Read each identity file in a single pass #354
Conversation
read_identities now performs a single pass over each identity file in
order to read it. Besides being perhaps a bit more efficient by reducing
the amount of I/O performed by rage, the main improvement that this
allows is that it's now possible to pass in the key from another program
or through some sort of keychain. For instance, it's now possible to
pass in a key using process substitution, i.e.
rage -d -i <(...) encrypted_file.age
This also makes the behavior of rage a little more consistent with the
reference implementation (which allows this behavior).
kernelmethod
force-pushed
the
read_identities_single_pass
branch
from
e50ed21
to
8358506
Compare
|
It seems like the only downside of this (other than potentially being an abuse of the command-line interface) is that this would store the identity file entirely in-memory. As far as I know, though, there aren't many use cases where an identity file would be large enough to cause that to be a significant issue. Would be happy to be corrected, though. |
|
Given that all of the parsers are internally combinatorial, I think it would make more sense to rework this function to itself be a combinatorial parser around each alternative's inner parser. The existing parsers already cache the data in memory, but by only reading as we validate it against a supported parser, we don't run the risk of loading a giant unsupported file into memory. |
|
Replaced by #458. |
read_identities now performs a single pass over each identity file in order to read it. Besides being perhaps a bit more efficient by reducing the amount of I/O performed by rage, the main improvement that this allows is that it's now possible to pass in the key from another program or through some sort of keychain. For instance, it's now possible to pass in a key using process substitution, i.e.
This also makes the behavior of rage a little more consistent with the reference implementation (which allows this behavior).