PDA

View Full Version : Help needed decrypting data from Java



Larry R Pint
8-Apr-2009, 04:52 PM
National Truck has an agent portal that was written in Java and stores data in MS SQL Server. Some of the data is encrypted using the Java JASYPT standard password based enccryption routines. The Java programs are able to decrypt and re-display the data.

We are trying to use the Chilkat encryption/decryption dll to decrypt this data. We are unable to get it working, even with help from Matt at Chilkat. There are parameters to the standard password based encryption routines that are being defaulted somewhere in the Java code, but we have been unable to figure out what the values should be. A random "seed" is being used and being returned as part of the returned data string so it can be used in the decryption.

I am looking for someone to help resolve this issue (and quickly - the project has a deadline of the end of this month and there's only so much I can do without being able to decrypt the data).

I either need someone who can dig into the Java code and figure out what parameters to pass the Chilkat routines or write a dll that can be called from VDF that uses the JASYPT java routines to encrypt and decrypt strings.

For example this date: "06/04/1952" (mm/dd/yyyy) is encrypted as "5AhjaEQokBeH9LNYzI2LXRxL96+hE/Gh". I believe this is Base64 encoded data. They said that 8 characters of this is the seed. They didn't say if it was the first 8 or last 8 and if this is before or after base64 conversion. The password for this string is either "0000000001" or "1", depending on if they use the leading zeros or not. They say they are using these parameters:
OutputType = base64
Hash Algorithm - PBEWithMD5AndDES
Iteration Count - 1000
Salt Generator Alogorithm - SHA1PRNG
They haven't said if they are using the pbkdf1 or pbkdf2 standard. Most of this information is barried in the Java code (either the base Java code or the JASYPT stuff) and they don't worry about it.

We are willing to pay for someone's time to resolve this issue for us. Contact me if you are capable of doing this and interested in (and available to do) the work.

VDF 14.0. MS SQL Server 2005, Don't know anything about the Java version.

larry.pint@ntuminc.com (larry.pint@ntuminc.com)