Ability to encrypt to a per-row symmetric key #6
Comments
|
P.s. I'm contemplating an option :key_proc => :symbol or Proc.new do { |instance| ... } to fetch the symmetric key used to encrypt the data. In the example, that routine would return either an instance variable (set by the controller from the user's manual input) or the decrypted secret answer (if the code is running inside the security perimeter). |
|
This functionality is now available in my fork. Docs and tests are included. |
|
This sounds really useful, and it's similar to a change I'd likely need to add myself, to a project. Anything ever come of this? |
|
David, the changes are there in my fork. I suggest reviewing the changes in detail to determine whether they meet your needs. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi again,
We want to symmetrically encrypt certain data to a key that's provided by the model object. Particularly, we're encrypting it to a secret answer known only to the user. We'd like to encrypt it without the asymmetric encryption - looks pretty easy to adjust in Strongbox::Lock. Would you entertain a patch for that?
For background, we're going to encrypt the secret answer using the normal method, and in the security perimeter we'll be able to then conduct operations that require the decrypted answer - like encrypting new bits of data using it as a symmetric key. Then, at times when the user chooses to enter their secret answer, we can provide some limited decryption for that user's need, while preventing mass exposure of decryptable content to an attacker.
Thoughts?
Randy
The text was updated successfully, but these errors were encountered: