[Box Backup] Box Backup on Rails - Part 2
Fry, Joseph
boxbackup@fluffy.co.uk
Mon, 19 Mar 2007 16:49:12 -0400
> I just re-visited the webbased application we put together a=20
> short while ago.
>=20
> The application felt very slow. The reason for this we=20
> discovered was the ruby crypt library is a pure ruby=20
> implementation and therefore really slow.=20
> Also
> the "ezcrypt" libraries available which are a wrapper towards=20
> the OpenSSL API cannot be used since the "openssl" layer=20
> placed on top of the "raw" crypt routines imposes a lot of=20
> restrictions on key length etc and therefore cannot be used.
>=20
> Our solution was to create a small ".so" file which wraps the=20
> AES and Blowfish functions to be directly accessed from Ruby.=20
> This improved performance more than 100 times. If the ".so"=20
> file is not available it will fallback to the slow pure Ruby=20
> crypt library.
>=20
> Also, now files can be downloaded in the application=20
> interface. Only one file at a time can be downloaded=20
> currently. The file will be extracted on the web server and=20
> then be re-compressed using "zip" when sent to the client.
Ok... Forgive my confusion, I have been following the mailinglist for a =
while before I actually implement the software... So I haven't actually =
used BB yet
Anyway, I thought the files are encrypted before they are uploaded with =
BB. If that is the case, then how is it possible to download them via a =
web interface and have them be readable?
I assume that is what all your talk about crypto API's was reguarding... =
But even if that is the case, where are the keys stored? On the =
webserver?
Thanks,
Joe
--=20
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.14/727 - Release Date: =
3/19/2007 11:49 AM
=20