Skip to content
Snippets Groups Projects
Commit b4482ac3 authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Un-hard-code the block size and related minor tweaks

parent ac7beaa2
No related branches found
No related tags found
1 merge request!55Re-instate lazy encryption / decryption
Pipeline #5382 passed
{-# LANGUAGE ScopedTypeVariables #-}
{-# LANGUAGE TypeApplications #-}
-- | Support the encryption requirements of CHK. -- | Support the encryption requirements of CHK.
module Tahoe.CHK.Encrypt (encrypt, encryptLazy, decrypt, decryptLazy) where module Tahoe.CHK.Encrypt (encrypt, encryptLazy, decrypt, decryptLazy) where
import Crypto.Cipher.Types (BlockCipher (ctrCombine), ivAdd, nullIV) import Crypto.Cipher.Types (BlockCipher (blockSize, ctrCombine), ivAdd, nullIV)
import Data.ByteArray (ByteArray) import Data.ByteArray (ByteArray)
import qualified Data.ByteString.Lazy as LBS import qualified Data.ByteString.Lazy as LBS
import Data.List (unfoldr) import Data.List (unfoldr)
...@@ -18,19 +21,23 @@ encrypt :: (BlockCipher cipher, ByteArray ba) => cipher -> ba -> ba ...@@ -18,19 +21,23 @@ encrypt :: (BlockCipher cipher, ByteArray ba) => cipher -> ba -> ba
encrypt key = ctrCombine key nullIV encrypt key = ctrCombine key nullIV
-- | Like encrypt but operate on lazy bytestrings. -- | Like encrypt but operate on lazy bytestrings.
encryptLazy :: BlockCipher cipher => cipher -> LBS.ByteString -> LBS.ByteString encryptLazy :: forall cipher. BlockCipher cipher => cipher -> LBS.ByteString -> LBS.ByteString
encryptLazy cipher lbs = LBS.concat . (LBS.fromStrict <$>) $ zipWith (ctrCombine cipher) ivs blocks encryptLazy cipher lbs = LBS.concat . (LBS.fromStrict <$>) $ zipWith (ctrCombine cipher) ivs blocks
where where
-- The underlying encryption function works on strict bytes. Here's the -- The underlying encryption function works on strict bytes. Here's the
-- number of bytes to feed to it (that is, to make strict) at a time. -- number of *blocks* to feed to it (that is, to make strict) at a time.
workingBlockSize :: Int -- This value here is a magic number that is meant to represent a good
workingBlockSize = 1024 * 64 -- compromise between performance and number of bytes forced at one time.
workingBlocks = 1024 * 16
-- The size of a block is determined by the cipher.
workingBytes = workingBlocks * blockSize @cipher undefined
ivs = iterate (`ivAdd` (workingBlockSize `div` 16)) nullIV ivs = iterate (`ivAdd` workingBlocks) nullIV
blocks = LBS.toStrict <$> unfoldr takeChunk lbs blocks = LBS.toStrict <$> unfoldr takeChunk lbs
takeChunk "" = Nothing takeChunk "" = Nothing
takeChunk xs = Just . LBS.splitAt (fromIntegral workingBlockSize) $ xs takeChunk xs = Just . LBS.splitAt (fromIntegral workingBytes) $ xs
-- | AES128-CTR decrypt a byte string in the manner used by CHK. -- | AES128-CTR decrypt a byte string in the manner used by CHK.
decrypt :: (BlockCipher cipher, ByteArray ba) => cipher -> ba -> ba decrypt :: (BlockCipher cipher, ByteArray ba) => cipher -> ba -> ba
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment