jac*_*ack 6 ruby encryption openssl ruby-on-rails
我需要在我的rails应用程序中进行加密和解密.我试图使用ezcrypto,但每当我做解密时,我得到这个错误.
OpenSSL::Cipher::CipherError in ProfilesController#show
wrong final block length
需要更改什么才能阻止此错误.我尝试使用另一种openssl实现(从我的模型中调用的方法)
def encrypt_attr(unencrypted)
c = OpenSSL::Cipher.new("aes-256-cbc")
c.encrypt
c.key = Digest::SHA1.hexdigest('pass')
e = c.update(unencrypted)
e << c.final
return e
end
def decrypt_attr(encrypted_attr)
if encrypted_attr != ""
c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key = Digest::SHA1.hexdigest('pass')
d = c.update(encrypted_attr)
d << c.final
return d
end
end
它会在解密时抛出完全相同的错误.我该怎么做加密和解密而不是这个openssl错误.
Gur*_* BN 14
require 'openssl'
require 'base64'
class AesEncryptDecrypt
KEY = "EncryptDecryptGurudathBN"
ALGORITHM = 'AES-128-ECB'
def self.encryption(msg)
begin
cipher = OpenSSL::Cipher.new(ALGORITHM)
cipher.encrypt()
cipher.key = KEY
crypt = cipher.update(msg) + cipher.final()
crypt_string = (Base64.encode64(crypt))
return crypt_string
rescue Exception => exc
puts ("Message for the encryption log file for message #{msg} = #{exc.message}")
end
end
def self.decryption(msg)
begin
cipher = OpenSSL::Cipher.new(ALGORITHM)
cipher.decrypt()
cipher.key = KEY
tempkey = Base64.decode64(msg)
crypt = cipher.update(tempkey)
crypt << cipher.final()
return crypt
rescue Exception => exc
puts ("Message for the decryption log file for message #{msg} = #{exc.message}")
end
end
end
irb(main):007:0> AesEncryptDecrypt.encryption('gurudath')
=> "rUPKObydUJd9cY9agm3Glw==\n"
irb(main):008:0> AesEncryptDecrypt.decryption('rUPKObydUJd9cY9agm3Glw==')
=> "gurudath"
我知道 Ruby 包的文档非常少openssl。但是,如果您想使用密码块链接,这里有一个简短的代码片段,概述了如何使用AES-256-CBC密码:
require 'openssl'
# your data
raw = 'the data to be encrypted goes here'
pwd = 'secret'
salt = OpenSSL::Random.random_bytes(8)
# prepare cipher for encryption
e = OpenSSL::Cipher.new('AES-256-CBC')
e.encrypt
# next, generate a PKCS5-based string for your key + initialization vector
key_iv = OpenSSL::PKCS5.pbkdf2_hmac_sha1(pwd, salt, 2000, e.key_len+e.iv_len)
key = key_iv[0, e.key_len]
iv = key_iv[e.key_len, e.iv_len]
# now set the key and iv for the encrypting cipher
e.key = key
e.iv = iv
# encrypt the data!
encrypted = '' << e.update(raw) << e.final
p encrypted
# and now we prepare to decrypt
d = OpenSSL::Cipher.new('AES-256-CBC')
d.decrypt
# now set the key and iv for the decrypting cipher
# this assumes that the password, salt, and iv are known,
# so then you would be able to generate the key as per above
d.key = key
d.iv = iv
# decrypt the data!
decrypted = '' << d.update(encrypted) << d.final
p decrypted
这段代码几乎是逐字摘自Ruby 标准库文档的日语(原始?)版本openssl。但是,它确实给您和您的应用程序设计提出了一些问题:
salt值。它与密码一起使用来生成密钥(您不需要保存密钥)。iv初始化向量。这用于启动密码块链中的第一个块。无需加密该值,但应为您加密的每条消息生成该值。祝你好运!
| 归档时间: |
|
| 查看次数: |
11971 次 |
| 最近记录: |