I am trying to set-up the custom cookie single sign-on with Community Server. It works fine, so long as I use the Telligent libraries to encrypt the information, but if I use something else (e.g. the Rijndael class in C#), the encrypted values are not the same, even though the key and initial vector is the same in both cases.
Does anybody know the other parameters for the Rijndael encryption that is used by Community Server (e.g. CBC or ECB? Block size?)? Below is the ASPX page I am using to do the encryption. For the word "goblin", I get the following values (using the key and iv from below):
Community Server: qAs5PkbStj83YyASt99ktA==
ASP with C#: hcg7yWgF1W6x71B/+QzP3w==
<%@ Page Language="C#" EnableSessionState="False" %><%@ Import Namespace="System.Security.Cryptography" %><%@ Import Namespace="System.IO" %><% String Data = "goblin"; Response.Write("data = " + Data + "<br/><br/>"); // Create a new Rijndael object to generate a key // and initialization vector (IV). Rijndael RijndaelAlg = Rijndael.Create(); RijndaelAlg.BlockSize = 128; RijndaelAlg.KeySize = 128; RijndaelAlg.Mode = CipherMode.CBC; RijndaelAlg.Padding = PaddingMode.PKCS7; RijndaelAlg.Key = Convert.FromBase64String("qMwXq8NJ3A9AJpA1iAOz3A=="); RijndaelAlg.IV = Convert.FromBase64String("AHMYm8eiBmZZ/oeGHnD1HQ=="); // Output the current parameters of the Rijndael algorithm. Response.Write("key = " + Convert.ToBase64String(RijndaelAlg.Key) + "<br/>"); Response.Write("iv = " + Convert.ToBase64String(RijndaelAlg.IV) + "<br/>"); Response.Write("block size = " + RijndaelAlg.BlockSize + "<br/>"); Response.Write("legal block sizes = "); for (int i=0; i < RijndaelAlg.LegalBlockSizes.Length; i++) { if (i < RijndaelAlg.LegalBlockSizes.Length-1) { Response.Write(RijndaelAlg.LegalBlockSizes.MinSize + "-" + RijndaelAlg.LegalBlockSizes.MaxSize + "(" + RijndaelAlg.LegalBlockSizes.SkipSize + "), "); } else { Response.Write(RijndaelAlg.LegalBlockSizes.MinSize + "-" + RijndaelAlg.LegalBlockSizes.MaxSize + "(" + RijndaelAlg.LegalBlockSizes.SkipSize + ")<br/>"); } } Response.Write("feedback size = " + RijndaelAlg.FeedbackSize + "<br/>"); Response.Write("key size = " + RijndaelAlg.KeySize + "<br/>"); Response.Write("legal key sizes = "); for (int i=0; i < RijndaelAlg.LegalKeySizes.Length; i++) { if (i < RijndaelAlg.LegalKeySizes.Length-1) { Response.Write(RijndaelAlg.LegalKeySizes.MinSize + "-" + RijndaelAlg.LegalKeySizes.MaxSize + "(" + RijndaelAlg.LegalKeySizes.SkipSize + "), "); } else { Response.Write(RijndaelAlg.LegalKeySizes.MinSize + "-" + RijndaelAlg.LegalKeySizes.MaxSize + "(" + RijndaelAlg.LegalKeySizes.SkipSize + ")<br/>"); } } Response.Write("mode = " + RijndaelAlg.Mode + "<br/>"); Response.Write("padding = " + RijndaelAlg.Padding + "<br/>"); // Create a CryptoStream using the FileStream // and the passed key and initialization vector (IV). Response.Write("<br/>encryption = "); CryptoStream cStream = new CryptoStream( new CryptoStream( Response.OutputStream, new ToBase64Transform(), CryptoStreamMode.Write ), RijndaelAlg.CreateEncryptor(), CryptoStreamMode.Write); // Create a StreamWriter using the CryptoStream. StreamWriter sWriter = new StreamWriter(cStream); // Write the data to the stream // to encrypt it. sWriter.WriteLine(Data); // Close the streams sWriter.Close(); cStream.Close();%>
The block size is 128 bit, and off the top of my head, I'm 99% certain that the CipherMode is CBC. I'm off site with a client this week, but I'll take a closer look at the issue first thing next week and figure out what the difference is, and if we need to add more configuration options, which I've actually been considering already.
Thanks,
Xander
Copyright© 2008 Telligent Systems Inc. All rights reserved CommunityServer.com • Telligent.com