Move RSA Key Generation off the main-thread with Isolates (#199)

* perf: optimize rsa key generation with isolates

* fix: resolve linter issues

Author: HamdaanAliQuatil

lib/src/impl_ffi/impl_ffi.dart

@@ -20,6 +20,7 @@ import 'dart:async';
 import 'dart:ffi' show Allocator;
 import 'dart:typed_data';
 import 'dart:convert' show utf8, base64Url;
+import 'dart:isolate';
 import 'dart:ffi' as ffi;
 import 'dart:math' as math;
 import 'package:meta/meta.dart';

lib/src/impl_ffi/impl_ffi.rsa_common.dart

@@ -229,10 +229,10 @@ Map<String, dynamic> _exportJwkRsaPrivateOrPublicKey(
   });
 }
 
-KeyPair<_EvpPKey, _EvpPKey> _generateRsaKeyPair(
+Future<KeyPair<_EvpPKey, _EvpPKey>> _generateRsaKeyPair(
   int modulusLength,
   BigInt publicExponent,
-) {
+) async {
   // Sanity check for the modulusLength
   if (modulusLength < 256 || modulusLength > 16384) {
     throw UnsupportedError(
@@ -251,13 +251,14 @@ KeyPair<_EvpPKey, _EvpPKey> _generateRsaKeyPair(
     throw UnsupportedError('publicExponent is not supported, try 3 or 65537');
   }
 
-  return _Scope.sync((scope) {
+  return _Scope.async((scope) async {
     // Generate private RSA key
     final privRSA = scope.createRSA();
 
     final e = scope.createBN();
     _checkOpIsOne(ssl.BN_set_word(e, publicExponent.toInt()));
-    _checkOpIsOne(ssl.RSA_generate_key_ex(
+
+    _checkOpIsOne(await _RSA_generate_key_ex(
       privRSA,
       modulusLength,
       e,
@@ -284,3 +285,20 @@ KeyPair<_EvpPKey, _EvpPKey> _generateRsaKeyPair(
     );
   });
 }
+
+/// Helper function to run `ssl.RSA_generate_key_ex` in an [Isolate]
+/// using [Isolate.run].
+///
+/// Using this auxiliary function to wrap the call should reduce the risk that
+/// unnecessary variables are copied into the closure passed to [Isolate.run].
+// ignore: non_constant_identifier_names
+Future<int> _RSA_generate_key_ex(
+  ffi.Pointer<RSA> rsa,
+  int bits,
+  ffi.Pointer<BIGNUM> e,
+  ffi.Pointer<BN_GENCB> cb,
+) async =>
+    await Isolate.run(
+      () => ssl.RSA_generate_key_ex(rsa, bits, e, cb),
+      debugName: 'RSA_generate_key_ex',
+    );

lib/src/impl_ffi/impl_ffi.rsaoaep.dart

@@ -50,7 +50,7 @@ Future<KeyPair<RsaOaepPrivateKeyImpl, RsaOaepPublicKeyImpl>>
 ) async {
   // Get hash first, to avoid a leak of EVP_PKEY if _HashImpl.fromHash throws
   final h = _HashImpl.fromHash(hash);
-  final keys = _generateRsaKeyPair(modulusLength, publicExponent);
+  final keys = await _generateRsaKeyPair(modulusLength, publicExponent);
   return (
     privateKey: _RsaOaepPrivateKeyImpl(keys.privateKey, h),
     publicKey: _RsaOaepPublicKeyImpl(keys.publicKey, h),

lib/src/impl_ffi/impl_ffi.rsapss.dart

@@ -50,7 +50,7 @@ Future<KeyPair<RsaPssPrivateKeyImpl, RsaPssPublicKeyImpl>>
 ) async {
   // Validate and get hash function
   final h = _HashImpl.fromHash(hash);
-  final keys = _generateRsaKeyPair(modulusLength, publicExponent);
+  final keys = await _generateRsaKeyPair(modulusLength, publicExponent);
   return (
     privateKey: _RsaPssPrivateKeyImpl(keys.privateKey, h),
     publicKey: _RsaPssPublicKeyImpl(keys.publicKey, h),

lib/src/impl_ffi/impl_ffi.rsassapkcs1v15.dart

@@ -50,7 +50,7 @@ Future<KeyPair<RsaSsaPkcs1V15PrivateKeyImpl, RsaSsaPkcs1V15PublicKeyImpl>>
 ) async {
   // Get hash first, to avoid a leak of EVP_PKEY if _HashImpl.fromHash throws
   final h = _HashImpl.fromHash(hash);
-  final keys = _generateRsaKeyPair(modulusLength, publicExponent);
+  final keys = await _generateRsaKeyPair(modulusLength, publicExponent);
   return (
     privateKey: _RsaSsaPkcs1V15PrivateKeyImpl(keys.privateKey, h),
     publicKey: _RsaSsaPkcs1V15PublicKeyImpl(keys.publicKey, h),