cancel
Showing results for 
Search instead for 
Did you mean: 

How to decrypt TrafficScript encrypted value in C#

Highlighted
New Contributor

How to decrypt TrafficScript encrypted value in C#

We are using TrafficScript encrypt a string and store that encrypted value in a cookie. Like so:

 

$encrypt ="string to encrypt";$passphrase ="passphrase";$encrypted=string.base64encode(string.encrypt($encrypt, $passphrase));http.setResponseCookie("encrypted", $encrypted,"path=/");

What I'd then like to do is decrypt that cookie value in C#, however, I've not been able to achieve it thus far. I suspect this is because the exact details of the algorithm used by the TrafficScript isn't documented fully. The reference guide states:

bq.

string.encrypt( string, passphrase ) - Encrypts a string using the provided pass phrase. The returned string is encrypted using the AES block cipher, using an expanded form of the passphrase as the cipher key. A MAC is also added to ensure the integrity of the string.


I've tried AesManaged but get an exception 'Length of the data to decrypt is invalid'.

 

Can anyone provide any pointers?

2 REPLIES
New Contributor

Re: How to decrypt TrafficScript encrypted value in C#

I didn't manage to find a way to do this purely with TrafficScript.

 

So I ended up writing a Java Extension and running that from inside my TrafiicScript rule. It was made possible by reusing some code posted in a blog by Joseph Ssenyange which details how to write cross platform encryption for Java and C#.

Frequent Contributor

Re: How to decrypt TrafficScript encrypted value in C#

We don't document the resulting format of the encryption and MAC signing; if you need to decrypt data outside of Stingray, then your Java approach is the best.