Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Encrypt in java and decrypt in traffficScript

shehan.2.weerasinghe@bt.com
Occasional Contributor
‎09-04-2018 04:21:AM
‎09-04-2018 04:21:AM

Encrypt in java and decrypt in traffficScript

Is there any way to decrypt string in trafficScript which is encrypted in java,

simple like string.encrypt()/decrypt()

 

Thanks & Regards,

Shehan

0 Kudos
4 REPLIES 4
jacksmith
New Contributor
‎09-04-2018 12:03:PM
‎09-04-2018 12:03:PM

Re: Encrypt in java and decrypt in traffficScript

I would like to encrypt and decrypt a password using 128 bit AES encryption with 16 byte key. I am gettingerror while decrypting the value. Am I missing anything while decrypting? with regards
panda helper app
emu4ios app
gbwhatsapp app
0 Kudos
pwallace
Community Manager
Community Manager
‎09-11-2018 04:07:AM
‎09-11-2018 04:07:AM

Re: Encrypt in java and decrypt in traffficScript

Can you give an example of the type of content that you need to encrypt? For example, you could encrypt cookies, or JSON content, or similar P2P messages?

0 Kudos
shehan.2.weerasinghe@bt.com
Occasional Contributor
‎10-04-2018 04:29:AM
‎10-04-2018 04:29:AM

Re: Encrypt in java and decrypt in traffficScript

Hi,

We are trying to decrypt request param value, in zxtm side with string.decrypt() methord

eg: string.decrypt('encrypted value', 'key')

So to decrypt we need to encrypt value from java side, to that we need to know about the zxtm encryption. 

 

0 Kudos
pwallace
Community Manager
Community Manager
‎10-05-2018 04:22:AM
‎10-05-2018 04:22:AM

Re: Encrypt in java and decrypt in traffficScript

Normally, you expect to use encrypt()/decrypt() symmetrically from within TrafficScript, typically in a cookie - so a Response rule could encrypt() the outbound data, and a Request rule would intercept and decrypt() the inbound data.

 

If you want to use a custom encrypt/decrypt then that might be possible - you could even call Java code from TrafficScript, but that might not be suitable for high transaction rates.

 

Here is an example from the TrafficScript reference manual:

 

string.encrypt( string, passphrase )

Encrypts a string using the provided pass phrase. The returned string is encrypted using the AES block cipher, using an expanded form of the passphrase as the cipher key. A MAC is also added to ensure the integrity of the string.

 

This is open to replay attacks, and as such, should not be used to encrypt sensitive data, such as credit card details.

  

# Encrypt the 'kart' cookie
$cookie = http.getresponsecookie( "kart" );
if( $cookie != "" ) {
        $cookie = string.encrypt( $cookie, $passphrase );
        http.setresponsecookie( "kart", $cookie );
}

 

 

# Decrypt the 'kart' cookie
$cookie = http.getcookie( "kart" );
if( $cookie != "" ) {
      $cookie = string.decrypt( $cookie, $passphrase );
      if( $cookie == "" ) {
            log.warn( "User modified kart cookie" );
            http.removecookie( "kart" );
      } else {
            http.setcookie( "kart", $cookie );
      }
}
 

 

 

 

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.