active_record_encryption icon indicating copy to clipboard operation
active_record_encryption copied to clipboard

Published 20 hours ago verified publisher icon alpaca-tc

default hash algorithm changed in rails7

Open nov opened this issue 2 years ago • 2 comments

The default hash algorithm used in ActiveSupport::KeyGenerator changed from SHA1 to SHA256.

It affects ActiveRecordEncryption::Encryptor::ActiveSupport and causes ActiveSupport::MessageVerifier::InvalidSignature when accessing to an attribute encrypted using SHA1.

nov avatar Feb 22 '23 03:02 nov

ps. in our current app, key_generator uses SHA1 on the first load. and once the app is reloaded (on development env), it changes the hash algorithm to SHA256.

nov avatar Feb 22 '23 03:02 nov

@nov Sorry for the delay in replying. If you have already fix this issue in your application, could you please send a PR?

alpaca-tc avatar Jun 09 '23 05:06 alpaca-tc