cancel
Showing results for 
Search instead for 
Did you mean: 

Encrypt in java and decrypt in traffficScript

Occasional Contributor

Encrypt in java and decrypt in traffficScript

Is there any way to decrypt string in trafficScript which is encrypted in java,

simple like string.encrypt()/decrypt()

 

Thanks & Regards,

Shehan

4 REPLIES 4
New Contributor

Re: Encrypt in java and decrypt in traffficScript

I would like to encrypt and decrypt a password using 128 bit AES encryption with 16 byte key. I am gettingerror while decrypting the value. Am I missing anything while decrypting? with regards
Community Manager

Re: Encrypt in java and decrypt in traffficScript

Can you give an example of the type of content that you need to encrypt? For example, you could encrypt cookies, or JSON content, or similar P2P messages?

Occasional Contributor

Re: Encrypt in java and decrypt in traffficScript

Hi,

We are trying to decrypt request param value, in zxtm side with string.decrypt() methord

eg: string.decrypt('encrypted value', 'key')

So to decrypt we need to encrypt value from java side, to that we need to know about the zxtm encryption. 

 

Community Manager

Re: Encrypt in java and decrypt in traffficScript

Normally, you expect to use encrypt()/decrypt() symmetrically from within TrafficScript, typically in a cookie - so a Response rule could encrypt() the outbound data, and a Request rule would intercept and decrypt() the inbound data.

 

If you want to use a custom encrypt/decrypt then that might be possible - you could even call Java code from TrafficScript, but that might not be suitable for high transaction rates.

 

Here is an example from the TrafficScript reference manual:

 

string.encrypt( string, passphrase )

Encrypts a string using the provided pass phrase. The returned string is encrypted using the AES block cipher, using an expanded form of the passphrase as the cipher key. A MAC is also added to ensure the integrity of the string.

 

This is open to replay attacks, and as such, should not be used to encrypt sensitive data, such as credit card details.

  

# Encrypt the 'kart' cookie
$cookie = http.getresponsecookie( "kart" );
if( $cookie != "" ) {
        $cookie = string.encrypt( $cookie, $passphrase );
        http.setresponsecookie( "kart", $cookie );
}

 

 

# Decrypt the 'kart' cookie
$cookie = http.getcookie( "kart" );
if( $cookie != "" ) {
      $cookie = string.decrypt( $cookie, $passphrase );
      if( $cookie == "" ) {
            log.warn( "User modified kart cookie" );
            http.removecookie( "kart" );
      } else {
            http.setcookie( "kart", $cookie );
      }
}