Fix attr_encryption key settings (EE port)
CE port: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/19341
attr_encrypted does different things with key
depending on what mode you are using:
-
In
:per_attribute_iv_and_salt
mode, it generates a hash with the salt: https://github.com/attr-encrypted/encryptor/blob/c3a62c4a9e74686dd95e0548f9dc2a361fdc95d1/lib/encryptor.rb#L77. There is no need to truncate the key to 32 bytes here. -
In
:per_attribute_iv
mode, it sets the key directly to the password, so truncation to 32 bytes is necessary.
Closes #47166