Can I set a salt?

Question

Can I set a salt?

jifeon opened this issue 9 years ago · 4 comments

We keep encoded files in git, when I change one decoded line and re-encode a file all the hashes are changed. It's not useful to review a diff with a lot of fake changes. Can I set the salt somehow to get the same output for the same input?

Answer 1 · 2016-06-15T11:41:02.000Z

+1. This would be very handy indeed!

Answer 2 · 2016-06-28T13:28:03.000Z

@joker1007 should YAML_VAULT_SIGN_PASSPHRASE help me?

Answer 3 · 2016-06-30T14:44:08.000Z

I 'm sorry for late response.

yaml_vault can set salt correctly.
it is caused by different reason that all encrypted line is changed by re-encoding file.
This encryption is based on ActiveSupport::MessageEncryptor.
And ActiveSupport::MessageEncryptor use OpenSSL random initial vector.
This initial vector cannot change by public API. initial vector is always different value on each time.
I don't want to monkey patch to ActiveSupport::MessageEncryptor, and so this probrem is inevitable.

But, each initial vector has no relation.
Because of it, If you want to change only one line, you can copy the line from re-encoded file to current encoded file.
You can decrypt this file by same passphrase and same salt correctly.

Please forgive a little bit of effort.

Answer 4 · 2017-08-16T13:08:47.000Z

btw implemented https://github.com/plyo/node-yaml-vault to solve the issue. We intensively use node.js, so it's pure node.js solution. Maybe will be useful for somebody with same problems.