Rails：将加密的数据存储在数据库中 [英] Rails: storing encrypted data in database

问题描述

我要对数据库进行加密，因为正在存储机密数据。我使用mongodb与mongoid。这种数据库可能吗？如果不是，你可以推荐什么替代方案？

主要目的是：如果任何人攻击服务器并窃取DB，它将是不可加密的。

更新：感谢 nickh ，我发现很多 ActiveRecord的修改，但Mongoid和其他Mongo的门户没有。对于Mongo和Mongoid！找到一些灵魂是很好的。

解决方案

我已经得到attr_encrypted使用Mongo和Mongoid。

确保所有由attr_encrypted自动创建的encrypted_字段在模型中显式创建。例如，如果您有：

  attr_encrypted：email，：key => 'blah blah blah'，：encode => true 
  

您需要具有：

 字段：email，：type => String 
字段：encrypted_email，：type => String 
  

还要注意，你需要告诉它对加密字符串进行编码，否则Mongo会大声抱怨。 p>

最后，如果您要加密散列，请执行以下操作：

 字段：raw_auth_hash，：type => Hash 
字段：encrypted_raw_auth_hash，：type => String 
 
 attr_encrypted：raw_auth_hash，：key => 'blah'，：marshal => true，：encode => true 
  

I want to encrypt database because confidential data is being stored. I use mongodb with mongoid. It possible for this kind of database? And what alternatives can you recomend, if it is not?

P.S. Main purpose is: if anybody hack the server and steal DB, it would be unencryptable.

UPDATE: thanks for nickh, I found very many soultions for ActiveRecord, but nothing for Mongoid and other Mongo clinets. It would be great to find some soultion for Mongo and Mongoid!

解决方案

I have gotten attr_encrypted working with Mongo and Mongoid. It takes only a few tweaks.

Make sure that all of the encrypted_ fields that are automatically created by attr_encrypted are explicitly created in the model. For instance, if you have:

    attr_encrypted :email, :key => 'blah blah blah', :encode => true

you need to have:

    field :email, :type => String
    field :encrypted_email, :type => String

Also notice you need to tell it to encode the encrypted string otherwise Mongo will complain loudly.

Lastly, if you're encrypting a hash, do this:

    field :raw_auth_hash, :type => Hash
    field :encrypted_raw_auth_hash, :type => String

    attr_encrypted :raw_auth_hash, :key => 'blah', :marshal => true, :encode => true

这篇关于Rails：将加密的数据存储在数据库中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！