4 Replies Latest reply on Jul 29, 2012 1:19 AM by John Gregson

    BlowFish Encryption Doesnt work with Openfire!

    hardboy111 Bronze

      Hi All,

       

      If trying to generate my own user accounts for openfire. I need to encrypt the passwords, and so I use Blowfish to do this. Im using the Bouncycastle library for ASP.NET.

       

                               IBlockCipher blowFishCipher = new BlowfishEngine();

                              PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blowFishCipher);

       

                              ASCIIEncoding enc = new ASCIIEncoding();

                              byte[] keyByte = enc.GetBytes("thekey"); //key same as in passwordKey on openfire

       

                              cipher.Init(true, new KeyParameter(keyByte));

       

                              byte[] passwordBytes = enc.GetBytes("userpassword");

       

                              byte[] encryptPasswordBtyes = cipher.DoFinal(passwordBytes);

                              string encryptedPassword = Convert.ToBase64String(encryptPasswordBtyes);//enc.GetString(encryptPasswordBty es);

       

      The problem i see is that in openfire the encryted passwords look like this b589c106c34e3da923b7cd8c0125b4a46a36a6384bebb874 whereas mine are coming out like this zHlWW/RqB2c= . And if i try and login with the new account it says the password is wrong.

       

      Any ideas? things i should be aware of?

       

      Thanks

       

      Mike

        • Re: BlowFish Encryption Doesnt work with Openfire!
          hardboy111 Bronze

          Ok so I dug out the Java verison of the encryption process:

          private String encStr(String sPlainText, long lNewCBCIV) {
          0072:                // allocate the buffer (align to the next 8 byte border plus padding)
          0073:                int nStrLen = sPlainText.length();
          0074:                byte[] buf = new byte[((nStrLen << 1) & 0xfffffff8) + 8];
          0075:
          0076:                // copy all bytes of the string into the buffer (use network byte order)
          0077:                int nI;
          0078:                int nPos = 0;
          0079:                for (nI = 0; nI < nStrLen; nI++) {
          0080:                    char cActChar = sPlainText.charAt(nI);
          0081:                    buf[nPos++] = (byte) ((cActChar >> 8) & 0x0ff);
          0082:                    buf[nPos++] = (byte) (cActChar & 0x0ff);
          0083:                }
          0084:
          0085:                // pad the rest with the PKCS5 scheme
          0086:                byte bPadVal = (byte) (buf.length - (nStrLen << 1));
          0087:                while (nPos < buf.length) {
          0088:                    buf[nPos++] = bPadVal;
          0089:                }
          0090:
          0091:                synchronized (m_bfish) {
          0092:                    // create the encryptor
          0093:                    m_bfish.setCBCIV(lNewCBCIV);
          0094:
          0095:                    // encrypt the buffer
          0096:                    m_bfish.encrypt(buf);
          0097:                }
          0098:
          0099:                // return the binhex string
          0100:                byte[] newCBCIV = new byte[BlowfishCBC.BLOCKSIZE];
          0101:                longToByteArray(lNewCBCIV, newCBCIV, 0);
          0102:
          0103:                return bytesToBinHex(newCBCIV, 0, BlowfishCBC.BLOCKSIZE)
          0104:                        + bytesToBinHex(buf, 0, buf.length);
          0105:            }



          My problem now is i dont know how to set the
          lNewCBCIV value before I perform the encryption. Anybody used bouncycastle to do this?