80516ed335
On my machine, reading 512-byte blocks from /dev/urandom
(same via getentropy syscall) is a lot faster in terms of
throughput:
Blocksize Throughput
16 28.18 MB/s
512 83.75 MB/s
For a single-threaded streaming write, this drops the CPU usage of
nonceGenerator.Get to almost 1/3:
flat flat% sum% cum cum%
Before 0 0% 95.08% 0.35s 2.92% github.com/rfjakob/gocryptfs/internal/cryptocore.(*nonceGenerator).Get
After 0.01s 0.092% 92.34% 0.13s 1.20% github.com/rfjakob/gocryptfs/internal/cryptocore.(*nonceGenerator).Get
This change makes the nonce reading single-threaded, which may
hurt massively-parallel writes.
33 lines
609 B
Go
33 lines
609 B
Go
package cryptocore
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"encoding/binary"
|
|
"log"
|
|
)
|
|
|
|
// RandBytes gets "n" random bytes from /dev/urandom or panics
|
|
func RandBytes(n int) []byte {
|
|
b := make([]byte, n)
|
|
_, err := rand.Read(b)
|
|
if err != nil {
|
|
log.Panic("Failed to read random bytes: " + err.Error())
|
|
}
|
|
return b
|
|
}
|
|
|
|
// RandUint64 returns a secure random uint64
|
|
func RandUint64() uint64 {
|
|
b := RandBytes(8)
|
|
return binary.BigEndian.Uint64(b)
|
|
}
|
|
|
|
type nonceGenerator struct {
|
|
nonceLen int // bytes
|
|
}
|
|
|
|
// Get a random "nonceLen"-byte nonce
|
|
func (n *nonceGenerator) Get() []byte {
|
|
return randPrefetcher.read(n.nonceLen)
|
|
}
|