You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Windows's runtime.getRandomData(), CryptGenRandom is used to retrieve random data from the system random number generator. Using this API causes initialization of the entire Windows crypto API surface, which is expensive and probably usually otherwise unnecessary.
The recommended way to fix this is to use BCryptGenRandom with a NULL provider and BCRYPT_USE_SYSTEM_PREFERRED_RNG. This is what .NET Core does on Windows, for example. However, this is only supported on Windows 7 and newer OSes.
A slightly faster approach and one that works on XP is to use RtlGenRandom. Although this function is not well-documented, it uses the same RNG as the other functions, it has been recommended by Microsoft in a blog, and it is used in other open source projects such as Chromium and Firefox.
I have a prototype (38633e2) of that uses RtlGenRandom that reduces process startup time from 22ms to 20ms on my machine.
If this approach seems worthwhile then I can send out a code review.
The text was updated successfully, but these errors were encountered:
Use of RtlGenRandom sounds good to me. Please send a code review. But it won't get submitted until after go1.7 is released - the tree is frozen at this moment. Thank you.
Alex
alexbrainman
changed the title
runtime/os_windows.go: Using CryptGenRandom to generate randomness slows process startup
runtime: using CryptGenRandom to generate randomness slows process startup
May 7, 2016
In Windows's
runtime.getRandomData()
, CryptGenRandom is used to retrieve random data from the system random number generator. Using this API causes initialization of the entire Windows crypto API surface, which is expensive and probably usually otherwise unnecessary.The recommended way to fix this is to use BCryptGenRandom with a
NULL
provider andBCRYPT_USE_SYSTEM_PREFERRED_RNG
. This is what .NET Core does on Windows, for example. However, this is only supported on Windows 7 and newer OSes.A slightly faster approach and one that works on XP is to use RtlGenRandom. Although this function is not well-documented, it uses the same RNG as the other functions, it has been recommended by Microsoft in a blog, and it is used in other open source projects such as Chromium and Firefox.
I have a prototype (38633e2) of that uses
RtlGenRandom
that reduces process startup time from 22ms to 20ms on my machine.If this approach seems worthwhile then I can send out a code review.
The text was updated successfully, but these errors were encountered: