You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My employer is currently using PyJWT in production for signing URLs. As part of some routine performance monitoring and profiling, I discovered that this signing method was consuming a disproportionate amount of time - even more than the wall clock time of communicating with the database. The icicle plot below shows how most of the time was spent in the load_pem_private_key() method within the cryptography library.
I resolved the issue by manually instantiating the RSAPrivateKey object and passing that to jwt.encode(). As a result, RSAAlgorithm.prepare_key() returns immediately rather than instantiating a new RSAPrivateKey. Otherwise, the CPU-intensive RSA_check_key primality test would be needlessly rerun on every call to encode().
It looks like there's some discussion in #602 about changing the type hinting to make this usage more official. In the meantime, a stopgap is to make mention of the performance benefits of passing an RSAPrivateKey object in the Usage Examples page of the documentation.
My employer is currently using PyJWT in production for signing URLs. As part of some routine performance monitoring and profiling, I discovered that this signing method was consuming a disproportionate amount of time - even more than the wall clock time of communicating with the database. The icicle plot below shows how most of the time was spent in the
load_pem_private_key()method within thecryptographylibrary.I resolved the issue by manually instantiating the
RSAPrivateKeyobject and passing that tojwt.encode(). As a result,RSAAlgorithm.prepare_key()returns immediately rather than instantiating a newRSAPrivateKey. Otherwise, the CPU-intensiveRSA_check_keyprimality test would be needlessly rerun on every call toencode().It looks like there's some discussion in #602 about changing the type hinting to make this usage more official. In the meantime, a stopgap is to make mention of the performance benefits of passing an
RSAPrivateKeyobject in the Usage Examples page of the documentation.#734
The text was updated successfully, but these errors were encountered: