Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/ruby-on-rails/56.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ruby on rails 在Ruby/Rails中,如何解密由PKCS7加密和签名的字符串_Ruby On Rails_Encryption_Pkcs#7 - Fatal编程技术网
Fatal编程技术网
  • ruby-on-rails/
  • Ruby on rails 在Ruby/Rails中,如何解密由PKCS7加密和签名的字符串

Ruby on rails 在Ruby/Rails中,如何解密由PKCS7加密和签名的字符串

ruby-on-rails encryption

Ruby on rails 在Ruby/Rails中,如何解密由PKCS7加密和签名的字符串,ruby-on-rails,encryption,pkcs#7,Ruby On Rails,Encryption,Pkcs#7,在中,它向您展示了如何在将URL参数发送到PayPal之前对其进行加密 PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem") APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem") APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem") def encrypt_for_paypal(valu

在中,它向您展示了如何在将URL参数发送到PayPal之前对其进行加密

PAYPAL_CERT_PEM = File.read("#{Rails.root}/certs/paypal_cert.pem")
APP_CERT_PEM = File.read("#{Rails.root}/certs/app_cert.pem")
APP_KEY_PEM = File.read("#{Rails.root}/certs/app_key.pem")
def encrypt_for_paypal(values)
    signed = OpenSSL::PKCS7::sign(OpenSSL::X509::Certificate.new(APP_CERT_PEM),        OpenSSL::PKey::RSA.new(APP_KEY_PEM, ''), values.map { |k, v| "#{k}=#{v}" }.join("\n"), [], OpenSSL::PKCS7::BINARY)
    OpenSSL::PKCS7::encrypt([OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)], signed.to_der, OpenSSL::Cipher::Cipher::new("DES3"),        OpenSSL::PKCS7::BINARY).to_s.gsub("\n", "")
end
假设我正在为PayPal的服务器编写代码。如何解密此字符串?在我看来,这段代码既是对字符串进行公钥签名(以验证其真实性),又是对字符串进行加密(以提供隐私)。代码将用于执行反向操作、解密和验证真实性

谢谢。

嗨,John,这里是一个使用ruby openssl进行加密/解密的示例。 注意,它使用AES作为密码,因为我的ruby openssl版本中似乎删除了DES3。 在字符串上调用gsub来替换换行符似乎破坏了它,所以我将其注释掉了。 希望它能帮助你

require 'openssl'

PAYPAL_CERT_PEM = File.read("paypal_cert.pem")
@paypal_cert = OpenSSL::X509::Certificate.new(PAYPAL_CERT_PEM)

APP_CERT_PEM = File.read("app_cert.pem")
@app_cert = OpenSSL::X509::Certificate.new(APP_CERT_PEM)

APP_KEY_PEM = File.read("app_key.pem")
@app_key = OpenSSL::PKey::RSA.new(APP_KEY_PEM, '')

PAYPAL_KEY_PEM = File.read("paypal_key.pem")
@paypal_key = OpenSSL::PKey::RSA.new(PAYPAL_KEY_PEM, '')

CERT_STORE = OpenSSL::X509::Store.new
CERT_STORE.add_cert(@app_cert)

data = Hash.new
data['customer_id'] = '123456789'
data['customer_name'] = 'Mr Smith'

def encrypt_for_paypal(values)
data_name_values = values.map { |k, v| "#{k}=#{v}" }

signed_data = OpenSSL::PKCS7::sign(@app_cert, @app_key, data_name_values.join("\n"), [], OpenSSL::PKCS7::BINARY)

cypher = OpenSSL::Cipher::new("AES-128-CFB")

encrypted_data = OpenSSL::PKCS7::encrypt([@paypal_cert], signed_data.to_der, cypher, OpenSSL::PKCS7::BINARY)

encrypted_data.to_s #.gsub("\n", "")
end

def decrypt_by_paypal(encrypted_data)
received_encrypted_data = OpenSSL::PKCS7.new(encrypted_data)

received_signed_data = received_encrypted_data.decrypt(@paypal_key, @paypal_cert)

p7_received_signed_data = OpenSSL::PKCS7.new(received_signed_data)

p7_received_signed_data.verify(nil, CERT_STORE, nil, OpenSSL::PKCS7::NOVERIFY)

p7_received_signed_data.data
end

encrypted_txt = encrypt_for_paypal data
puts decrypt_by_paypal encrypted_txt
已经看到了吗?除非我遗漏了什么,否则我说的是要得到一个独立的签名。他似乎想避免获取“包含我的测试文件有效负载的pkcs7文件”。我知道如何获取该文件——RailsCasts代码演示了这一点。我需要知道一旦我有了有效载荷,如何解密它。第二个链接处理一个不同的加密方案,一个不涉及公钥/私钥对的加密方案,因此它不是这个问题的正确解决方案。使用OpenSSL::PKCS7::NOVERIFY似乎并不关心密钥存储中是否有正确的公钥,我会将其切换为nil并使用默认值。