Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not use crypto rand for nonce generation. #2467

Merged
merged 2 commits into from Aug 25, 2021
Merged

Do not use crypto rand for nonce generation. #2467

merged 2 commits into from Aug 25, 2021

Conversation

derekcollison
Copy link
Member

Crypto rand is not needed for nonce generation and could drain entropy.

Signed-off-by: Derek Collison derek@nats.io

/cc @nats-io/core

@derekcollison
Do not use crypto rand for nonce generation.
4a6f1b4 
Crypto rand is not needed for nonce generation and could drain entropy.

Signed-off-by: Derek Collison <derek@nats.io>
@ripienaar
Copy link
Contributor

more details on slack but calls to:

        rbek.XORKeyStream(buf, buf)

takes around 40ms each

The code here, which includes a call to XorKeyStream(), takes about 60 to 70ms

nats-server/server/filestore.go

Lines 538 to 560 in be17afb

if createdKeys {
buf, err := mb.loadBlock(nil)
if err != nil {
return nil, err
}
if err := mb.indexCacheBuf(buf); err != nil {
// This likely indicates this was already encrypted or corrupt.
mb.cache = nil
return nil, err
}
// Undo cache from above for later.
mb.cache = nil
wbek, err := chacha20.NewUnauthenticatedCipher(mb.seed, mb.nonce)
if err != nil {
return nil, err
}
wbek.XORKeyStream(buf, buf)
if err := ioutil.WriteFile(mb.mfn, buf, defaultFilePerms); err != nil {
return nil, err
}
// Remove the index file here since it will be in plaintext as well so we just rebuild.
os.Remove(mb.ifn)
}

This has knock on effects that deleteFirstMsg() takes about 90ms per message, this is called for every message that needs to be expired - in my test I ensure I have 500 message that needs expiring to trigger these timings.

@derekcollison
Copy link
Member Author

ok the expiration I guess was the missing piece to get to see the results you were seeing.

@derekcollison
The slowdown was due to trying top expire messages without a proper i…
ba4937f 
…ndex info.

So now we read and encrypt index info in place as well.

Signed-off-by: Derek Collison <derek@nats.io>
@derekcollison
Copy link
Member Author

ok got a fix in, the expired was the key to triggering the bad behavior.

kozlovic
kozlovic approved these changes Aug 25, 2021
View reviewed changes
Copy link
Member

@kozlovic kozlovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM but a question about the test

server/norace_test.go Show resolved Hide resolved
@derekcollison derekcollison merged commit 4b97f98 into main Aug 25, 2021
@derekcollison derekcollison deleted the slow_encrypt branch August 25, 2021 21:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kozlovic kozlovic kozlovic approved these changes

@ripienaar ripienaar Awaiting requested review from ripienaar

@philpennock philpennock Awaiting requested review from philpennock

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@derekcollison @ripienaar @kozlovic