I'd agree that the documentation is pretty sparse on this, but there's also a significant PEBKAC problem in this case - literally the only example in the README for the gem (and all the tests) shows it using a key that's a long hex string. The "security flaw" is a developer using a crypto library without a clear understanding of its requirements.
1 comment
[ 4.1 ms ] story [ 7.3 ms ] thread