attr_encrypted gem在rails 6中不起作用
[英]attr_encrypted gem not working in rails 6
问题描述
I was using attr_encrypted (1.3.3) in rails 4.1 in User model with following details
我在用户 model 的 rails 4.1 中使用 attr_encrypted (1.3.3) 并提供以下详细信息
attr_encrypted :email, :key => 'some_key'
After upgrading the application to rails 6 attr_encrypted bumped to attr_encrypted (3.1.0) which uses encryptor (~> 3.0.0)将应用程序升级到 rails 6 后,attr_encrypted 撞到了使用加密器的 attr_encrypted (3.1.0) (~> 3.0.0)
in the encryptor (~> 3.0.0) new validation has been introduced在加密器 (~> 3.0.0) 中引入了新的验证
raise ArgumentError.new("key must be #{cipher.key_len} bytes or longer") if options[:key].bytesize < cipher.key_len
which raises ArgumentError (key must be 32 bytes or longer) exception for my existing key这raises ArgumentError (key must be 32 bytes or longer)异常
How can I attr_encrypted gem with rails 6 without breaking user functionality?如何在不破坏用户功能的情况下使用 rails 6 attr_encrypted gem?
2 个解决方案
解决方案1
2 2020-05-10 21:17:46
To use the old behaviour in the application of attr-encrypted gem you have to use some more parameters要在 attr-encrypted gem 应用程序中使用旧行为,您必须使用更多参数
Before:前:
attr_encrypted :email, :key => 'some_key'
Now:现在:
attr_encrypted :email, key: 'some_key', algorithm: 'aes-256-cbc', mode: :single_iv_and_salt, insecure_mode: true
If you have a key less than 32 bytes如果您的密钥少于 32 个字节
insecure_mode: true
will allow you to use shorter key.将允许您使用较短的密钥。
解决方案2
1 2020-05-10 13:53:50
That was a breaking change in version 2.0 of this gem.这是这个 gem 的 2.0 版本中的一个重大变化。 Default algorithm now "aes-256-gcm".现在默认算法为“aes-256-gcm”。 More details here https://github.com/attr-encrypted/attr_encrypted#the-algorithm-option更多细节在这里https://github.com/attr-encrypted/attr_encrypted#the-algorithm-option
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.