Reputation: 2367
attr_encrypted gem not working in rails 6
I was using attr_encrypted (1.3.3) in rails 4.1 in User model with following details
attr_encrypted :email, :key => 'some_key'
After upgrading the application to rails 6 attr_encrypted bumped to attr_encrypted (3.1.0) which uses encryptor (~> 3.0.0)
in the encryptor (~> 3.0.0) new validation has been introduced
raise ArgumentError.new("key must be #{cipher.key_len} bytes or longer") if options[:key].bytesize < cipher.key_len
which raises ArgumentError (key must be 32 bytes or longer) exception for my existing key
How can I attr_encrypted gem with rails 6 without breaking user functionality?
Upvotes: 2
Views: 1501
Answers (2)
Reputation: 2367
To use the old behaviour in the application of attr-encrypted gem you have to use some more parameters
Before:
attr_encrypted :email, :key => 'some_key'
Now:
attr_encrypted :email, key: 'some_key', algorithm: 'aes-256-cbc', mode: :single_iv_and_salt, insecure_mode: true
If you have a key less than 32 bytes
insecure_mode: true
will allow you to use shorter key.
Upvotes: 2
Reputation: 855
That was a breaking change in version 2.0 of this gem. Default algorithm now "aes-256-gcm". More details here https://github.com/attr-encrypted/attr_encrypted#the-algorithm-option
Upvotes: 1
Related Questions
- Using attr_encrypted with rails 7
- Rails - decrypt attr_encrypted manually
- How to generate encryption key for use with attr_encrypted
- Changing attribute before attr_encrypted encrypts
- Ruby Rails attr_encrypted format encrypted attribute
- I am getting nil and Empty when used attr_encrypted for activerecord storage
- RoR: attr_encrypted is not saving data on database
- Rails decrypt attr_encryptable
- RoR: attr_encrypted assignment doesn't get written?
- attr_encrypted with rails