You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@teaclave.apache.org by ms...@apache.org on 2020/06/26 21:15:06 UTC
[incubator-teaclave] branch master updated: Read/write files as
small chunks (#349)
This is an automated email from the ASF dual-hosted git repository.
mssun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-teaclave.git
The following commit(s) were added to refs/heads/master by this push:
new 80fe5e9 Read/write files as small chunks (#349)
80fe5e9 is described below
commit 80fe5e9b78f3d5a023a07f9b44cabf4bd994a919
Author: Qinkun Bao <qi...@gmail.com>
AuthorDate: Fri Jun 26 17:14:55 2020 -0400
Read/write files as small chunks (#349)
---
cli/src/main.rs | 9 ++++-----
crypto/src/lib.rs | 30 ++++++++++++++++++++++++------
2 files changed, 28 insertions(+), 11 deletions(-)
diff --git a/cli/src/main.rs b/cli/src/main.rs
index b38c3b2..7b4b60e 100644
--- a/cli/src/main.rs
+++ b/cli/src/main.rs
@@ -118,10 +118,9 @@ fn decrypt(opt: EncryptDecryptOpt) -> Result<CMac> {
}
TeaclaveFile128Key::SCHEMA => {
let key = TeaclaveFile128Key::new(&key)?;
- let mut content = vec![];
- let res = key.decrypt(opt.input_file, &mut content)?;
+ let mut output_file = fs::File::create(opt.output_file)?;
+ let res = key.decrypt(opt.input_file, &mut output_file)?;
cmac.copy_from_slice(&res);
- fs::write(opt.output_file, content)?;
}
_ => bail!("Invalid crypto algorithm"),
}
@@ -151,8 +150,8 @@ fn encrypt(opt: EncryptDecryptOpt) -> Result<CMac> {
}
TeaclaveFile128Key::SCHEMA => {
let key = TeaclaveFile128Key::new(&key)?;
- let content = fs::read(opt.input_file)?;
- let res = key.encrypt(opt.output_file, &content)?;
+ let content = fs::File::open(opt.input_file)?;
+ let res = key.encrypt(opt.output_file, content)?;
cmac.copy_from_slice(&res);
}
_ => bail!("Invalid crypto algorithm"),
diff --git a/crypto/src/lib.rs b/crypto/src/lib.rs
index 95e320f..1834bdf 100644
--- a/crypto/src/lib.rs
+++ b/crypto/src/lib.rs
@@ -28,6 +28,7 @@ use rand::prelude::RngCore;
use ring::aead;
use serde::{Deserialize, Serialize};
use std::format;
+use std::io::{Read, Write};
use std::path::Path;
const AES_GCM_128_KEY_LENGTH: usize = 16;
@@ -37,6 +38,8 @@ const AES_GCM_256_KEY_LENGTH: usize = 32;
const AES_GCM_256_IV_LENGTH: usize = 12;
const TEACLAVE_FILE_128_ROOT_KEY_LENGTH: usize = 16;
const CMAC_LENGTH: usize = 16;
+const FILE_CHUNK_SIZE: usize = 1024 * 1024;
+
type CMac = [u8; CMAC_LENGTH];
#[derive(Copy, Clone, Debug, Serialize, Deserialize, PartialEq)]
@@ -200,18 +203,33 @@ impl TeaclaveFile128Key {
Ok(TeaclaveFile128Key { key })
}
- pub fn decrypt<P: AsRef<Path>>(&self, path: P, out: &mut Vec<u8>) -> Result<CMac> {
- use std::io::Read;
+ pub fn decrypt<P: AsRef<Path>>(&self, path: P, output: &mut impl Write) -> Result<CMac> {
let mut file = ProtectedFile::open_ex(path.as_ref(), &self.key)?;
- file.read_to_end(out)?;
+ let mut buffer = std::vec![0; FILE_CHUNK_SIZE];
+ loop {
+ let n = file.read(&mut buffer)?;
+ if n > 0 {
+ output.write(&buffer[..n])?;
+ } else {
+ break;
+ }
+ }
+ output.flush()?;
let cmac = file.current_meta_gmac()?;
Ok(cmac)
}
- pub fn encrypt<P: AsRef<Path>>(&self, path: P, content: &[u8]) -> Result<CMac> {
- use std::io::Write;
+ pub fn encrypt<P: AsRef<Path>>(&self, path: P, mut content: impl Read) -> Result<CMac> {
let mut file = ProtectedFile::create_ex(path.as_ref(), &self.key)?;
- file.write_all(content)?;
+ let mut buffer = std::vec![0; FILE_CHUNK_SIZE];
+ loop {
+ let n = content.read(&mut buffer[..])?;
+ if n > 0 {
+ file.write(&buffer[..n])?;
+ } else {
+ break;
+ }
+ }
file.flush()?;
let cmac = file.current_meta_gmac()?;
Ok(cmac)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@teaclave.apache.org
For additional commands, e-mail: commits-help@teaclave.apache.org