Question 1

How do I encrypt a file upload in Rails with Lockbox?

Accepted Answer

Lockbox integrates with Active Storage, CarrierWave, or Shrine. For Active Storage, add `encrypts_attached` to your model, but note that variants won't work. Serve files via a controller action using `send_data` as shown in the README.

Question 2

Lockbox vs attr_encrypted: which is better for Rails?

Accepted Answer

Lockbox is more modern with zero dependencies, better key rotation, and file encryption support. attr_encrypted is older but widely used; Lockbox offers easier migration paths and updated cryptography, making it preferable for new projects.

Question 3

Can I search encrypted database fields with Lockbox?

Accepted Answer

No, Lockbox doesn't support querying encrypted data directly. You need to use Blind Index, a separate gem by the same author, to create searchable indexes without exposing plaintext.

Question 4

How to rotate encryption keys in Lockbox without downtime?

Accepted Answer

Set previous keys in the initializer using `previous_versions`, then use `Lockbox.rotate` for records or similar methods for files. The README details step-by-step migrations for Active Record and uploaders.

Question 5

Does Lockbox work with Mongoid or only Active Record?

Accepted Answer

Yes, Lockbox supports Mongoid for encrypting fields in MongoDB, with similar syntax to Active Record. The README includes examples for model setup and data migration.

Question 6

What encryption algorithms does Lockbox use by default?

Accepted Answer

Lockbox defaults to AES-GCM with 256-bit keys, which is NIST recommended and fast. It also supports XSalsa20 and hybrid cryptography if Libsodium is installed.

Question 7

How to handle direct uploads with encrypted files in Lockbox?

Accepted Answer

Direct uploads can't be encrypted with application-level encryption like Lockbox. The README admits this limitation and suggests server-side encryption or workarounds, which may require extra configuration.

lockbox

What is lockbox?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions