x/crypto/openpgp/packet: Optimizing Struct Field Alignment

[ZuhairORZaki]

Proposal Details

Overview

In file: one_pass_signature.go, the fields of the OnePassSignature struct are organized in a way that takes more memory. The fields of the struct can be sorted in a way that takes less memory than the initial alignment.

// OnePassSignature represents a one-pass signature packet. See RFC 4880,
// section 5.4.
type OnePassSignature struct {
	SigType    SignatureType
	Hash       crypto.Hash
	PubKeyAlgo PublicKeyAlgorithm
	KeyId      uint64
	IsLast     bool
}

For the above alignment, the size of the struct is 40 bytes (for 64-bit systems). It can be reduced to 24 bytes by aligning the fields as follows:

type OnePassSignature struct {
	Hash       crypto.Hash
	KeyId      uint64
	SigType    SignatureType
	PubKeyAlgo PublicKeyAlgorithm
	IsLast     bool
}

Sponsorship and Support:

This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF): Project Alpha-Omega. Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed - to improve global software supply chain security.

The bug is found by running the iCR tool by OpenRefactory, Inc. and then manually triaging the results.

[seankhliao]

The openpgp package is frozen.

[zigo101]

See #66408, field reordering might be supported later.

[ZuhairORZaki]

@zigo101 Thank you for clarifying.