1. 05 Dec, 2018 1 commit
    • Nick Thomas's avatar
      Use a 32-byte version of db_key_base for web hooks · 2f2b0ad3
      Nick Thomas authored
      AES-256-GCM cipher mode requires a key that is exactly 32 bytes long.
      We already handle the case when the key is too long, by truncating, but
      the key can also be too short in some installations. Switching to a key
      that is always exactly the right length (by virtue of right-padding
      ASCII 0 characters) allows encryption to proceed, without breaking
      backward compatibility.
      
      When the key is too short, encryption fails with an `ArgumentError`,
      causing the web hooks functionality to be unusable. As a result, zero
      rows can exist with values encrypted with the too-short key.
      
      When the key is too long, it is silently truncated. In this case, the
      key is unchanged, so values encrypted with the new too-long key will
      still be successfully decrypted.
      2f2b0ad3
  2. 04 Dec, 2018 39 commits