Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use BoringSSL implementation for _CryptoExtras.AES._CTR #229

Merged
merged 1 commit into from
May 7, 2024
Merged

Use BoringSSL implementation for _CryptoExtras.AES._CTR #229

merged 1 commit into from
May 7, 2024

Conversation

simonjbeaumont
Copy link
Contributor

@simonjbeaumont simonjbeaumont commented May 7, 2024
edited
Loading

Motivation:

_CryptoExtras provides AES CTR mode with a Swift implementation, which operates one block at a time. For encrypting larger plaintexts this can become a bottleneck. BoringSSL provides an implementation which makes use of hardware capabilities if present for parallel block processing.

Modifications:

  • Replace Swift implementation of _CryptoExtras.AES._CTR.encrypt and decrypt with a call to BoringSSL AES_ctr128_encrypt function.
  • Annotate the API as @inlinable for generic specialization.
  • Remove AES._CTR.Nonce.incrementCounter(), which was only used by the Swift implementation.

Result:

The runtime performance is improved by around 93% for encryption of larger plaintexts, e.g. 4k:

----------------------------------------------------------------------------------------------------------------------------
AES._CTR.encrypt 4k metrics
----------------------------------------------------------------------------------------------------------------------------

╒══════════════════════════════════════════╤═════════╤═════════╤═════════╤═════════╤═════════╤═════════╤═════════╤═════════╕
│         Time (total CPU) (ns) *          │      p0 │     p25 │     p50 │     p75 │     p90 │     p99 │    p100 │ Samples │
╞══════════════════════════════════════════╪═════════╪═════════╪═════════╪═════════╪═════════╪═════════╪═════════╪═════════╡
│                  alpha                   │      14 │      14 │      14 │      14 │      14 │      15 │      15 │     213 │
├──────────────────────────────────────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┤
│               Current_run                │       1 │       1 │       1 │       1 │       1 │       1 │       1 │    3560 │
├──────────────────────────────────────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┤
│                    Δ                     │     -13 │     -13 │     -13 │     -13 │     -13 │     -14 │     -14 │    3347 │
├──────────────────────────────────────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┼─────────┤
│              Improvement %               │      93 │      93 │      93 │      93 │      93 │      93 │      93 │    3347 │
╘══════════════════════════════════════════╧═════════╧═════════╧═════════╧═════════╧═════════╧═════════╧═════════╧═════════╛

@simonjbeaumont simonjbeaumont marked this pull request as ready for review May 7, 2024 09:49
@Lukasa Lukasa added the semver/patch No public API change. label May 7, 2024
Lukasa
Lukasa approved these changes May 7, 2024
View reviewed changes
Copy link
Collaborator

@Lukasa Lukasa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really nice patch, this looks great.

@Lukasa Lukasa merged commit bc1c292 into apple:main May 7, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Lukasa Lukasa Lukasa approved these changes

Assignees
No one assigned
Labels
semver/patch No public API change.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@simonjbeaumont @Lukasa