13 Sep 2009, 03:38
Generic-user-small

Don Cruse (1 post)

I just worked through the encryption example in Chapter 8 and got the following deprecation warning:

“app/security/encryptor/routines.rb:6: warning: argumtents for OpenSSL::Cipher::Cipher#encrypt and OpenSSL::Cipher::Cipher#decrypt were deprecated; use OpenSSL::Cipher::Cipher#pkcs5_keyivgen to derive key and IV”

For what it’s worth, I’m using Snow Leopard and Ruby 1.8.7p72 and Rails 2.3.4.

From what I saw on another page, fixing this requires generating a salt for the encryption to work properly. Is that right? If so, will the book (or this discussion forum) have an example of how to get around this deprecation warning or an explanation of what (in security terms) this warning means?

Thanks much

04 Nov 2010, 11:26
Generic-user-small

David W. Wormuth (9 posts)

I just ran across this:

http://stackoverflow.com/questions/1349397/how-to-resolve-deprecation-warnings-for-opensslciphercipherencrypt

The last answer is actually correct (See the RDoc for decrypt). From the OpenSSL documentation, the salt can be omitted and the default salt will be used:

http://ruby-doc.org/ruby-1.9/classes/OpenSSL/Cipher.html#M006487

Using these solved the warning for me.

  You must be logged in to comment