Streaming hybrid encryption/decryption API

[charredlot]

Hi

I was wondering if y'all were planning on adding a streaming hybrid encryption/decryption API (similar to the existing streamingaead)? It would be useful for encrypting and decrypting large files.

Is your feature request related to a problem?

The existing HybridEncrypt API requires loading the entire plaintext into a slice which isn't great for large files.

Describe the solution you'd like

A streaming HybridEncrypt API that takes an io.Writer (and corresponding streaming HybridDecrypt of course) similar to streamingaead

Describe alternatives you've considered

• We'd rather use tink than rolling our own out of the primitives.
• We could chunk the file and call HybridEncrypt.Encrypt repeatedly but that seems inefficient for speed and file size and problematic when reassembling the chunks
• I tried combining the existing hybrid encryption ECIES with the existing streamingaead in this commit and it functions, but I don't know if it makes sense to do that.

Additional context

[kste]

Yes, it's definitely something we want to add and we have someone looking into this.

[gdbelvin]

I'd like to add my support for this.

[lucastheisen]

Has there been any movement on this? I am also very interested in being able to encrypt large files with they hybrid approach. Also it would be nice if there was a way to know encrypted size ahead of time. Many data streaming libraries need to know the size of content before beginning the write.