保险柜运输机密引擎提供了执行批量加密/解密的功能,如下所示: https://www.vaultproject.io/api/secret/transit/index.html
batch_input(数组:无)–指定要在单个批次中加密的项目的列表。
我想知道我是否使用batch_input来加密多个纯文本,响应是否也保留了 与输入列表项的顺序相同, 同样在进行解密时,如果我发送多个密文进行解密,响应也会保持 与输入列表项的顺序相同
我已经在服务器上对此进行了多次测试,它的顺序相同,但是我不确定是否会一直保持 响应与输入列表项的顺序相同。请帮助确认我的猜测是否正确?
batch_input.json:
{
"batch_input":
[
{
"plaintext": "MTExCg=="
},
{
"plaintext": "NTU1Cg=="
}
]
}
批处理请求的加密方式如下:
curl --header "X-Vault-Token: $VAULT_TOKEN" \
--request POST \
--data @batch_input.json \
http://127.0.0.1:8200/v1/transit/encrypt/my_key
{
"request_id": "21f85300-e133-ce22-3ccc-cfe16ec0db7f",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"batch_results": [
{
"ciphertext": "vault:v1:j2r7aEnrHol4sX3z0WpSs3xxLOb4HBwaEqwS06IWtAU="
},
{
"ciphertext": "vault:v1:y+zFbNJYdDifr1btussbwZwLGXv5cH7X6l2PDg2axgc="
}
]
},
"wrap_info": null,
"warnings": null,
"auth": null
}
对于批量解密的请求将如下所示:
batch_input_d.json:
{
"batch_input":
[
{
"ciphertext": "vault:v1:j2r7aEnrHol4sX3z0WpSs3xxLOb4HBwaEqwS06IWtAU="
},
{
"ciphertext": "vault:v1:y+zFbNJYdDifr1btussbwZwLGXv5cH7X6l2PDg2axgc="
}
]
}
解密请求如下:
curl --header "X-Vault-Token: $VAULT_TOKEN" \
--request POST \
--data @batch_input_d.json \
http://127.0.0.1:8200/v1/transit/decrypt/my_key
{
"request_id": "fad14296-2d3b-52dc-339d-4d6004146390",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"batch_results": [
{
"plaintext": "MTExCg=="
},
{
"plaintext": "NTU1Cg=="
}
]
},
"wrap_info": null,
"warnings": null,
"auth": null
}