我有下面的java代码,它使用AES加密输入数据
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
KeySpec spec = new PBEKeySpec(secretKey.toCharArray(), salt.getBytes(), 65536, 256);
SecretKey secret = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES");
if (data == null)
return encryptedText;
Cipher encryptCipher = Cipher.getInstance("AES/GCM/NoPadding");
// get IV
byte[] iv = getRandomNonce(12);
encryptCipher.init(Cipher.ENCRYPT_MODE, secret, new GCMParameterSpec(128, iv));
// encrypted data:
byte[] encryptedBytes = encryptCipher.doFinal(data.getBytes("UTF-8"));
// prefix IV and Salt to cipher text
byte[] cipherTextWithIvSalt = ByteBuffer.allocate(iv.length + salt.length() + encryptedBytes.length).put(iv)
.put(salt.getBytes()).put(encryptedBytes).array();
encryptedText = Base64.getEncoder().encodeToString(cipherTextWithIvSalt);
我有logstash管道,我正在尝试在ruby中使用以下代码进行加密,但它不起作用
ruby {
code => "
require 'openssl'
require 'base64'
password = 'secret_key'
salt = 'random_salt'
iterations = 65536
key_len = OpenSSL::Cipher.new('aes-256-gcm').key_len
key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_len, 'sha256')
cipher = OpenSSL::Cipher.new('aes-256-gcm')
cipher.encrypt
cipher.key = key
iv = Random.new.bytes(12)
encrypted = cipher.update(event.get('secret')) + cipher.final
length=iv.length+salt.length+encrypted.length
// buffer =IO::Buffer.new(10)// not working
encrypted_text = Base64.encode64(buffer).strip
event.set('message_encrypted', encrypted_text)
"
add_field => {
"new_secret" => "%{[message_encrypted]}"
}
}
有人可以帮忙找出代码中缺失的部分吗?
问题似乎是您的
Buffer
实例上没有隐式字符串转换。如果我按原样运行你的程序,我会看到:
没有 IO::Buffer 到 String 的隐式转换
在实例编码时显式调用
to_s
可以解决问题。
require "openssl"
require "base64"
password = "secret_key"
salt = "random_salt"
iterations = 65536
key_len = OpenSSL::Cipher.new("aes-256-gcm").key_len
key = OpenSSL::PKCS5.pbkdf2_hmac(password, salt, iterations, key_len, "sha256")
cipher = OpenSSL::Cipher.new("aes-256-gcm")
cipher.encrypt
cipher.key = key
iv = Random.new.bytes(12)
encrypted = cipher.update(event.get("secret")) + cipher.final
length = iv.length + salt.length + encrypted.length
buffer = IO::Buffer.new(10) # not working
encrypted_text = Base64.encode64(buffer.to_s).strip
puts encrypted_text # IzxJTzo6QnVmZmVyIDB4MDAwMDU1NjhjN2Q1NDViMCsxMCBJTlRFUk5BTD4=
event.set('message_encrypted', encrypted_text)