carrierwave_encrypter_decrypter
Advanced tools
A Rubygem to secure the file uploaded by encrypting the file later on decrypting when needed. Completely secure and depends on Ruby 2.0.0 OpenSSL::Cipher and OpenSSL::PKCS5
OpenSSL::Cipher
Provides symmetric algorithms for encryption and decryption.
OpenSSL::PKCS5
Provides password-based encryption functionality based on PKCS#5.
Add the gem to the Gemfile:
gem "carrierwave_encrypter_decrypter"
bundle install
Start off by trigerring the installer
rails g ced:install
This will create a initializer carrierwave_encrypter_decrypter
create config/initializers/carrierwave_encrypter_decrypter.rb
and a carrierwave_encrypter_decrypter.yml
create config/carrierwave_encrypter_decrypter.yml
the above will be used when you have the encryption_type as pkcs5.
The Gem support 2 ways OpenSSL::Cipher and OpenSSL::PKCS5
if you want to go with standard encryption in your config/initializers/carrierwave_encrypter_decrypter.rb select
Carrierwave::EncrypterDecrypter.configure do |config|
config.encryption_type = :aes
config.key_size = 256
end
if you want to go with password based encrption (pkcs5) in your config/initializers/carrierwave_encrypter_decrypter.rb select
Carrierwave::EncrypterDecrypter.configure do |config|
config.encryption_type = :pkcs5
config.key_size = 256
end
Note: Make sure you have the password set in config/carrierwave_encrypter_decrypter.yml
Now in your Uploader for eg app/uploaders/avatar_uploader.rb add the after store callback
class AvatarUploader < CarrierWave::Uploader::Base
after :store, :encrypt_file
def encrypt_file(file)
Carrierwave::EncrypterDecrypter::Uploader.encrypt(self)
end
end
Now create the migration on the model on which your uploader is mounted
rails g migration add_iv_and_key_to_users iv:binary key:binary
rake db:migrate
File Encryption
The File encryption will happen with Carrierwave::EncrypterDecrypter::Uploader.encrypt(self) once the file is uploaded you will find it with a extendion of .enc
File Decryption
The File Decryption will happen with
Carrierwave::EncrypterDecrypter::Downloader.decrypt(model,mounted_as: :avatar)
Where Model is the model on which the uploader is mounted. The Encrypted file will be decrypted in the same folder.
Eg Controller
def download
#This will decryt the file first
Carrierwave::EncrypterDecrypter::Downloader.decrypt(@user,mounted_as: :avatar)
file_path = @user.avatar.path
File.open(file_path, 'r') do |f|
send_data f.read, type: MIME::Types.type_for(file_path).first.content_type,disposition: :inline,:filename => File.basename(file_path)
end
#This is to remove the decrypted file after transfer
File.unlink(file_path)
end
The gem itself is released under the MIT license
:pray:
FAQs
Unknown package
We found that carrierwave_encrypter_decrypter demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.