Using Sodium to Make Blackfire Faster
We eat our own dog food. And we’re happy we do! We recently gained a huge performance boost by optimizing some of our encryption layer.
By Alexandre Salomé, on Jun 06, 2019 Using Blackfire on Blackfire is key for us. As much as it enables us to improve our code, it enables us to improve the tool itself. It helps to figure out what works, what doesn’t, and what needs to be improved.
We’re using most of Blackfire’s features on a daily basis. We’re using periodic builds to profile regularly some key pages in our app, directly in production – real conditions. Thanks to the Blackfire Player, we’re able to generate advanced scenarios (read about some of our use cases).
That led us to a recent, significant performance improvement.
Finding the issue
We encrypt some sensitive data before storing it. That prevents any attacker from using it in the event they would manage to breach through our security to our database. Now of course, it does happen that we need that data, and that we therefore have to decrypt it.
While checking one of our key pages’ profile, we realized that about 15% of the total wall-time was consumed by a function deemed to decrypt sensitive data.
Making it faster
We were using a plain PHP encryption library, which was doing most of the job.
An option would have been to contribute and improve that library, but we realized that since version 7.2, PHP includes Sodium, a modern and fast cryptography library.
After reproducing the issue on a local machine, we tried to implement this solution and profile again.
The change was about 10 lines of code. The result was simply blazing fast, going down to 0.05% of the wall-time, instead of the initial 15%!
Sometimes a quick fix can really make a difference 🙂
Conclusion
We built Blackfire so that performance issues are prevented from happening in production. Profiling on a local machine, and implementing automated testing strategies support that.
Now pushing some code to the real, live environment can always enable to uncover new issues, simply because of real data, or live server configuration.
Blackfire enables to identify precisely such issues, and provides all of the information you need to fix it.
