Y
Hacker News
new
|
ask
|
show
|
jobs
by
gruez
2176 days ago
>which means you need to buffer the whole ciphertext in memory, defeating the streaming functionality of the service
Can't you generate an IV, write it out to the stream, then encrypt/write the ciphertext?
2 comments
rakoo
2175 days ago
You could indeed, I didn't think of that. But it starts to beheavier and heavier, and the risk of making subtle mistakes increases. That's why it's better to use tools that do it properly, like age (
https://github.com/FiloSottile/age
)
link
LeoPanthera
2176 days ago
You can specify an IV with -iv. If you don't, the IV is derived from the password.
link