BlowFish Encryption Doesnt work with Openfire!

Hi All,

If trying to generate my own user accounts for openfire. I need to encrypt the passwords, and so I use Blowfish to do this. Im using the Bouncycastle library for ASP.NET.

IBlockCipher blowFishCipher = new BlowfishEngine();

PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blowFishCipher);

ASCIIEncoding enc = new ASCIIEncoding();

byte[] keyByte = enc.GetBytes(“thekey”); //key same as in passwordKey on openfire

cipher.Init(true, new KeyParameter(keyByte));

byte[] passwordBytes = enc.GetBytes(“userpassword”);

byte[] encryptPasswordBtyes = cipher.DoFinal(passwordBytes);

string encryptedPassword = Convert.ToBase64String(encryptPasswordBtyes);//enc.GetString(encryptPasswordBty es);

The problem i see is that in openfire the encryted passwords look like this b589c106c34e3da923b7cd8c0125b4a46a36a6384bebb874 whereas mine are coming out like this zHlWW/RqB2c= . And if i try and login with the new account it says the password is wrong.

Any ideas? things i should be aware of?

Thanks

Mike

Ok so I dug out the Java verison of the encryption process:

**private** **String** encStr(**String** sPlainText, **long** lNewCBCIV) {
0072:                // allocate the buffer (align to the next 8 byte border plus padding)
0073:                **int** nStrLen = sPlainText.length();
0074:                **byte**[] buf = **new** **byte**[((nStrLen << **1**) & **0xfffffff8**) + **8**];
0075:
0076:                // copy all bytes of the string into the buffer (use network byte order)
0077:                **int** nI;
0078:                **int** nPos = **0**;
0079:                **for** (nI = **0**; nI < nStrLen; nI++) {
0080:                    **char** cActChar = sPlainText.charAt(nI);
0081:                    buf[nPos++] = (**byte**) ((cActChar >> **8**) & **0x0ff**);
0082:                    buf[nPos++] = (**byte**) (cActChar & **0x0ff**);
0083:                }
0084:
0085:                // pad the rest with the PKCS5 scheme
0086:                **byte** bPadVal = (**byte**) (buf.length - (nStrLen << **1**));
0087:                **while** (nPos < buf.length) {
0088:                    buf[nPos++] = bPadVal;
0089:                }
0090:
0091:                synchronized (m_bfish) {
0092:                    // create the encryptor
0093:                    m_bfish.setCBCIV(lNewCBCIV);
0094:
0095:                    // encrypt the buffer
0096:                    m_bfish.encrypt(buf);
0097:                }
0098:
0099:                // return the binhex string
0100:                **byte**[] newCBCIV = **new** **byte**[BlowfishCBC.BLOCKSIZE];
0101:                longToByteArray(lNewCBCIV, newCBCIV, **0**);
0102:
0103:                **return** bytesToBinHex(newCBCIV, **0**, BlowfishCBC.BLOCKSIZE)
0104:                        + bytesToBinHex(buf, **0**, buf.length);
0105:            }

My problem now is i dont know how to set the lNewCBCIV value before I perform the encryption. Anybody used bouncycastle to do this?

Hi All,

I came to a solution with this, so basically the blowfish implementation that openfire uses in my eyes isnt a standardized implementation. So having tried to use bouncycastles Blowfish implementation for .NET and failing, and with no time to port the existing implementation in java to c#, I took the blowfish.java file and ported it to a .NET dll using ikvm a jvm for .net. In my app I could then reference the dlls and call the encrypt and decrypt methods openfire uses.

Mike

Hi mike… Did you do that for Asp.net with c#… If yes then i would like you to share the script…I am also trying to do that…

Regards

I am also looking for this :slight_smile:

Did you get anything working?

I would like to access it from pure .net but the other way around this would be to extend the UserService class so you can execute the java on the server and return the value via xml…

Seems a bit smelly :slight_smile:

The .net way would be much better

Regards