Skip to content

added support for base64 key & non iv ciphers #35

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
spoutin wants to merge 1 commit into
base: main
Choose a base branch
from
Open

added support for base64 key & non iv ciphers #35

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 28 additions & 9 deletions lib/logstash/filters/cipher.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,12 @@ class LogStash::Filters::Cipher < LogStash::Filters::Base
#
config :key, :validate => :password

# Key is base64
#
# boolean (true or false)
# default is false
config :key_base64, :validate => :boolean, :default => false

# The key size to pad
#
# It depends of the cipher algorithm. If your key doesn't need
Expand Down Expand Up @@ -176,17 +182,24 @@ def do_encrypt(plaintext)
# @return [String] plaintext
def do_decrypt(ciphertext_with_iv)
ciphertext_with_iv = Base64.strict_decode64(ciphertext_with_iv) if @base64 == true
encoded_iv = ciphertext_with_iv.byteslice(0..@iv_random_length)
ciphertext = ciphertext_with_iv.byteslice(@iv_random_length..-1)

encoded_iv = ""
case(@iv_random_length)
when 0
ciphertext = ciphertext_with_iv
else
encoded_iv = ciphertext_with_iv.byteslice(0..@iv_random_length)
ciphertext = ciphertext_with_iv.byteslice(@iv_random_length..-1)
end
with_cipher do |cipher|
cipher.iv = encoded_iv
plaintext = cipher.update(ciphertext) + cipher.final
unless encoded_iv.empty?
cipher.iv = encoded_iv
end
plaintext = cipher.update(ciphertext)
plaintext << cipher.final
plaintext.force_encoding("UTF-8")
plaintext
end
end

##
# Returns a new or freshly-reset cipher, bypassing cipher reuse if it is not enabled
#
Expand Down Expand Up @@ -254,14 +267,20 @@ def init_cipher
cipher = OpenSSL::Cipher.new(@algorithm)

cipher.public_send(@mode)

cipher.key = @key.value

if @key_base64 == true
key = Base64.strict_decode64(@key.value)
else
key = @key.value
end
logger.info("Base64: #{@key_base64} Key: #{key}")
cipher.key = key

cipher.padding = @cipher_padding if @cipher_padding

if @logger.trace?
@logger.trace("Cipher initialisation done", :mode => @mode,
:key => @key.value,
:key => key,
:iv_random_length => @iv_random_length,
:iv_random => @iv_random,
:cipher_padding => @cipher_padding)
Expand Down