Re: [Cryptography-dev] Supporting "memory view" and stream output

Sun, 13 Dec 2015 09:47:05 -0800 

cffi's architecture unfortunately imposes some limitations on support for 
memoryviews (specifically, no support for them with bytes/bytearray) when 
passing data. You can get some information about the challenges from these 
pages:
* https://bitbucket.org/cffi/cffi/issues/47/creating-a-cdata-from-a-bufferhttps://bitbucket.org/cffi/cffi/issues/65/support-memoryview-to-char-conversion

Here's an example of how we currently encrypt/decrypt in the OpenSSL backend:

    def update(self, data):
        <snip>
        buf = self._backend._ffi.new("unsigned char[]",
                                     len(data) + self._block_size - 1)
        outlen = self._backend._ffi.new("int *")
        res = self._backend._lib.EVP_CipherUpdate(self._ctx, buf, outlen, data,
                                                  len(data))
        self._backend.openssl_assert(res != 0)
        return self._backend._ffi.buffer(buf)[:outlen[0]]

There are a few potential wins that are available here (see: 
https://github.com/pyca/cryptography/pull/2163#issuecomment-123878138 and the 
resulting branch 
https://github.com/reaperhulk/cryptography/blob/cipher-optimizations-that-are-probably-a-bad-idea/src/cryptography/hazmat/backends/openssl/ciphers.py#L118),
 but without support for bytearray/bytes in memoryviews it's unclear to me how 
we can improve above and beyond what's in that branch. If you have some ideas 
we'd be happy to hear them!

-Paul Kehrer (reaperhulk)
On December 13, 2015 at 9:56:09 AM, Jesus Cea (j...@jcea.es) wrote:

When calling Cryptography with a memoryview I get this error:  

"""  
TypeError: initializer for ctype 'unsigned char *' must be a cdata  
pointer, not memoryview  
"""  

Memory view are useful to avoid copies, eating memory and CPU for no reason.  

In my personal situation, I have 4 MB blocks, each divided in 16 pieces  
of 256Kbytes independently encrypted. I must extract those 256Kbytes  
fragments to call cryptography, instead of just passing a memory view  
with the appropriate slice.  

A secondary request would be to provide a different option for output,  
for the same reason: provide a target for output: a bytearray/writable  
memory view, or a file-like object. For the same reason: avoiding copies  
and ease concatenation.  

Hope you find these suggestions useful.  

--  
Jesús Cea Avión _/_/ _/_/_/ _/_/_/  
j...@jcea.es - http://www.jcea.es/ _/_/ _/_/ _/_/ _/_/ _/_/  
Twitter: @jcea _/_/ _/_/ _/_/_/_/_/  
jabber / xmpp:j...@jabber.org _/_/ _/_/ _/_/ _/_/ _/_/  
"Things are not so easy" _/_/ _/_/ _/_/ _/_/ _/_/ _/_/  
"My name is Dump, Core Dump" _/_/_/ _/_/_/ _/_/ _/_/  
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz  

_______________________________________________  
Cryptography-dev mailing list  
Cryptography-dev@python.org  
https://mail.python.org/mailman/listinfo/cryptography-dev  

_______________________________________________
Cryptography-dev mailing list
Cryptography-dev@python.org
https://mail.python.org/mailman/listinfo/cryptography-dev

Reply via email to