[Cryptography-dev] "Streaming" APIs

Sat Sep 14 21:59:47 CEST 2013

I guess my other concern is that: Say you have 3 strings you want to put
into an encrypted blob, there's no longer a way to do that without
constructing a list or something encrypt([a, b, c]) works, but seems
unnatural.

Alex

On Sat, Sep 14, 2013 at 12:58 PM, Donald Stufft <donald at stufft.io> wrote:

> Yea I wasn't a huge fan of the name, I stole it from iterkeys() and I
> couldn't think of anything better :[
>
> On Sep 14, 2013, at 3:27 PM, Alex Gaynor <alex.gaynor at gmail.com> wrote:
>
> So I've thoguht about this some, I think the idea of using iterables in
> the API makes a ton of sense, but somehow the `x` and `iter_x` names don't
> sit right with me, does anyone have any better suggestions?
>
> Alex
>
>
> On Wed, Sep 11, 2013 at 7:19 PM, Donald Stufft <donald at stufft.io> wrote:
>
>> So one thing that's really handy to do with encryption is to be able to
>> (de|en)crypt things without needing to load the entire thing into memory.
>> Currently we support this in the encrypt API by doing:
>>
>> cipher = BlockCipher()
>>
>> enciphered = cipher.encrypt(block1)
>> enciphered += cipher.encrypt(block2)
>> enciphered += cipher.encrypt(block3)
>> enciphered += cipher.finalize()
>>
>> We needed to do this because we need to be able to call finalize() before
>> the encryption is "done".
>>
>> When I was messing with padding I ended up with an API that (for padding)
>> got around the need for an explicit finalize step but instead it required
>> passing the entire data stream into the function. However it supports
>> generators/iterators so you can still efficiently process large datasets.
>>
>> This api looks something like
>>
>> padder = Padding()
>>
>> padded1 = "".join(padder.pad("1234"))
>> padded2 = "".join(padder.pad(c for c in "1234"))
>>
>> However the downside of this API is that You need to call "".join() to
>> get actual strings or you need to do some ugly hacks inside of the pad()
>> function so it returns a string if given a string and returns a generator
>> if given a generator.
>>
>> A third option is similar to dictionaries on Python 2.x where you have
>> something like iterpad() and pad(). This could work for encryption as well
>> so we'd have iter_encrypt(), iter_decrypt(), encrypt() and decrypt().
>>
>> So I guess the question is how do we want to handle these streaming sorts
>> of APIs?
>>
>> 1) Thing.action() + Thing.finalize()
>> 2a) "".join(Thing.action(iterator))
>> 2b) Thing.action(terator OR string) - Magic return types
>> 3) Thing.action and Thing.iter_action
>> 4) ????
>>
>> -----------------
>> Donald Stufft
>> PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
>> DCFA
>>
>>
>> _______________________________________________
>> Cryptography-dev mailing list
>> Cryptography-dev at python.org
>> https://mail.python.org/mailman/listinfo/cryptography-dev
>>
>>
>
>
> --
> "I disapprove of what you say, but I will defend to the death your right
> to say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
> "The people's good is the highest law." -- Cicero
> GPG Key fingerprint: 125F 5C67 DFE9 4084
>  _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
>
> -----------------
> Donald Stufft
> PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
> DCFA
>
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>

-- 
"I disapprove of what you say, but I will defend to the death your right to
say it." -- Evelyn Beatrice Hall (summarizing Voltaire)
"The people's good is the highest law." -- Cicero
GPG Key fingerprint: 125F 5C67 DFE9 4084
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20130914/2c93d2db/attachment-0001.html>