This is only decrypting the archive.
The idea is that no data hits the disk that the user hasn't intended to hit the disk.
The toc, env vars and other meta data would be held in secret storage.
If the user is trying to extract a file then we load pages/frames related to the file into secret memory.
We then check if only that file is in the page (if possible we can do this check before loading it into secret memory)
If the page contains the contents of multiple files - some of which aren't to be extracted then we hold the page in secret memory. If the page only contains files that are to be decrypted we unlock the page.
I'm concerned about the performance considerations here as need quite low level code to be able to determine if a file is going to be decrypted - which implies we need to look at the glob patterns passed into the cli command - this feels expensive.
It might be cheaper to not do the check and just hold the page lock if it contains more than one file.
This is only decrypting the archive.
The idea is that no data hits the disk that the user hasn't intended to hit the disk.
The toc, env vars and other meta data would be held in secret storage.
If the user is trying to extract a file then we load pages/frames related to the file into secret memory.
We then check if only that file is in the page (if possible we can do this check before loading it into secret memory)
If the page contains the contents of multiple files - some of which aren't to be extracted then we hold the page in secret memory. If the page only contains files that are to be decrypted we unlock the page.
I'm concerned about the performance considerations here as need quite low level code to be able to determine if a file is going to be decrypted - which implies we need to look at the glob patterns passed into the cli command - this feels expensive.
It might be cheaper to not do the check and just hold the page lock if it contains more than one file.