Cipher plugin binary key

Hi all,

I am trying to use the cipher plugin with a key that is not a string, but is a sequence of bytes. The key has been created using the following Java snippet:

    public byte[] getKey(String keyString) throws NoSuchAlgorithmException {
        MessageDigest sha = MessageDigest.getInstance("SHA-256");
        byte[] key = keyString.getBytes(StandardCharsets.UTF_8);
        key = sha.digest(key);
        key = Arrays.copyOf(key, 16);
        return key;

Basically, it is the first 16 bytes of the result of SHA-256("secret"), and I do not have control over that. Unfortunately I just can't find a way to pass this binary key into the cipher plugin for decrypting.

One route that I went down was to do the SHA256 conversion with the fingerprint filter on the string, store the result in a field and pass this in to the cipher plugin using a field reference, but it appears the cipher plugin does not support field references in the sprintf format.

I also looked to see if I could compute the SHA256 offline and escape the raw bytes in the file, but it appears there is no way to do this with any of the existing escape sequences (for example) in the Logstash config.

Does anyone have any suggestions on how to achieve this? At the moment, the only option I can see is to basically convert the key generation and encryption to ruby and ignore the cipher plugin altogether, but I'd obviously much rather avoid that if possible!

Thanks in advance

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.