我需要在我的rails应用程序中进行加密和解密。我试图使用ezcrypto,但每当我解密时,我都会收到此错误。
OpenSSL::Cipher::CipherError in ProfilesController#show
wrong final block length
需要更改哪些内容才能停止此错误。我尝试使用另一种openssl实现(从我的模型中调用的方法)
def encrypt_attr(unencrypted)
c = OpenSSL::Cipher.new("aes-256-cbc")
c.encrypt
c.key = Digest::SHA1.hexdigest('pass')
e = c.update(unencrypted)
e << c.final
return e
end
def decrypt_attr(encrypted_attr)
if encrypted_attr != ""
c = OpenSSL::Cipher::Cipher.new("aes-256-cbc")
c.decrypt
c.key = Digest::SHA1.hexdigest('pass')
d = c.update(encrypted_attr)
d << c.final
return d
end
end
它会在解密时抛出完全相同的错误。我应该如何进行加密和解密,而不是出现这个openssl错误。
答案 0 :(得分:14)
require 'openssl'
require 'base64'
class AesEncryptDecrypt
KEY = "EncryptDecryptGurudathBN"
ALGORITHM = 'AES-128-ECB'
def self.encryption(msg)
begin
cipher = OpenSSL::Cipher.new(ALGORITHM)
cipher.encrypt()
cipher.key = KEY
crypt = cipher.update(msg) + cipher.final()
crypt_string = (Base64.encode64(crypt))
return crypt_string
rescue Exception => exc
puts ("Message for the encryption log file for message #{msg} = #{exc.message}")
end
end
def self.decryption(msg)
begin
cipher = OpenSSL::Cipher.new(ALGORITHM)
cipher.decrypt()
cipher.key = KEY
tempkey = Base64.decode64(msg)
crypt = cipher.update(tempkey)
crypt << cipher.final()
return crypt
rescue Exception => exc
puts ("Message for the decryption log file for message #{msg} = #{exc.message}")
end
end
end
irb(main):007:0> AesEncryptDecrypt.encryption('gurudath')
=> "rUPKObydUJd9cY9agm3Glw==\n"
irb(main):008:0> AesEncryptDecrypt.decryption('rUPKObydUJd9cY9agm3Glw==')
=> "gurudath"
答案 1 :(得分:2)
我知道Ruby的openssl包的文档很少。但是,如果您想使用cipher-block chaining,请参阅以下代码摘要,其中概述了如何使用AES-256-CBC密码:
require 'openssl'
# your data
raw = 'the data to be encrypted goes here'
pwd = 'secret'
salt = OpenSSL::Random.random_bytes(8)
# prepare cipher for encryption
e = OpenSSL::Cipher.new('AES-256-CBC')
e.encrypt
# next, generate a PKCS5-based string for your key + initialization vector
key_iv = OpenSSL::PKCS5.pbkdf2_hmac_sha1(pwd, salt, 2000, e.key_len+e.iv_len)
key = key_iv[0, e.key_len]
iv = key_iv[e.key_len, e.iv_len]
# now set the key and iv for the encrypting cipher
e.key = key
e.iv = iv
# encrypt the data!
encrypted = '' << e.update(raw) << e.final
p encrypted
# and now we prepare to decrypt
d = OpenSSL::Cipher.new('AES-256-CBC')
d.decrypt
# now set the key and iv for the decrypting cipher
# this assumes that the password, salt, and iv are known,
# so then you would be able to generate the key as per above
d.key = key
d.iv = iv
# decrypt the data!
decrypted = '' << d.update(encrypted) << d.final
p decrypted
此代码段几乎是从Japanese (original?) version of the Ruby standard library documentation on openssl逐字记录下来的。但是,它确实为您和您的应用程序设计提出了一些问题:
salt值。这与密码一起使用以生成密钥(您不需要保存密钥)。iv初始化向量。这用于启动密码块链中的第一个块。无需加密此值,但应为您加密的每条消息生成此值。答案 2 :(得分:0)
我和你有同样的问题,这就是我解决它的方法: