If trying to generate my own user accounts for openfire. I need to encrypt the passwords, and so I use Blowfish to do this. Im using the Bouncycastle library for ASP.NET.
IBlockCipher blowFishCipher = new BlowfishEngine();
PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blowFishCipher);
ASCIIEncoding enc = new ASCIIEncoding();
byte[] keyByte = enc.GetBytes(“thekey”); //key same as in passwordKey on openfire
The problem i see is that in openfire the encryted passwords look like this b589c106c34e3da923b7cd8c0125b4a46a36a6384bebb874 whereas mine are coming out like this zHlWW/RqB2c= . And if i try and login with the new account it says the password is wrong.
I came to a solution with this, so basically the blowfish implementation that openfire uses in my eyes isnt a standardized implementation. So having tried to use bouncycastles Blowfish implementation for .NET and failing, and with no time to port the existing implementation in java to c#, I took the blowfish.java file and ported it to a .NET dll using ikvm a jvm for .net. In my app I could then reference the dlls and call the encrypt and decrypt methods openfire uses.
I would like to access it from pure .net but the other way around this would be to extend the UserService class so you can execute the java on the server and return the value via xml…