This is an automated email from the ASF dual-hosted git repository. eiri pushed a commit to branch prototype/fdb-encryption in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 076b00dd1ca8d8d08a63b5ed471639fb13758f47 Author: Eric Avdey <[email protected]> AuthorDate: Thu Mar 5 12:14:02 2020 -0400 Add basic KEK cache --- src/fabric/src/fabric2_encryption.erl | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/src/fabric/src/fabric2_encryption.erl b/src/fabric/src/fabric2_encryption.erl index d0c5530..38dec1c 100644 --- a/src/fabric/src/fabric2_encryption.erl +++ b/src/fabric/src/fabric2_encryption.erl @@ -83,10 +83,11 @@ terminate(_, _St) -> handle_call({encode, DbName, DocId, DocRev, DocBody}, From, St) -> #{ iid := InstanceId, + cache := Cache, waiters := Waiters } = St, - {ok, KEK} = get_kek(DbName), + {ok, KEK} = get_kek(Cache, DbName), {Pid, _Ref} = erlang:spawn_monitor(?MODULE, do_encode, [KEK, InstanceId, DbName, DocId, DocRev, DocBody]), @@ -98,10 +99,11 @@ handle_call({encode, DbName, DocId, DocRev, DocBody}, From, St) -> handle_call({decode, DbName, DocId, DocRev, Encoded}, From, St) -> #{ iid := InstanceId, + cache := Cache, waiters := Waiters } = St, - {ok, KEK} = get_kek(DbName), + {ok, KEK} = get_kek(Cache, DbName), {Pid, _Ref} = erlang:spawn_monitor(?MODULE, do_decode, [KEK, InstanceId, DbName, DocId, DocRev, Encoded]), @@ -138,8 +140,10 @@ code_change(_OldVsn, St, _Extra) -> init_st() -> FdbDirs = fabric2_server:fdb_directory(), + Cache = ets:new(?MODULE, [set, private, compressed]), {ok, #{ iid => iolist_to_binary(FdbDirs), + cache => Cache, waiters => dict:new() }}. @@ -187,6 +191,12 @@ get_dek(KEK, DocId, DocRev) when bit_size(KEK) == 256 -> {ok, DEK}. -get_kek(DbName) -> - KEK = crypto:hash(sha256, DbName), - {ok, KEK}. +get_kek(Cache, DbName) -> + case ets:lookup(Cache, DbName) of + [{DbName, KEK}] -> + {ok, KEK}; + [] -> + KEK = crypto:hash(sha256, DbName), + true = ets:insert(Cache, {DbName, KEK}), + {ok, KEK} + end.
