Open vcsjones opened 3 years ago
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.
Tagging subscribers to this area: @bartonjs, @vcsjones, @krwq, @GrabYourPitchForks See info in area-owners.md if you want to be subscribed.
Author: | vcsjones |
---|---|
Assignees: | - |
Labels: | `area-System.Security`, `untriaged` |
Milestone: | - |
Much of this was already done in #55090 already - but it's non-trivial and should be done post-6.0.
This would be appreciated by the https://github.com/gpailler/MegaApiClient project. The mega.nz file hoster uses a custom encryption system based on chained AES calls. No existing mode can do that. So for each block, there needs to be an ECB call. This leads to a very chatty API use with lots of overhead.
This Mega client library is used by the popular https://github.com/duplicati/duplicati project. It's a client-side encrypted backup solution.
@vcsjones Checked the boxes at the top that I think are done now. Uncheck them if you disagree, of course :smile:.
@vcsjones for the item:
Cache algorithm instance handles but remain thread safe. We could store the handles in a ThreadLocal or similar.
maybe worth checking if BCryptDuplicateKey can be used on an already imported key.
With #2406 merged, we got the basic API shape in and functioning. As follow up work, there are a few places we can optimize for better performance:
Reset
after performing a one-shot operation. Since it's only used one time, there is no point of performing a reset right before it gets disposed.ThreadLocal
or similar.