在Rails应用程序中优雅地重新加密令牌
[英]Gracefully re-encrypting tokens in Rails app
问题描述
I inherited a Rails app that integrates with Facebook and encrypts a token sent from Facebook, which it saves as a user's identifying auth token. 
我继承了一个Rails应用程序,该应用程序与Facebook集成并加密从Facebook发送的令牌,它作为用户识别身份验证令牌保存。
For a variety of reasons, I ended up updating my Ruby, and some Gemfile changes have occurred which are causing issues with the app. 出于各种原因,我最终更新了我的Ruby,并且发生了一些Gemfile更改,这些更改导致应用程序出现问题。 The most significant one is a change to attr_encrypted , which, through the encrypted gem, handles the encryption of that Facebook token as it's saved to the database. 最重要的一个是对attr_encrypted的更改,它通过encrypted gem处理Facebook令牌保存到数据库时的加密。
The trouble is, the app, which is live and already has many users, has an base secret encryption key that is too short for the newly updated attr_encrypted 's security standards. 麻烦的是,该应用程序是现场的并且已经拥有许多用户,它的基本密钥加密密钥对于新更新的attr_encrypted的安全标准来说太短了。 Specifically, when I try to encrypt a token now (in tests for now; I haven't pushed these changes live), an error is thrown saying that the key needs to be 32 bytes. 具体来说,当我尝试加密一个令牌时(现在在测试中;我还没有实时推送这些更改),会抛出一个错误,说该密钥需要是32个字节。
The question: 问题:
Does anyone have a suggestion for updating to a more secure token? 有没有人建议更新到更安全的令牌? If I change the token, I assume that will break decryption of the token, so that I, potentially permanently, lose the ability to read/use all the user identity tokens in the database. 如果我更改了令牌,我认为这会破坏令牌的解密,因此我可能永久地失去了读取/使用数据库中所有用户身份令牌的能力。 That's obviously pretty problematic, so I wanted to double check my thinking here. 这显然是很有问题的,所以我想在这里仔细检查我的想法。
My current thought is a migration: Run a migration that loops through each identity, decrypts the stored token using my old key, and then saves a newly-encrypted token with a new, longer key. 我目前的想法是迁移:运行循环遍历每个身份的迁移,使用旧密钥解密存储的令牌,然后使用新的更长密钥保存新加密的令牌。
Then I can get rid of the old key without any issues. 然后我可以毫无问题地摆脱旧密钥。 Right? 对? Any issues anyone can think of regarding the peculiarities of the attr_encrypted gem or issues with encryption generally that I might not be thinking about? 任何人都可以想到有关attr_encrypted gem的特性或加密问题的任何问题,我通常不会考虑这些问题?
2 个解决方案
解决方案1
3 已采纳 2017-02-18 10:08:13
I see no problem with the migration as you have proposed it. 我认为迁移没有问题,因为你提出了它。
It seems the documentation has a helpful suggestion: 看来文档有一个有用的建议:
If your key is insufficient length relative to the algorithm that you use, you should also pass in
insecure_mode: true;insecure_mode: true;this will prevent Encryptor from raising an exception regarding insufficient key length.
This means that you can use the new version of attr-encrypted to run the migration as you proposed. 这意味着您可以使用新版本的attr-encrypted来按照您的建议运行迁移。
You should first do a dry run in order to see if all your keys and tokens were created equally and are able to be migrated in the same way. 您应首先进行干运行,以查看是否所有密钥和令牌都是相同的,并且能够以相同的方式迁移。 If they are, then you can run the re-encryption. 如果是,则可以运行重新加密。
解决方案2
0 2017-02-22 20:05:03
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.