2

I am using https://github.com/attr-encrypted/attr_encrypted for the encryptions of my active record for ***User model***who have following attributes.

 
  activation_hash string  
  details string  
  email string  
  imei string  
  password string  
  registration_id string  
  secure_hash string

I used these attributes as 

attr_encrypted_options.merge!(:prefix => 'android_', :suffix => '_sheild')  
attr_encrypted :activation_hash, :key => Getter::encryption_key, :encode => true  
attr_encrypted :active, :key => Getter::encryption_key, :encode => true  
attr_encrypted :code, :key => Getter::encryption_key, :encode => true  
attr_encrypted :details, :key => Getter::encryption_key, :encode => true  
attr_encryptor :email, :key => "this is awais"  
attr_encrypted :password, :key => Getter::encryption_key, :encode => true  
attr_encrypted :registration_id, :key => Getter::encryption_key, :encode => true  
attr_encrypted :secure_hash, :key => Getter::encryption_key, :encode => true
attr_encrypted :imei, :key => Getter::encryption_key, :encode => true

as mentioned in the attr_encrypted wiki but when i save the record empty string in stored in databases.

In Getter i have added the generic encryption key method..

    module Getter

      def self.encryption_key
        keys = OpenSSL::Cipher::Cipher.new('aes-256-cbc').random_iv
        return keys
      end
    end

Do i need to add migration with encrypted attributes i added in User model.. My aim to to encrypt the activerecord data and save that fields to databases and when i retrieve i can get decrypted record back but on DB level These records are not accessible.

Can you please tell me what i do wrong?? Do i need to switch gem??

Your suggestions are highly appreciated

Fahad Idrees
  • 188
  • 2
  • 2
  • 13
  • [From the doc](https://github.com/attr-encrypted/attr_encrypted#specifying-the-encrypted-attribute-name): "By default, the encrypted attribute name is encrypted_#{attribute} (e.g. attr_encrypted :email would create an attribute named encrypted_email). So, if you're storing the encrypted attribute in the database, you need to make sure the encrypted_#{attribute} field exists in your table." Do you have such fields in your database? – SylvainB Jun 17 '14 at 10:01

1 Answers1

2

According to the attr_encrypted documentation:

By default, the encrypted attribute name is encrypted_#{attribute} (e.g. attr_encrypted :email would create an attribute named encrypted_email). So, if you're storing the encrypted attribute in the database, you need to make sure the encrypted_#{attribute} field exists in your table.

It seems like you did not name your fields in the expected format.

SylvainB
  • 4,765
  • 2
  • 26
  • 39
  • Or you can rename them? – SylvainB Jun 17 '14 at 10:42
  • i need to add new columns in User Table.. ` encrypted_activation_hash encrypted_details encrypted_email encrypted_imei encrypted_password encrypted_registration_id ` If i have these attributes, then do i need to create user as user.encrypted_email="blah blah" or user.email= "blah blah" – Fahad Idrees Jun 17 '14 at 10:44
  • 1
    The first option, I would say. Edit: nevermind. I don't have a clue, you'll have to try it out. – SylvainB Jun 17 '14 at 10:51
  • how can i add encrypted data to these fieldes?? do i need to save as user.encrypted_email?? I did so but empty email is stored in DB :( Can you guide me to do this in proper manner – Fahad Idrees Jun 17 '14 at 11:00
  • My guess is that: since its used like an attr_accessor helper, in your rails app's code, you should use the name given as parameter next to the attr_encrypted call (therefore just "email" for encrypted_email) but in your migration, name the actual field encrypted_email. My guess is that attr_encrypted will work it out from there. – SylvainB Jun 17 '14 at 12:55