-
Notifications
You must be signed in to change notification settings - Fork 597
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add encrypted_payload_len
to MessageEncrypter
#1579
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1579 +/- ##
==========================================
- Coverage 96.41% 96.12% -0.30%
==========================================
Files 75 76 +1
Lines 15523 15755 +232
==========================================
+ Hits 14967 15144 +177
- Misses 556 611 +55
... and 31 files with indirect coverage changes 📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense to have something for this!
I agree respinning this as something more like fn encryption_overhead() -> usize
is preferable if it can be made to work.
rustls/src/crypto/cipher.rs
Outdated
@@ -132,6 +132,10 @@ pub trait MessageEncrypter: Send + Sync { | |||
/// Encrypt the given TLS message `msg`, using the sequence number | |||
/// `seq which can be used to derive a unique [`Nonce`]. | |||
fn encrypt(&self, msg: BorrowedPlainMessage, seq: u64) -> Result<OpaqueMessage, Error>; | |||
|
|||
/// returns the length of the cryptext that results from encrypting plaintext of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe spend a bit more attention on this docstring? (Proper capitalization, ideally a first line that is more concise, and probably don't use "cryptext"?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes I'd prefer it if we stick to "ciphertext", as elsewhere in the codebase and common in the TLS RFCs. (Styled as shown: one word, not hyphenated.)
Hm. It's not necessarily the case that the ciphertext length is a pure function on the plaintext length. It is definitely not a constant.
It would be good if the value sampled each time from this function was passed back into the encryption function itself. I'd expect this happens eventually anyway, because presumably we'll change the APIs to take an mut output slice? For the same reason, it is generally unknowable what the plaintext size for a given cipher text prior to decrypting it -- it definitely is not |
but can that be upper bounded? the
not sure I follow. do you mean that the user of let plaintext;
let encrypted_len = encrypter.encrypted_payload_len(plaintext.len());
let cryptext = encrypter.encrypt(plaintext, encrypted_len);
the way if we change |
Upper bound is 2**14 + 1 bytes.
I was thinking more like:
So, yes, the same as what you're describing I think? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
one docs nit, but otherwise i'm happy with this
d467a75
to
2f561a4
Compare
ah, I now see what you meant. yeah, using it like that makes sense. I have tweaked the doc comment and squashed the commits |
2f561a4
to
160011b
Compare
@cpu I've addressed your comments |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, LGTM
I think |
The
LlConnection
API proposed in RFC #1420 returns an error when the user attempts to encrypt app-data that won't fit in the provided buffer. To perform this check is necessary to compute the size of the resulting TLS record(s) without performing any encryption or encoding as that would be expensive in the retry cases where the end-user will call theencrypt
API twice. To compute the size,MessageEncrypter
implementations need to provide the post-encryption size.This has been send as a separate PR from #1578 because it's a semver breaking change and it would be good to get it into the 0.22 release.
I'm submitting @pvdrz 's implementation as it but would it make sense to have
MessageEncrypter
report the encryption overhead (e.g.fn encryption_overhead(&self) -> usize
), which appears to be constant in all in-tree implementations, instead?