JrmKrb
commented
3 years ago Had the same issue after upgrading gem from 3.0.0 to 3.1.0, had to rollback as it'd break my app
Open bacancy-techn opened 3 years ago
JrmKrb
commented
3 years ago Had the same issue after upgrading gem from 3.0.0 to 3.1.0, had to rollback as it'd break my app
slhck
commented
2 years ago I had the same issue, and it does seem to be related to fetching the key from ENV.
joshbranham
commented
1 year ago If anyone with this issue is still having it, can you provide reproduction steps?
slhck
commented
1 year ago I think this was when upgrading Rails and Ruby between minor versions, but I cannot find the commits from that time to give you exact reproduction steps.
slhck
commented
1 year ago Ah, now I see. My problem was that I wanted to use it like this:
attr_encrypted :password, key: ENV.fetch("...")But that did not work and would always yield an empty string, ultimately resulting in the CipherError. Instead I had to use https://github.com/rubyconfig/config and fetch the env from there in settings.yml:
attr_encrypted :password, key: Settings.probe.password_encryption_keyThat is strange, I wonder if the key is being modified in some way when being fetched from ENV versus any other means. At the end of the day, it's just a string.
slhck
commented
1 year ago Yeah, I also couldn't wrap my head around it at the time. Sorry for not being able to provide more information.
joshbranham
commented
1 year ago No worries. Are you still seeing the issue, and do you know what Ruby and Rails version you were on? Interestingly you are mentioning the value is empty in ENV.fetch() which means it did get it from env but somewhere it was dropped.
I did a test locally, and in this test case the value was changed when set via ENV['']
irb(main):007:0> value = SecureRandom.random_bytes(32)
=> ",\xAA\xC1\x18\x1F\xB8\x8C\x05\xF4\x86\be\x8E\xDA\x87\xFE!x\xA4S\x1F\x18\xD8B\xA5s\x80\x9E\x9F\x8B\f\xC2"
irb(main):008:0> ENV['TEST'] = ",\xAA\xC1\x18\x1F\xB8\x8C\x05\xF4\x86\be\x8E\xDA\x87\xFE!x\xA4S\x1F\x18\xD8B\xA5s\x80\x9E\x9F\x8B\f\xC2"
=> ",\xAA\xC1\u0018\u001F\xB8\x8C\u0005\xF4\x86\be\x8Eڇ\xFE!x\xA4S\u001F\u0018\xD8B\xA5s\x80\x9E\x9F\x8B\f\xC2"
irb(main):009:0> value == ENV['TEST']
=> falseThis was a legacy app with Rails 4.2.10, attr_encrypted 3.0.3 and Ruby 2.4.3.
I got this error OpenSSL::Cipher::CipherError
I am using attr_encrypted gem for encrypt/decrypt data. When I use my secret key directly then it works fine. But when i am using key by ENV variable then I got above error. Anyone faced the similar issue? previous ruby version was 2.3.5, after updating 2.6.6 previous rails version was 4.1, after updating 5.2