Allow passing message size hint

Also, set the AEAD chunk size to the message size hint (or the actual message size, when known).
ProtonMail · Dec 10, 2024 · f40bc00 · f40bc00
1 parent d3fe807
commit f40bc00
Show file tree

Hide file tree

Showing 3 changed files with 26 additions and 0 deletions.
diff --git a/crypto/encryption.go b/crypto/encryption.go
@@ -10,6 +10,11 @@ type EncryptionProfile interface {
 // PGPEncryption is an interface for encrypting messages with GopenPGP.
 // Use an EncryptionHandleBuilder to create a PGPEncryption handle.
 type PGPEncryption interface {
+	// SetMessageSizeHint gives the encryption handle a hint about the
+	// expected size of the message, in order to set an appropriate chunk
+	// size when using AEAD. Nothing will break when the message size hint
+	// turns out to be wrong.
+	SetMessageSizeHint(messageSizeHint int)
 	// EncryptingWriter returns a wrapper around underlying output Writer,
 	// such that any write-operation via the wrapper results in a write to an encrypted pgp message.
 	// If the output Writer is of type PGPSplitWriter, the output can be split to multiple writers

diff --git a/crypto/encryption_core.go b/crypto/encryption_core.go
@@ -94,6 +94,17 @@ func (eh *encryptionHandle) prepareEncryptAndSign(
 	config = eh.profile.EncryptionConfig()
 	config.Time = eh.clock
 
+	if config.AEADConfig != nil {
+		chunkSize := config.AEADConfig.ChunkSize
+		if eh.messageSizeHint < 1<<(config.AEADConfig.ChunkSizeByte()+6) {
+			chunkSize = uint64(eh.messageSizeHint)
+		}
+		config.AEADConfig = &packet.AEADConfig{
+			DefaultMode: config.AEADConfig.DefaultMode,
+			ChunkSize:   chunkSize,
+		}
+	}
+
 	compressionConfig := eh.selectCompression()
 	config.DefaultCompressionAlgo = compressionConfig.DefaultCompressionAlgo
 	config.CompressionConfig = compressionConfig.CompressionConfig

diff --git a/crypto/encryption_handle.go b/crypto/encryption_handle.go
@@ -62,6 +62,8 @@ type encryptionHandle struct {
 
 	encryptionTimeOverride Clock
 	clock                  Clock
+
+	messageSizeHint int
 }
 
 // --- Default decryption handle to build from
@@ -74,6 +76,13 @@ func defaultEncryptionHandle(profile EncryptionProfile, clock Clock) *encryption
 }
 
 // --- Implements PGPEncryption interface
+// SetMessageSizeHint gives the encryption handle a hint about the
+// expected size of the message, in order to set an appropriate chunk
+// size when using AEAD. Nothing will break when the message size hint
+// turns out to be wrong.
+func (eh *encryptionHandle) SetMessageSizeHint(messageSizeHint int) {
+	eh.messageSizeHint = messageSizeHint
+}
 
 // EncryptingWriter returns a wrapper around underlying output Writer,
 // such that any write-operation via the wrapper results in a write to an encrypted pgp message.
@@ -95,6 +104,7 @@ func (eh *encryptionHandle) EncryptingWriter(outputWriter Writer, encoding int8)
 
 // Encrypt encrypts a plaintext message.
 func (eh *encryptionHandle) Encrypt(message []byte) (*PGPMessage, error) {
+	eh.messageSizeHint = len(message)
 	pgpMessageBuffer := NewPGPMessageBuffer()
 	// Enforce that for a PGPMessage struct the output should not be armored.
 	encryptingWriter, err := eh.EncryptingWriter(pgpMessageBuffer, Bytes)