search

ankit8898 / carrierwave_encrypter_decrypter

Secure your Carrierwave file uploads/uploaded files by Encryption and Decryption using Openssl AES and OpenSSL::PKCS5
28 stars 24 forks source link

Cannot decrypt file when saving outside default folder #3

Open eseca opened 9 years ago

eseca commented 9 years ago

I want to upload the files in another destination, upload at project root. So I got the following configuration in config/initializers/carrierwave.rb

CarrierWave.configure do |config|
  config.permissions = 0600
  config.directory_permissions = 0700
  config.storage = :file
  config.root = Rails.root
end

My uploader has the following 

class CerUploader < CarrierWave::Uploader::Base

  storage :file

  after :store, :encrypt_file

  def store_dir
    "uploads/#{model.class.to_s.underscore}/#{model.id}"
  end

  def extension_white_list
    %w(cer)
  end

  def encrypt_file(file)
    Carrierwave::EncrypterDecrypter::Uploader.encrypt(self)
  end

end

Upload and encryption work fine. Decrypting the file won't work. When running the command in rails console this is what I get:

irb(main):001:0> Carrierwave::EncrypterDecrypter::Downloader.decrypt(Company.last, mounted_as: :cerfile)
  Company Load (1.3ms)  SELECT  "companies".* FROM "companies"   ORDER BY "companies"."id" DESC LIMIT 1
****************************No such file or directory @ rb_sysopen - /uploads/company/2/readme.cer
****************************[
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `initialize'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `open'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `decrypt_for'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/decryption.rb:10:in `start!'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/downloader.rb:6:in `decrypt'", "(irb):1:in `irb_binding'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/workspace.rb:86:in `eval'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/workspace.rb:86:in `evaluate'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/context.rb:380:in `evaluate'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:492:in `block (2 levels) in eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:624:in `signal_status'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:489:in `block in eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:247:in `block (2 levels) in each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:233:in `loop'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:233:in `block in each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:232:in `catch'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:232:in `each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:488:in `eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:397:in `block in start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:396:in `catch'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:396:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/console.rb:90:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/console.rb:9:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/commands_tasks.rb:69:in `console'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/commands_tasks.rb:40:in `run_command!'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands.rb:17:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `block in require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:232:in `load_dependency'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `require'",
"/home/axl/coding/bfq/bin/rails:8:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `block in load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:232:in `load_dependency'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/commands/rails.rb:6:in `call'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/command_wrapper.rb:38:in `call'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:180:in `block in serve'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:153:in `fork'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:153:in `serve'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:128:in `block in run'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:122:in `loop'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:122:in `run'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application/boot.rb:18:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'",
"-e:1:in `<main>'"]
=> nil
hrodrig commented 9 years ago

In ~/.rvm/gems/ruby-2.2.1/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb and pkcs5.rb

must change:

... original_file_path = obj.send(mounted_as).root + obj.send(mounted_as).url encrypted_file_path = obj.send(mounted_as).root + obj.send(mounted_as).url + ".enc"

with: .... original_file_path = File.join(obj.send(mounted_as).root, obj.send(mounted_as).url) encrypted_file_path = original_file_path.to_s + ".enc"

rtplvaibhav commented 8 years ago

Hi ,

I have used the same code on aes.rb and after that I restart rails server. It still not decypting file outside public folder. However it is encypting and decypting file in my public folder.

I am facing below error while decypting file.

"No such file or directory @ rb_sysopen - /Users/myname/Ruby/myproject/documents/anyfile.doc"

Kindly help to resolve this issue.

ciaranc78 commented 5 years ago

Hi, I'm having the same problem..did anyone find a solution?