Comments (5)
ankane
commented on May 29, 2024
Hey @prcongithub, I've tested this and Blind Index in the past with JRuby and both worked (after a bug fix in JRuby), but there isn't/won't be official support for it. However, as long as JRuby follows MRI behavior, it should work.
from lockbox.
prcongithub
commented on May 29, 2024
Any specific version of JRuby it worked on? I am facing an issue with JRuby-9.2.6.0
I have added some logs to decode_key method in utils to see what was happening.
def self.decode_key(key, size: 32, name: "Key")
puts "Size: #{size}"
puts "[Before] Key: #{key}"
puts "[Before] Encoding: #{key.encoding}"
puts "[Before] Bytesize: #{key.bytesize}"
if key.encoding != Encoding::BINARY && key =~ /\A[0-9a-f]{#{size * 2}}\z/i
puts "************ Packing Key ************"
key = [key].pack("H*")
end
puts "[After] Key: #{key}"
puts "[After] Encoding: #{key.encoding}"
puts "[After] Bytesize: #{key.bytesize}"
puts "*******************************************************************"
raise Lockbox::Error, "#{name} must be 32 bytes (64 hex digits)" if key.bytesize != size
raise Lockbox::Error, "#{name} must use binary encoding" if key.encoding != Encoding::BINARY
key
end
The problem is, the string key is returning the encoding as ASCII-8BIT when it actually should be UTF-8.
irb(main):004:0> u = User.last
=> #<User _id: BSON::ObjectId('5efb21de7e1ac092a8f2f368'), aadhar_number_bidx: nil, access_tokens: [], activated_at: nil, activated_by_id: nil, authentication_token: "tnsbAzDJe9arD2WzdmqF", authentication_token_created_at: nil, company_documents: nil, company_ids: [], created_at: Tue, 30 Jun 2020 11:28:30 UTC +00:00, email: "[email protected]", is_suspended: false, last_active_at: nil, last_logged_in_at: nil, last_logged_out_at: nil, mobile: nil, name: "Prashant Chaudhari", role_ids: [BSON::ObjectId('5d2422ff5cf6d1c86eacd927')], role_names: ["User"], suspended_at: nil, suspended_by_id: nil, time_zone: "Asia/Kolkata", updated_at: Tue, 30 Jun 2020 11:28:30 UTC +00:00, username: "[email protected]">
irb(main):005:0> u.aadhar_number = "123"
Size: 32
[Before] Key: ef5cbc7f005bee2cef738b6e65e3baed8fe3d86a8c12020e151c7cf1dc212abb
[Before] Encoding: UTF-8
[Before] Bytesize: 64
************ Packing Key ************
[After] Key: �\�[�,�s�ne������j�����|��!*�
[After] Encoding: ASCII-8BIT
[After] Bytesize: 32
*******************************************************************
Size: 32
[Before] Key: 5bc219803be8f85d21490eb612c5970333c0a9ac2e455ba0beef73ebbd93769f
[Before] Encoding: ASCII-8BIT
[Before] Bytesize: 64
[After] Key: 5bc219803be8f85d21490eb612c5970333c0a9ac2e455ba0beef73ebbd93769f
[After] Encoding: ASCII-8BIT
[After] Bytesize: 64
*******************************************************************
Traceback (most recent call last):
1: from (irb):5:in `evaluate'
Lockbox::Error (Key must be 32 bytes (64 hex digits))
irb(main):006:0>
Any ideas?
from lockbox.
ankane
commented on May 29, 2024
Try 9.2.8.0 or greater. The bug that was fixed was an encoding issue with unpack: jruby/jruby#5771
from lockbox.
ankane
commented on May 29, 2024
It looks like Lockbox was also doing some unnecessary encoding as well. It's removed on master, so that may work even with the JRuby issue.
from lockbox.
prcongithub
commented on May 29, 2024
Thanks, it worked with JRuby-9.2.9.0 for us. Closing this.
from lockbox.
Related Issues (20)
- Do we have option to run Migration skipping callbacks for the model HOT 1
- key rotation and GCM nonce collision HOT 2
- Lockbox Migration getting stopped without any errors HOT 1
- Feature Request: ActiveRecord support for Text type HOT 1
- Empty hash is encrypted as nil HOT 3
- Any chance of getting :jsonb type support? HOT 2
- Automating data migration HOT 1
- upsert and upsert_all support for ActiveRecord HOT 1
- Undefined method 'has_encrypted' HOT 1
- Active Record - Migrating Existing Data HOT 2
- Rotating master key gives ActiveRecord::RecordNotSaved HOT 1
- Decryption using PHP is not Working HOT 4
- Access to the unencrypted attachable when using ActiveStorage HOT 2
- [Question] - Migrating from `attr_encrypted` with `marshal: true` HOT 3
- Lockbox raises MissingAttributeError when encrypted attribute is backed by store_attribute when using select HOT 1
- `Lockbox.rotate` bypasses `default_scope` if passed a model HOT 1
- GCM-SIV HOT 1
- Devise Invalid Credentials after table name changed HOT 3
- Search in encrypted data HOT 1
- Unable to rotate encryption for fields having custom key_table HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lockbox.