staticrypt icon indicating copy to clipboard operation
staticrypt copied to clipboard
verified publisher icon robinmoisson

Update hmac calculation

Open jimhark opened this issue 5 months ago • 0 comments

Summary

Update hmac calculation to avoid making an in-memory copy of the encrypted data.

Problem

The current way of calculating hmac requires making an in-memory copy of the encrypted data which is as large as the HTML file. Each copy increases RAM requirements and reduces the maximum file size that can be processed.

Proposed Solution

Avoid buffer copy by hashing in two steps:

hmac = sign( hashedPassword, iv + digest(encrypted) )

The sign operation is performed using a hash of encrypted as a proxy for encrypted, avoiding the need to copy the buffer.

Alternatives Considered

Alternatives are limited by the fact that the available crypto functions (encrypt, decrypt, sign) operate on in-memory buffers that are required to be complete. No streaming or partial block operations are provided.

Additional Context

This is part of a push to reduce RAM requirements so larger HTML files can be supported.

Related Issues or Pull Requests

#215, #217

jimhark avatar Jul 20 '25 20:07 jimhark