config, server, executor: Reduce RSA keysize in testing

[dveeden]

What problem does this PR solve?

Issue Number: close #26947

Problem Summary: Using smaller RSA keys when testing reduces test run time

Check List

Documentation

• Adds a configuration option

Release note

It is now possible to configure the RSA keysize of automatically generated RSA private keys

[ti-chi-bot]

[REVIEW NOTIFICATION]

This pull request has been approved by:

• morgo
• tiancaiamao

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

[dveeden]

/cc @zhouqiang-cl @tiancaiamao

[kennytm]

would generating ECDSA or Ed25519 keys be more efficient than RSA 😅

[dveeden]

would generating ECDSA or Ed25519 keys be more efficient than RSA sweat_smile

goos: linux
goarch: amd64
pkg: github.com/dveeden/keygentester
cpu: Intel(R) Core(TM) i7-10510U CPU @ 1.80GHz
BenchmarkRsa4k-8     	       7	1490731837 ns/op
BenchmarkRsa528-8    	    1135	   5237020 ns/op
BenchmarkEcdsa-8     	  425629	     14857 ns/op
BenchmarkEd25519-8   	  122875	     54166 ns/op

goos: freebsd
goarch: amd64
pkg: github.com/dveeden/keygentester
cpu: Intel(R) Atom(TM) CPU  C2550  @ 2.40GHz
BenchmarkRsa4k-4     	       2	15946739888 ns/op
BenchmarkRsa528-4    	     280	  21446773 ns/op
BenchmarkEcdsa-4     	   83643	     71792 ns/op
BenchmarkEd25519-4   	   36759	    163191 ns/op

package main

import (
	"crypto/ecdsa"
	"crypto/ed25519"
	"crypto/elliptic"
	"crypto/rand"
	"crypto/rsa"
	"testing"
)

func BenchmarkRsa4k(b *testing.B) {
	for i := 0; i < b.N; i++ {
		rsa.GenerateKey(rand.Reader, 4096)
	}
}

func BenchmarkRsa528(b *testing.B) {
	for i := 0; i < b.N; i++ {
		rsa.GenerateKey(rand.Reader, 528)
	}
}

func BenchmarkEcdsa(b *testing.B) {
	for i := 0; i < b.N; i++ {
		ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
	}
}

func BenchmarkEd25519(b *testing.B) {
	for i := 0; i < b.N; i++ {
		ed25519.GenerateKey(rand.Reader)
	}
}

[dveeden]

However I don't think we should move away from RSA as that probably has the best compatibility.

[zhouqiang-cl]

/run-unit-tests

[zhouqiang-cl]

LGTM

[ti-chi-bot]

@zhouqiang-cl: Thanks for your review. The bot only counts approvals from reviewers and higher roles in list, but you're still welcome to leave your comments.

In response to this:

LGTM

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the ti-community-infra/tichi repository.

[dveeden]

/cc @morgo

[dveeden]

/assign @tiancaiamao @morgo

[tiancaiamao]

/merge

[ti-chi-bot]

This pull request has been accepted and is ready to merge.

Commit hash: 1777c7e

[ti-chi-bot]

@dveeden: Your PR was out of date, I have automatically updated it for you.

At the same time I will also trigger all tests for you:

/run-all-tests

If the CI test fails, you just re-trigger the test that failed and the bot will merge the PR for you after the CI passes.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the ti-community-infra/tichi repository.