search

golang / go

The Go programming language
https://go.dev
BSD 3-Clause "New" or "Revised" License
124.29k stars 17.7k forks source link

crypto/aes: AES cipher creation and encrypt / decrypt operations can be sped up significantly #65507

Closed marten-seemann closed 8 months ago

marten-seemann commented 9 months ago

Go version

go version go1.21.4 darwin/arm64

Output of go env in your module/workspace:

GO111MODULE=''
GOARCH='arm64'
GOBIN=''
GOCACHE='/Users/marten/Library/Caches/go-build'
GOENV='/Users/marten/Library/Application Support/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFLAGS=''
GOHOSTARCH='arm64'
GOHOSTOS='darwin'
GOINSECURE=''
GOMODCACHE='/Users/marten/src/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='darwin'
GOPATH='/Users/marten/src/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/Users/marten/bin/go1.21ex'
GOSUMDB='sum.golang.org'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/Users/marten/bin/go1.21ex/pkg/tool/darwin_arm64'
GOVCS=''
GOVERSION='go1.21.4'
GCCGO='gccgo'
AR='ar'
CC='clang'
CXX='clang++'
CGO_ENABLED='1'
GOMOD='/dev/null'
GOWORK=''
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
PKG_CONFIG='pkg-config'
GOGCCFLAGS='-fPIC -arch arm64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -ffile-prefix-map=/var/folders/q0/b5ynf00142l7bl9sp8y098zr0000gn/T/go-build341590646=/tmp/go-build -gno-record-gcc-switches -fno-common'

What did you do?

I'm the maintainer of quic-go, and I'm working on reducing the allocations during the QUIC handshake (tracking issue).

What did you see happen?

The major source of allocations lies in the standard library, especially the crypto packages. Creating AES ciphers is part of this.

The allocations coming from the two slices embedded in aesCipher could easily be avoided: https://github.com/golang/go/blob/b8ac61e6e64c92f23d8cf868a92a70d13e20a124/src/crypto/aes/cipher.go#L17-L21

These slices have lengths between 44 and 60 bytes, depending on the AES variant (AES-128, AES-192, AES-256). By replacing them with a fixed-size 60 element array (plus one length field), the number of allocations can be reduced significantly. This also reduces pointer chasing when encrypting / decrypting data.

What did you expect to see?

I'm going to submit a CL that implements this suggestion.

gopherbot commented 9 months ago

Change https://go.dev/cl/561080 mentions this issue: crypto/aes: speed up AES by reducing allocation

Jorropo commented 9 months ago

cc @FiloSottile @rolandshoemaker @golang/security as per https://dev.golang.org/owners

mateusz834 commented 9 months ago

I've made a similar change before in CL CL 461078, but this seems better. I will abort that change.