Open vaboston opened 2 months ago
Hi @vaboston ! Can you provide an example of the VRL code you would like to write but can't currently? I think that'll help me understand the request better.
Hi, i can decrypt my cipher text, but i need to use slice with bytes manipulation on a raw data, it's not very intuitive. Before i used logstash and there was a dedicated field for the size of the IV, it seemed more logical to me that the extraction operation was done in the code. My code in vector :
base64_decoded = decode_base64!(.my.data)
iv = slice!(base64_decoded, 0, 16)
.encrypted_message = slice!(base64_decoded, 16)
.test = decrypt!(.encrypted_message, "AES-128-CBC-PKCS7", "my_key", iv)
It's more an improvement proposal than en issue.
Thanks @vaboston . I appreciate you sharing the code you currently have. Could you share the code you want to write? That is, what would your example look like, ideally?
Ideally, something like :
iv_key_size = 16
.test = decrypt!(.encrypted_message, "AES-128-CBC-PKCS7", "my_key")
or in a env var or somtehing like that. I don't know the vector configuration well enough to propose something consistent with the rest of the configuration.
Thanks! I think I see. It would need to be a parameter to the decrypt
function to indicate that the iv
should be extracted from the ciphertext (and what its size is).
Let me move this to the VRL repository.
Based on what the following Logstash plugin does: https://github.com/logstash-plugins/logstash-filter-cipher/blob/main/lib/logstash/filters/cipher.rb#L179
Would it be possible to add an option to specify the IV size, and do the extraction in the code? Currently, I am extracting via slices, but it would be much more convenient to have a dedicated option. Thanks !