-
Notifications
You must be signed in to change notification settings - Fork 21.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New app: "key must be 32 bits". #25185
Comments
Hmm, after some digging in some C code (💀), looks like there is a new breaking change in OpenSSL, which rejects certain values for Looking into fixes. |
Same issue (Rails 5.1.0.alpha1, ruby-2.4.preview1) |
I was having this issue yesterday. Very frustrating. Today I tried using bundle install without the exclusion of the production environment, and the error message is no longer coming up when I view localhost:3000/users. |
Fixed by #25192 |
…t can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since ruby/ruby@ce63526 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Fixes rails#25185
Thank you ! 👍 |
I'm still seeing this issue – freshly installed Ruby 2.4.0-dev and Rails 5.0.0. Any idea what the problem could be? |
…t can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since ruby/ruby@ce63526 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Fixes rails#25185
Temporary solution is to use Ruby 2.3.1. We'll need that patch to be backported to Rails 5 though before Christmas cc/ @vipulnsward |
❤️ ❤️ ❤️ |
Still experiencing this issue running Ruby 2.4.0preview2 and Rails 5.0.0.1 The "Welcome to Rails" index screen works, but problems occur as soon as I attempt to access a scaffold that I've generated. |
Fixed it with using the master branch. But |
@Marthyn what about branch 5-0-stable? |
…t can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since ruby/ruby@ce63526 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Fixes rails#25185
Hey Rafael, Sorry about the constant questions and Thanks for the help! |
The problem is about the ruby 2.4.0, just for now if you want a quick solution use ruby 2.3.1 |
I have got the same issue, while updating my ruby version and rails version. |
We default to using aes-256-cbc as our verification/signing cipher. It can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since ruby/ruby@ce63526 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Backport to Rails 4.2.8 of fix for rails#25185 Credit to @vipulnsward See: rails#25192
We default to using aes-256-cbc as our verification/signing cipher. It can accept key lengths of 128, 192 or 256-bit, whereas currently we were providing twice the acceptable value. ruby < 2.4 allowed accepting these values, as extra key bits were ignored. Since ruby/ruby@ce63526 this now has a strict checking on key length. Default to key length 32 bytes, to match the compatible length for aes-256-cbc Backport to Rails 4.2.8 of fix for rails#25185 Credit to @vipulnsward, @matthewd See: rails#25192 See: rails#25602
I was using ruby 2.4.0p0 (2016-12-24 revision 57164) [x86_64-linux] with rails 5.0.0.1. I update rails to 5.0.1 and it is fine now. |
🚴 » rails -v
Rails 4.2.8
🚴 » ruby -v
ruby 2.4.0p0 (2016-12-24 revision 57164) [x86_64-darwin14] Lot's of fails during tests :
|
Error is correct. We have a key size at 128. Sorry |
The whole thread assumes a ruby version of 2.4.0 but we are having the problem with ruby 2.3.3 and rails 4.2.3. We truncated the key... |
@AlexCppns Maybe you should check #28401 |
@benoittgt I couldn't relate to your link, however we upgraded to ruby 2.4.0/rails 4.2.8 and with the truncation trick, our app seems to be running again... touching wood. |
I'm not sure if this will help anyone. I was having the same error and I ran |
One of my gems was using the encryptor gem as a dependency, and if it went above 1.3.0, this happened. Added encryptor to my Gemfile, locked it at 1.3.0, and all is good again. Ruby 2.3.4/Rails 5.0.1 (and Rails 4.2) |
rails/rails#25185 maclover7: ``` Hmm, after some digging in some C code (💀), looks like there is a new breaking change in OpenSSL, which rejects certain values for key=, which is the bug you are running into. :( ```
rails/rails#25185 maclover7: ``` Hmm, after some digging in some C code (💀), looks like there is a new breaking change in OpenSSL, which rejects certain values for key=, which is the bug you are running into. :( ```
rails/rails#25185 maclover7: ``` Hmm, after some digging in some C code (💀), looks like there is a new breaking change in OpenSSL, which rejects certain values for key=, which is the bug you are running into. :( ```
I still have the same issue when upgrading from ruby version |
I was experiencing this issue earlier my solution is described beneath the heading element at the bottom of this comment. Rails and Ruby version:
Stack trace:
Running How I Got it Running LocallyI ran Then I reset the server ( After updating bundle, I forgot to restart the server and spent a few minutes researching the error needlessly. So.... restarting the server is important. 🥇 My motivation for putting this solution here is that I found this thread while seeking a solution to the error. The above conversation is helpful for understanding how problems in Rails are diagnosed. There was no specific solution for a young Rails developer like myself. |
Steps to reproduce
Run
rails s
. No more... (new app)Expected behavior
It should display my index.
Actual behavior
It fails.
Here is what is going wrong:
Can you help me? Don't understand at all.
System configuration
Rails version: 5.0.0.rc1
Ruby version: 2.4.0dev
The text was updated successfully, but these errors were encountered: