ankit8898 / carrierwave_encrypter_decrypter Goto Github PK
View Code? Open in Web Editor NEWSecure your Carrierwave file uploads/uploaded files by Encryption and Decryption using Openssl AES and OpenSSL::PKCS5
Secure your Carrierwave file uploads/uploaded files by Encryption and Decryption using Openssl AES and OpenSSL::PKCS5
I am using the standard setup:
Carrierwave::EncrypterDecrypter.configure do |config|
config.encryption_type = :aes
config.key_size = 256
end
class ScreenshotUploader < CarrierWave::Uploader::Base
storage :file
after :store, :encrypt_file
def encrypt_file(file)
Carrierwave::EncrypterDecrypter::Uploader.encrypt(self)
end
def store_dir
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
end
end
However, files are being stored in their original form, not as .enc
files. The only difference I can think of between the suggested setup and my own setup is that I'm using Mongoid as db. I don't suppose that makes any difference though.
Any idea how to approach this?
I want to upload the files in another destination, upload
at project root. So I got the following configuration in config/initializers/carrierwave.rb
CarrierWave.configure do |config|
config.permissions = 0600
config.directory_permissions = 0700
config.storage = :file
config.root = Rails.root
end
My uploader has the following
class CerUploader < CarrierWave::Uploader::Base
storage :file
after :store, :encrypt_file
def store_dir
"uploads/#{model.class.to_s.underscore}/#{model.id}"
end
def extension_white_list
%w(cer)
end
def encrypt_file(file)
Carrierwave::EncrypterDecrypter::Uploader.encrypt(self)
end
end
Upload and encryption work fine. Decrypting the file won't work. When running the command in rails console this is what I get:
irb(main):001:0> Carrierwave::EncrypterDecrypter::Downloader.decrypt(Company.last, mounted_as: :cerfile)
Company Load (1.3ms) SELECT "companies".* FROM "companies" ORDER BY "companies"."id" DESC LIMIT 1
****************************No such file or directory @ rb_sysopen - /uploads/company/2/readme.cer
****************************[
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `initialize'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `open'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/openssl/aes.rb:46:in `decrypt_for'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/decryption.rb:10:in `start!'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/carrierwave_encrypter_decrypter-0.0.6/lib/carrierwave/encrypter_decrypter/downloader.rb:6:in `decrypt'", "(irb):1:in `irb_binding'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/workspace.rb:86:in `eval'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/workspace.rb:86:in `evaluate'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/context.rb:380:in `evaluate'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:492:in `block (2 levels) in eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:624:in `signal_status'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:489:in `block in eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:247:in `block (2 levels) in each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:233:in `loop'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:233:in `block in each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:232:in `catch'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb/ruby-lex.rb:232:in `each_top_level_statement'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:488:in `eval_input'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:397:in `block in start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:396:in `catch'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/irb.rb:396:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/console.rb:90:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/console.rb:9:in `start'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/commands_tasks.rb:69:in `console'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands/commands_tasks.rb:40:in `run_command!'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/railties-4.1.6/lib/rails/commands.rb:17:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `block in require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:232:in `load_dependency'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:247:in `require'",
"/home/axl/coding/bfq/bin/rails:8:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `block in load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:232:in `load_dependency'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/activesupport-4.1.6/lib/active_support/dependencies.rb:241:in `load'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/commands/rails.rb:6:in `call'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/command_wrapper.rb:38:in `call'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:180:in `block in serve'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:153:in `fork'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:153:in `serve'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:128:in `block in run'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:122:in `loop'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application.rb:122:in `run'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/gems/2.1.0/gems/spring-1.1.3/lib/spring/application/boot.rb:18:in `<top (required)>'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'",
"/home/axl/.rbenv/versions/2.1.2/lib/ruby/2.1.0/rubygems/core_ext/kernel_require.rb:55:in `require'",
"-e:1:in `<main>'"]
=> nil
Hi Ankit,
I am getting "String contains null byte" error while encrypting and uploading multiple documents in loop.
Below is my code.
params['doc'].each do |key, value|
name = params['doc'][key]['avatar'].original_filename;
file_extension = File.extname name;
file_base_name = File.basename(name, file_extension);
file_name = file_base_name.to_s+'_'+Time.now.to_i.to_s+"-"+random_number.to_s+"#{file_extension}";
params['doc'][key]['avatar'].original_filename = file_name
doc_type = DOCUMENT_TYPE[params['doc'][key]['type'].to_i][0].to_s;
if doc_type.include? "Other"
doc_type = 'Other';
end
@user_doc = [];
@user_doc = JobDocument.new(user_docs)
@user_doc.job_id = params[:job_id]
@user_doc.title = params['doc'][key]['title']
@user_doc.uploaded_by = 'user'
@user_doc.avatar = params['doc'][key]['avatar']
@user_doc.doc_type = doc_type
Rails.logger.debug("@@@@@@@@@Before Doc "+key.to_s+":#{@user_doc.inspect}")
if !@user_doc.save
error = 1
end
Rails.logger.debug("#########After Doc "+key.to_s+":#{@user_doc.inspect}")
end
My uploader looks like this:
class CsvUploader < CarrierWave::Uploader::Base
storage :file
after :store, :encrypt_file
def encrypt_file(file)
Carrierwave::EncrypterDecrypter::Uploader.encrypt(self)
end
def store_dir
"uploads/#{model.class.to_s.underscore}/#{mounted_as}/#{model.id}"
end
def extension_white_list
%w(cer)
end
end
...but the uploaded file is not encrypted. It's uploading the file to the correct place, but is not encrypting any of the data and no .cer
file is present. Any thoughts as to why that would be?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.