Deprecation warning in encryption example
13 Sep 2009, 03:38
Don Cruse (1 post)
I just worked through the encryption example in Chapter 8 and got the following deprecation warning:
“app/security/encryptor/routines.rb:6: warning: argumtents for OpenSSL::Cipher::Cipher#encrypt and OpenSSL::Cipher::Cipher#decrypt were deprecated; use OpenSSL::Cipher::Cipher#pkcs5_keyivgen to derive key and IV”
For what it’s worth, I’m using Snow Leopard and Ruby 1.8.7p72 and Rails 2.3.4.
From what I saw on another page, fixing this requires generating a salt for the encryption to work properly. Is that right? If so, will the book (or this discussion forum) have an example of how to get around this deprecation warning or an explanation of what (in security terms) this warning means?
04 Nov 2010, 11:26
David W. Wormuth (9 posts)
I just ran across this:
The last answer is actually correct (See the RDoc for decrypt). From the OpenSSL documentation, the salt can be omitted and the default salt will be used:
Using these solved the warning for me.
|You must be logged in to comment|