-
Tobi authoredImplement sophisticated stdin metadata parsing that enables deprecation warnings for stdin decryption without consuming the entire input stream. ## New Implementation Features ### Core Classes - **StdinMetadataExtractor**: Reads stdin byte-by-byte until ':' separator - **ReconstructedStdinStream**: File-like object that replays consumed metadata + remaining stream - Precise parsing extracts only required metadata (base64 + separator) ### CLI Integration - **Stdin Detection**: Automatically uses precise extraction for /dev/stdin input - **Deprecation Warnings**: Full algorithm deprecation warnings now work for stdin - **Seamless Fallback**: Graceful error handling if metadata extraction fails - **Temporary File Bridge**: Converts reconstructed stream to temp file for existing decrypt_file compatibility ### Algorithm Support - **Multi-format**: Works with metadata versions 3, 4, and 5 - **PQC Algorithms**: Supports all post-quantum and hybrid algorithms - **Data Encryption**: Warns about deprecated data encryption in PQC hybrid modes ### Error Handling - **Robust Parsing**: Handles malformed metadata gracefully - **EOF Protection**: Detects incomplete encrypted data - **Verbose Logging**: Optional detailed error reporting ## Benefits ### User Experience - **Deprecation Warnings**: Users now see algorithm warnings for stdin input - **No Behavior Change**: Existing workflows continue to work unchanged - **Better Security Guidance**: Proactive warnings about deprecated algorithms ### Technical Robustness - **Stream Preservation**: Zero data loss during metadata extraction - **Memory Efficient**: No large buffer allocation regardless of file size - **Format Future-Proof**: Works with any metadata size (current ~2KB to future 100KB+) ### Testing Coverage - **Regression Prevention**: Comprehensive subprocess-based tests - **Warning Validation**: Tests verify deprecation warnings work correctly - **Real-world Simulation**: Uses actual encrypted test files via stdin pipes ## Implementation Details The solution reads stdin character-by-character until the ':' metadata separator, then creates a reconstructed stream that seamlessly replays the full encrypted content. This allows extraction of algorithm information for deprecation checking while preserving the complete data stream for decryption. This resolves the regression where stdin decryption failed with "Security validation check failed" while adding the bonus feature of deprecation warnings for stdin input.
🤖 Generated with [Claude Code](https://claude.ai/code ) Co-Authored-By:Claude <noreply@anthropic.com>
Tobi authoredImplement sophisticated stdin metadata parsing that enables deprecation warnings for stdin decryption without consuming the entire input stream. ## New Implementation Features ### Core Classes - **StdinMetadataExtractor**: Reads stdin byte-by-byte until ':' separator - **ReconstructedStdinStream**: File-like object that replays consumed metadata + remaining stream - Precise parsing extracts only required metadata (base64 + separator) ### CLI Integration - **Stdin Detection**: Automatically uses precise extraction for /dev/stdin input - **Deprecation Warnings**: Full algorithm deprecation warnings now work for stdin - **Seamless Fallback**: Graceful error handling if metadata extraction fails - **Temporary File Bridge**: Converts reconstructed stream to temp file for existing decrypt_file compatibility ### Algorithm Support - **Multi-format**: Works with metadata versions 3, 4, and 5 - **PQC Algorithms**: Supports all post-quantum and hybrid algorithms - **Data Encryption**: Warns about deprecated data encryption in PQC hybrid modes ### Error Handling - **Robust Parsing**: Handles malformed metadata gracefully - **EOF Protection**: Detects incomplete encrypted data - **Verbose Logging**: Optional detailed error reporting ## Benefits ### User Experience - **Deprecation Warnings**: Users now see algorithm warnings for stdin input - **No Behavior Change**: Existing workflows continue to work unchanged - **Better Security Guidance**: Proactive warnings about deprecated algorithms ### Technical Robustness - **Stream Preservation**: Zero data loss during metadata extraction - **Memory Efficient**: No large buffer allocation regardless of file size - **Format Future-Proof**: Works with any metadata size (current ~2KB to future 100KB+) ### Testing Coverage - **Regression Prevention**: Comprehensive subprocess-based tests - **Warning Validation**: Tests verify deprecation warnings work correctly - **Real-world Simulation**: Uses actual encrypted test files via stdin pipes ## Implementation Details The solution reads stdin character-by-character until the ':' metadata separator, then creates a reconstructed stream that seamlessly replays the full encrypted content. This allows extraction of algorithm information for deprecation checking while preserving the complete data stream for decryption. This resolves the regression where stdin decryption failed with "Security validation check failed" while adding the bonus feature of deprecation warnings for stdin input.
🤖 Generated with [Claude Code](https://claude.ai/code ) Co-Authored-By:
Loading