the client will use to connect to the + // signatory server. This basic example uses unauthenticated connections + // which should not be used in a production environment. + opts := []grpc.DialOption{grpc.WithTransportCredentials(insecure.NewCredentials())} + conn, err := grpc.Dial(testverifyParams.serverAddress, opts...) + if err != nil { + logger.Fatalf("Failed to dial: %v", err) + } + defer conn.Close() + iterationResults := map[int][]float64{} lowestSuccessPercent := 1.00 numOfRequests := 1 @@ -169,7 +179,7 @@ func verifyBatchesAndPlot(timeout time.Duration) { iterationResults[numOfRequests] = []float64{} lowestSuccessPercent = 1.00 for i := 0; i < testsPerTestSize; i++ { - iterationResult := sendVerificationRequests(numOfRequests, testverifyParams, c) + iterationResult := sendVerificationRequestsOverConnection(numOfRequests, testverifyParams, c, conn) iterationResultSuccessPercent := float64(iterationResult[1]) / float64(numOfRequests) if lowestSuccessPercent > iterationResultSuccessPercent { lowestSuccessPercent = iterationResultSuccessPercent @@ -191,9 +201,9 @@ func verifyBatchesAndPlot(timeout time.Duration) { } -func sendVerificationRequests(numOfRequests int, testverifyParams *testverifyParameters, c chan api.SignatureDecodeStatus) []int { +func sendVerificationRequestsOverConnection(numOfRequests int, testverifyParams *testverifyParameters, c chan api.SignatureDecodeStatus, conn *grpc.ClientConn) []int { for i := 0; i < numOfRequests; i++ { - go verifyToChannel(testverifyParams, c) + go verifyToChannelOverConnection(testverifyParams, c, conn) } var res []api.SignatureDecodeStatus @@ -210,8 +220,8 @@ func sendVerificationRequests(numOfRequests int, testverifyParams *testverifyPar return iterationResult } -func verifyToChannel(testverifyParams *testverifyParameters, c chan api.SignatureDecodeStatus) { - verificationResponse := verifyRequest(testverifyParams) +func verifyToChannelOverConnection(testverifyParams *testverifyParameters, c chan api.SignatureDecodeStatus, conn *grpc.ClientConn) { + verificationResponse := verifyRequestOverConnection(testverifyParams, conn) if len(verificationResponse.GetVerificationInfo()) > 0 && len(verificationResponse.GetVerificationInfo()[0].GetSignatureDecodeStatus()) > 0 { signatureStatus := verificationResponse.GetVerificationInfo()[0].GetSignatureDecodeStatus()[0] c <- signatureStatus // send status to c @@ -579,33 +589,3 @@ func plotResults(iterationResults map[int][]float64, maxNumOfRequests int, timeo panic(err) } } - -func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.ClientConn) *api.AuthenticatedConnectionSignatureResponse { - // Create a reusable Signatory Client that provides a lightweight wrapper - // around the RPC client stub. This code performs some basic request - // timeout and error handling logic. - clientOpts := &signatory.AuthenticatedConnectionsSignatoryClientOptions{Timeout: testsignParams.signingTimeout} - signatoryClient := signatory.NewAuthenticatedConnectionsSignatoryClient(conn, clientOpts) - - // Rewrite an HTTP url as HTTPS if requested by command line flag. - var urlToSign string - if strings.HasPrefix(testsignParams.url, "http://") && testsignParams.signURLAsHTTPS { - urlToSign = "https://" + testsignParams.url[7:] - } else { - urlToSign = testsignParams.url - } - - // The RequestInfo proto contains details about the individual ad request - // being signed. A SetRequestInfo helper function derives a hash of the - // destination URL and body, setting these value on the RequestInfo message. - reqInfo := &api.RequestInfo{} - signatory.SetRequestInfo(reqInfo, urlToSign, []byte(testsignParams.body)) - - // Request the signature. - signatureResponse, _ := signatoryClient.SignAuthenticatedConnection( - &api.AuthenticatedConnectionSignatureRequest{ - RequestInfo: reqInfo, - }) - - return signatureResponse -} diff --git a/cmd/test_helpers.go b/cmd/test_helpers.go new file mode 100644 index 00000000..303bf1af --- /dev/null +++ b/cmd/test_helpers.go @@ -0,0 +1,63 @@ +package cmd + +import ( + "strings" + + "github.com/IABTechLab/adscert/pkg/adscert/api" + "github.com/IABTechLab/adscert/pkg/adscert/signatory" + "google.golang.org/grpc" +) + +func signRequestOverConnection(testsignParams *testsignParameters, conn *grpc.ClientConn) *api.AuthenticatedConnectionSignatureResponse { + // Create a reusable Signatory Client that provides a lightweight wrapper + // around the RPC client stub. This code performs some basic request + // timeout and error handling logic. + clientOpts := &signatory.AuthenticatedConnectionsSignatoryClientOptions{Timeout: testsignParams.signingTimeout} + signatoryClient := signatory.NewAuthenticatedConnectionsSignatoryClient(conn, clientOpts) + + // Rewrite an HTTP url as HTTPS if requested by command line flag. + var urlToSign string + if strings.HasPrefix(testsignParams.url, "http://") && testsignParams.signURLAsHTTPS { + urlToSign = "https://" + testsignParams.url[7:] + } else { + urlToSign = testsignParams.url + } + + // The RequestInfo proto contains details about the individual ad request + // being signed. A SetRequestInfo helper function derives a hash of the + // destination URL and body, setting these value on the RequestInfo message. + reqInfo := &api.RequestInfo{} + signatory.SetRequestInfo(reqInfo, urlToSign, []byte(testsignParams.body)) + + // Request the signature. + signatureResponse, _ := signatoryClient.SignAuthenticatedConnection( + &api.AuthenticatedConnectionSignatureRequest{ + RequestInfo: reqInfo, + }) + + return signatureResponse +} + +func verifyRequestOverConnection(testverifyParams *testverifyParameters, conn *grpc.ClientConn) *api.AuthenticatedConnectionVerificationResponse { + // Create a reusable Signatory Client that provides a lightweight wrapper + // around the RPC client stub. This code performs some basic request + // timeout and error handling logic. + clientOpts := &signatory.AuthenticatedConnectionsSignatoryClientOptions{Timeout: testverifyParams.verifyingTimeout} + signatoryClient := signatory.NewAuthenticatedConnectionsSignatoryClient(conn, clientOpts) + + // The RequestInfo proto contains details about the individual ad request + // being verified. A SetRequestInfo helper function derives a hash of the + // destination URL and body, and sets the hash and the signature message on the RequestInfo message. + signatureHeaders := []string{testverifyParams.signatureMessage} + + reqInfo := &api.RequestInfo{} + signatory.SetRequestInfo(reqInfo, testverifyParams.destinationURL, []byte(testverifyParams.body)) + signatory.SetRequestSignatures(reqInfo, signatureHeaders) + + // Request the verification. + verificationResponse, _ := signatoryClient.VerifyAuthenticatedConnection( + &api.AuthenticatedConnectionVerificationRequest{ + RequestInfo: []*api.RequestInfo{reqInfo}, + }) + return verificationResponse +}