fix(benches): reuse config for handshakes (#5319)

Co-authored-by: maddeleine <59030281+maddeleine@users.noreply.github.com>
Co-authored-by: Sam Clark <3758302+goatgoose@users.noreply.github.com>

Author: 3 people

bindings/rust/standard/bench/Cargo.toml

@@ -14,7 +14,7 @@ rustls-pemfile = { version = "2" }
 openssl = { version = "0.10", features = ["vendored"] }
 
 [dev-dependencies]
-criterion = "0.5"
+criterion = "0.6"
 pprof = { version = "0.14", features = ["criterion", "flamegraph"] }
 # env_logger and log are used to enable logging for rustls, which can help with
 # debugging interop failures

bindings/rust/standard/bench/benches/handshake.rs

@@ -3,13 +3,11 @@
 
 use bench::{
     harness::TlsBenchConfig, CipherSuite, CryptoConfig, HandshakeType, KXGroup, Mode,
-    OpenSslConnection, RustlsConnection, S2NConnection, SigType, TlsConnPair, TlsConnection,
-    PROFILER_FREQUENCY,
+    OpenSslConnection, RustlsConnection, S2NConnection, SigType, TlsConnPair, TlsConnection
 };
 use criterion::{
     criterion_group, criterion_main, measurement::WallTime, BatchSize, BenchmarkGroup, Criterion,
 };
-use pprof::criterion::{Output, PProfProfiler};
 use strum::IntoEnumIterator;
 
 fn bench_handshake_for_library<T>(
@@ -22,20 +20,34 @@ fn bench_handshake_for_library<T>(
     T::Config: TlsBenchConfig,
 {
     let crypto_config = CryptoConfig::new(CipherSuite::default(), kx_group, sig_type);
+    let client_config = &T::Config::make_config(Mode::Client, crypto_config, handshake_type).unwrap();
+    let server_config = &T::Config::make_config(Mode::Server, crypto_config, handshake_type).unwrap();
 
     // generate all harnesses (TlsConnPair structs) beforehand so that benchmarks
     // only include negotiation and not config/connection initialization
     bench_group.bench_function(T::name(), |b| {
         b.iter_batched_ref(
-            || -> TlsConnPair<T, T> { TlsConnPair::new_bench_pair(crypto_config, handshake_type).unwrap() },
+            || -> TlsConnPair<T, T> { 
+                if handshake_type == HandshakeType::Resumption {
+                    // generate a session ticket to store on the config
+                    let mut pair = TlsConnPair::<T, T>::from_configs(&client_config, &server_config);
+                    pair.handshake().unwrap();
+                    pair.round_trip_transfer(&mut [0]).unwrap();
+                }
+                TlsConnPair::from_configs(client_config, server_config)
+            },
             |conn_pair| {
                 conn_pair.handshake().unwrap();
                 match handshake_type {
                     HandshakeType::ServerAuth | HandshakeType::MutualAuth => assert!(!conn_pair.server.resumed_connection()),
                     HandshakeType::Resumption => assert!(conn_pair.server.resumed_connection()),
                 }
             },
-            BatchSize::SmallInput,
+            // Use "PerIteration" benchmarking, because of the way that session 
+            // ticket setup interacts with shared configs.
+            // > In testing, the maximum measurement overhead from benchmarking 
+            // > with PerIteration is on the order of 350 nanoseconds
+            BatchSize::PerIteration,
         )
     });
 }
@@ -98,9 +110,6 @@ pub fn bench_handshake_sig_types(c: &mut Criterion) {
 }
 
 criterion_group! {
-    name = benches;
-    // profile 100 samples/sec
-    config = Criterion::default().with_profiler(PProfProfiler::new(PROFILER_FREQUENCY, Output::Flamegraph(None)));
-    targets = bench_handshake_types, bench_handshake_kx_groups, bench_handshake_sig_types
+    benches, bench_handshake_types, bench_handshake_kx_groups, bench_handshake_sig_types
 }
 criterion_main!(benches);

bindings/rust/standard/bench/benches/throughput.rs

@@ -68,10 +68,5 @@ pub fn bench_throughput_cipher_suites(c: &mut Criterion) {
     }
 }
 
-criterion_group! {
-    name = benches;
-    // profile 100 samples/sec
-    config = Criterion::default().with_profiler(PProfProfiler::new(PROFILER_FREQUENCY, Output::Flamegraph(None)));
-    targets = bench_throughput_cipher_suites
-}
+criterion_group! {benches, bench_throughput_cipher_suites}
 criterion_main!(benches);

crypto/s2n_pkey.c

@@ -161,6 +161,15 @@ int s2n_pkey_match(const struct s2n_pkey *pub_key, const struct s2n_pkey *priv_k
     POSIX_GUARD_RESULT(s2n_pkey_size(priv_key, &size));
     POSIX_GUARD(s2n_alloc(&signature, size));
 
+    /* Note: The Libcrypto RSA EVP_PKEY will cache certain computations used for
+     * RSA signing.
+     * 
+     * This means that the first RSA sign with an EVP_PKEY is ~300 us slower
+     * than subsequent sign operations. The effect is much smaller for ECDSA signatures.
+     * 
+     * If this pkey_sign operation is moved out of config creation, then the
+     * 300 us penalty will be paid by the first handshake done on the config.
+     */
     POSIX_GUARD(s2n_pkey_sign(priv_key, check_alg, &state_in, &signature));
     POSIX_ENSURE(s2n_pkey_verify(pub_key, check_alg, &state_out, &signature) == S2N_SUCCESS,
             S2N_ERR_KEY_MISMATCH);