Reputation: 2367
I was using attr_encrypted (1.3.3) in rails 4.1 in User model with following details
attr_encrypted :email, :key => 'some_key'
After upgrading the application to rails 6 attr_encrypted bumped to attr_encrypted (3.1.0) which uses encryptor (~> 3.0.0)
in the encryptor (~> 3.0.0) new validation has been introduced
raise ArgumentError.new("key must be #{cipher.key_len} bytes or longer") if options[:key].bytesize < cipher.key_len
which raises ArgumentError (key must be 32 bytes or longer)
exception for my existing key
How can I attr_encrypted gem with rails 6 without breaking user functionality?
Upvotes: 2
Views: 1501
Reputation: 2367
To use the old behaviour in the application of attr-encrypted gem you have to use some more parameters
Before:
attr_encrypted :email, :key => 'some_key'
Now:
attr_encrypted :email, key: 'some_key', algorithm: 'aes-256-cbc', mode: :single_iv_and_salt, insecure_mode: true
If you have a key less than 32 bytes
insecure_mode: true
will allow you to use shorter key.
Upvotes: 2
Reputation: 855
That was a breaking change in version 2.0 of this gem. Default algorithm now "aes-256-gcm". More details here https://github.com/attr-encrypted/attr_encrypted#the-algorithm-option
Upvotes: 1