Comments (2)
👍 for the fix. It bites me currently and prevents me from upgrading Rails
from crypt_keeper.
I think the fix in #110 might cause issues using search_by_plaintext
. If a blank string leaks into my table, I can no longer use search_by_plaintext
. If I delete any records with a blank string - I can scan my table again.
I'm not sure if this is a separate issue or not b/c PR #110 hasn't been merged yet.
[6] pry(main)> Lessee.search_by_plaintext(:ssn, '123').any?
Lessee Exists (353.1ms) SELECT 1 AS one FROM "lessees" WHERE pgp_sym_decrypt([FILTERED]) LIMIT $1 [["LIMIT", 1]]
=> false
[7] pry(main)> ssn.update_attributes(ssn: '')
(0.2ms) BEGIN
SQL (0.4ms) UPDATE "lessees" SET "updated_at" = $1, "ssn" = $2 WHERE "lessees"."id" = $3 [["updated_at", "2018-01-17 21:07:29.278633"], ["ssn", ""], ["id", 1111]]
(1.9ms) COMMIT
=> true
[8] pry(main)> Lessee.search_by_plaintext(:ssn, '123').any?
Lessee Exists (120.4ms) SELECT 1 AS one FROM "lessees" WHERE pgp_sym_decrypt([FILTERED]) LIMIT $1 [["LIMIT", 1]]
ActiveRecord::StatementInvalid: PG::ExternalRoutineInvocationException: ERROR: Wrong key or corrupt data
: SELECT 1 AS one FROM "lessees" WHERE ((pgp_sym_decrypt(cast("ssn" AS bytea), '[MANUALLY FILTERED') = '123')) LIMIT $1
from /Users/danielrice/.rvm/gems/ruby-2.4.2/gems/rack-mini-profiler-0.10.5/lib/patches/db/pg.rb:90:in `async_exec'
As a workaround I can add an extra scope in my code to filter out blank values.
Lessee.where.not(ssn: '').search_by_plaintext(:ssn, '123').any?
Lessee Exists (339.6ms) SELECT 1 AS one FROM "lessees" WHERE ("lessees"."ssn" != $1) AND pgp_sym_decrypt([FILTERED]) LIMIT $2 [["ssn", ""], ["LIMIT", 1]]
=> false
from crypt_keeper.
Related Issues (20)
- ActiveRecord::SubclassNotFound: Invalid single-table inheritance type: Firm is not a subclass of
- Feature Request: Sorting encrypted attributes
- Failure to support encryption for :string column type HOT 3
- jamming config.active_record.verbose_query_logs = true HOT 1
- Delayed job: ActiveSupport::MessageEncryptor::InvalidMessage HOT 15
- How to use WHERE LIKE queries on encrypted fields? HOT 1
- Rails 6 support HOT 1
- Rails 6 support HOT 9
- ActiveRecord send indavlid data to database using PostgresPgp with binary column type HOT 3
- undefined method `crypt_keeper' for CryptKeeper::Model::ClassMethods:Module
- String length validation for encrypted filed? HOT 3
- Support Rails 6.1.0 HOT 5
- ActiveSupport::MessageEncryptor::InvalidMessage after upgrading from Rails 5.2.6 to 6.0.4 HOT 2
- Devise & Crypt-Keeper for same model HOT 2
- Incorrect rails 7 dependency specified in Gemspec HOT 5
- crypt_keeper re-encrypts attributes on every save HOT 1
- Cannot have multiple encryptors on one model HOT 2
- Allow rails 7.0.X HOT 3
- `decrypt_table!` fails with unencrypted data
- crypt_keeper 2.3.0 not compatible with rails 7.0.8.4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from crypt_keeper.