Rails 5 cipher.key key error "must be 32 bytes"

Question

Rails 5 cipher.key key error "must be 32 bytes"

New Rails app.

Rails version 5.0.0.1, version Ruby 2.4.0preview2.

Create the "demo" application, run a simple file to create the file and get an error when trying to view the scaffolds overview page (the base index file still loads the Welcome to Rails screen):

The argument Error in the ProductsController # index key must be 32 bytes:

cipher = new_cipher cipher.encrypt cipher.key = @secret # Rely on OpenSSL for the initialization vector iv = cipher.random_iv

The problematic line seems to be cipher.key = @secret.

I saw various mentions of the github repo for Rails that mention this problem, but everyone implied that it is now resolved in Rails 5.0.0.1

+13

ruby ruby-on-rails ruby-on-rails-5

TheMinimalCriminal Sep 28 '16 at 7:59

source share

9 answers

TheMinimalCriminal · Answer 1 · 2016-10-03T10:40:56+0000

Well, for my part there was a slight misunderstanding, it seems that the fix will be in 5.0.1, not 5.0.0.1

https://github.com/rails/rails/issues/26694

xxjjnn · Answer 2 · 2017-11-28T10:56:01+0000

Finally found a problem! This was from a fix ... https://bugs.ruby-lang.org/issues/12561

If you use a cipher, for example. 'aes-256-cfb', key_len - 32, found by:

 require 'openssl' cipher = OpenSSL::Cipher.new('aes-256-cfb') cipher.key_len # => 32

We mistakenly thought we needed to send 256 nonce characters, but actually you should send 32 nonce characters - or use cipher.random_key (which internally uses key_len ). This was never a problem because openssl trimmed nonce ... but now you need to send the right elongated nonce.

We got this error when updating ruby from 2.3.4 to 2.4.2.

Naomi wu · Answer 3 · 2017-05-24T04:02:05+0000

try the following:

 rake db:create rake db:migrate

the most important thing:

 bundle update

This works for me.

Bater · Answer 4 · 2017-09-01T06:58:47+0000

Use random_key so that it always matches.

 key = cipher.random_key cipher.key = key

link http://ruby-doc.org/stdlib-2.0.0/libdoc/openssl/rdoc/OpenSSL/Cipher.html

Flyingv · Answer 5 · 2018-01-07T15:49:00+0000

Solution :

Edit your gemfile
Add the following line: gem 'rails', '~> 5.0.0', '> = 5.0.0.1'
install package
Optional: I am using ruby2-4.1. (rvm install ruby-2.4.1)

Rational : rails prior to 5.0.0 seems to contain an error that causes this problem. The error was resolved in the latest version of Rails. If you claim that you are following the Rails installation guide ( http://railsapps.imtqy.com/installrubyonrails-mac.html ), you are likely to encounter this problem at this publication date.

This fix works and is being tested.

DVislearning · Answer 6 · 2018-03-05T05:59:27+0000

I had this problem too, and I fixed it by running

 bundle update

Make sure the latest version of the rails is installed.

Ahmed J. · Answer 7 · 2018-04-17T09:37:25+0000

The same error occurred: starting a package update should help

Govind shaw · Answer 8 · 2019-05-21T09:24:27+0000

Please use Digest :: MD5 to reach 32 bytes

 require 'openssl' require 'digest' require 'base64' data = "encrypt me" secret_key = "asd3dssdf34HDas" c = OpenSSL::Cipher.new("aes-256-cbc") c.encrypt c.key = Digest::MD5.hexdigest(secret_key) # this will convert key length into 32 encrypted_data = c.update(data.to_s) + c.final encrypted_data = Base64.urlsafe_encode64(encrypted_data, padding: false) #padding: false will remove '/', '+' from encrypted data encrypted_data.gsub! "\n",""

Or just use a 32 byte private key

 data = "encrypt me" secret_key = "Aswertyuioasdfghjkqwertyuiqwerty" c = OpenSSL::Cipher.new("aes-256-cbc") c.encrypt c.key = secret_key encrypted_data = c.update(data.to_s) + c.final

Chris · Answer 9 · 2019-08-23T13:38:06+0000

This problem turns out to be related to the key that you are using. Without changing the key, you can use the code below to convert the key to 32 bytes:

attr_encrypted: attribute, key: ENV ['MY_KEY']. bytes [0..31] .pack ("c" * 32)

Rails 5 cipher.key key error "must be 32 bytes"

More articles: