Pages

Wednesday, August 7, 2013

JBoss 5 Data Source Decryption

Configuring a Data Source in Jboss is multi way process. We need to encrypt the plain text password and then use that in login-config.xml and create a xxx-ds.xml file.

Encrypting a password in Jboss can be done by using

java -cp client/jboss-logging-spi.jar:common/lib/jbosssx.jar org.jboss.resource.security.SecureIdentityLoginModule jagadesh

Encoded password: 7b228572f1d62ebcdf8592078de921bc

From Inside the JBoss_HOME location. I did encrypted password and created data Sources but what happens if you need to decrypt the Password.

JBoss Uses Pretty Simple process to encrypt and decrypt plain text Strings to encrypted. The encryption is provided by Jboss. The code for encryption and decryption are

public static String encode(String secret) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {

byte[] kbytes = "jaas is the way".getBytes();
SecretKeySpec key = new SecretKeySpec(kbytes, "Blowfish");

Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.ENCRYPT_MODE, key);
byte[] encoding = cipher.doFinal(secret.getBytes());
BigInteger n = new BigInteger(encoding);
return n.toString(16);
}


public static char[] decode(String secret) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {

byte[] kbytes = "jaas is the way".getBytes();
SecretKeySpec key = new SecretKeySpec(kbytes, "Blowfish");

BigInteger n = new BigInteger(secret, 16);
byte[] encoding = n.toByteArray();

Cipher cipher = Cipher.getInstance("Blowfish");
cipher.init(Cipher.DECRYPT_MODE, key);
byte[] decode = cipher.doFinal(encoding);
return new String(decode).toCharArray();

}

For those who are lazy like me , I have created a executable jar file. Donwload and run like

root@localhost>java -jar JBossDescypt.jar <Encrypted Password>

You will get the Decrypted Password.

Here is the Link to the Jar File

Happy learning , More To Come :-)