我正在使用attr_encrypted,并且使用不再具有访问权限的密钥对一些数据进行了加密。我想使用新密钥用新数据覆盖现有/旧数据。我该怎么办?
例如,考虑一下:
class User
attr_encrypted :account_number, key: ENV['ATTR_ENCRYPTED_KEY'] # new key
end
以下尝试失败,OpenSSL::Cipher::CipherError
u = User.first
u.account_number = '123456789' # error here!
u.save
基于堆栈跟踪(如下),我认为这是由于attr_encrypted首先尝试decrypt的事实-由于密钥不同,这显然不起作用。有没有办法避免这种情况,只用新密钥写入新数据和iv?
.../gems/encryptor-3.0.0/lib/encryptor.rb:98:in `final'
.../gems/encryptor-3.0.0/lib/encryptor.rb:98:in `crypt'
.../gems/encryptor-3.0.0/lib/encryptor.rb:49:in `decrypt'
.../bundler/gems/attr_encrypted-399c5dd168ca/lib/attr_encrypted.rb:246:in `decrypt'
.../bundler/gems/attr_encrypted-399c5dd168ca/lib/attr_encrypted.rb:335:in `decrypt'
.../bundler/gems/attr_encrypted-399c5dd168ca/lib/attr_encrypted.rb:164:in `block (2 levels) in attr_encrypted'
.../bundler/gems/attr_encrypted-399c5dd168ca/lib/attr_encrypted/adapters/active_record.rb:76:in `block in attr_encrypted'