diff options
Diffstat (limited to 'client/src/leap/soledad')
-rw-r--r-- | client/src/leap/soledad/client/_blobs.py | 2 | ||||
-rw-r--r-- | client/src/leap/soledad/client/_crypto.py | 5 |
2 files changed, 6 insertions, 1 deletions
diff --git a/client/src/leap/soledad/client/_blobs.py b/client/src/leap/soledad/client/_blobs.py index 426de56c..4581af60 100644 --- a/client/src/leap/soledad/client/_blobs.py +++ b/client/src/leap/soledad/client/_blobs.py @@ -44,6 +44,8 @@ Ideally, the decrypting flow goes like this: - Allocate a zeroblob in the sqlcipher sink - Mark the blob as unusable (ie, not verified) - Decrypt the payload incrementally, and write chunks to sqlcipher + ** Is it possible to use a small buffer for the aes writer w/o + ** allocating all the memory in openssl? - Finalize the AES decryption - If preamble + payload verifies correctly, mark the blob as usable diff --git a/client/src/leap/soledad/client/_crypto.py b/client/src/leap/soledad/client/_crypto.py index 8fc5154c..f72571c2 100644 --- a/client/src/leap/soledad/client/_crypto.py +++ b/client/src/leap/soledad/client/_crypto.py @@ -210,9 +210,11 @@ class BlobEncryptor(object): """ Produces encrypted data from the cleartext data associated with a given SoledadDocument using AES-256 cipher in GCM mode. + The production happens using a Twisted's FileBodyProducer, which uses a Cooperator to schedule calls and can be paused/resumed. Each call takes at most 65536 bytes from the input. + Both the production input and output are file descriptors, so they can be applied to a stream of data. """ @@ -226,7 +228,7 @@ class BlobEncryptor(object): self._content_fd = content_fd content_fd.seek(0, os.SEEK_END) - self._content_size = content_fd.tell() + self._content_size = _ceiling(content_fd.tell()) content_fd.seek(0) self._producer = FileBodyProducer(content_fd, readSize=2**16) @@ -547,6 +549,7 @@ def _ceiling(size): """ Some simplistic ceiling scheme that uses powers of 2. We report everything below 4096 bytes as that minimum threshold. + See #8759 for research pending for less simplistic/aggresive strategies. """ for i in xrange(12, 31): step = 2**i |