benlucchesi
commented
10 years ago So there shouldn't be anything magical about creating a secret that's compatible with 'Blowfish/CBC/PKCS5Padding' and without seeing your config, I can only guess why its failing, so here's a couple of suggestions as to why it may be failing and what the solutions to resolve those problems are:
1) Non-ECB algorithms are supported in 2.0.12 and greater. If you don't have this version, the "Blowfish/CBC/PKCS5Padding" algorithm specification won't work. Upgrade to fix.
2) the secret can be specified as either a string or an array of bytes. This means that you can specify the string as any of the following: grails.plugin.cookiesession.secret = "this is my secret" grails.plugin.cookiesession.secret = "this is my secret".bytes grails.plugin.cookiesession.secret = [1,2,3,4,5,6,7,8,9] // is internally cast to byte[]
3) If you're using a ECB algorithm, you need to specify a key length that's compatible with the algorithm. For example, for if you set the cryptoalgorithm to "Blowfish", the secret needs to be between 32 and 448 bits. You'll need to look at the specific algorithm's documentation for the key specifications.
4) here's an example of crypto configurations that I use in the test harness that's I've verified to work:
grails.plugin.cookiesession.encryptcookie = true
grails.plugin.cookiesession.cryptoalgorithm = "Blowfish/CBC/PKCS5Padding" // DESEde,DES,AES,Blowfish
//grails.plugin.cookiesession.cryptoalgorithm = "Blowfish"
grails.plugin.cookiesession.secret = "123456789"
//grails.plugin.cookiesession.secret = [1,2,3,4,5,6,7,8,9]
//grails.plugin.cookiesession.secret = "this is a secret"
5) regarding initialization vectors, it is created automatically created by the cipher object and use IF you specified the crypto algorithm using the following format "Blowfish/CBC/PKCS5Padding"
I don't want the secret you're using, but can you give me an example of what it looks like?
Ben Lucchesi | Chief Software Architect | Granicus Inc. 600 Harrison Street, Suite 120 San Francisco, CA 94107 work: 415.357.3618 x1300 | fax: 415.618.0102 | cell: 775.250.3396
From: lchoy [notifications@github.com] Sent: Tuesday, January 14, 2014 1:24 PM To: benlucchesi/grails-cookie-session-v2 Subject: [grails-cookie-session-v2] compatible secret for Blowfish crypto algorithm (#31)
Could you provide guidance on creating a compatible secret for the Blowfish crypto algorithm for use with this plugin? I keep getting the error "Illegal key size or default parameters". The documentation specifies that non-ECB cipher modes, such as 'Blowfish/CBC/PKCS5Padding', require an initialization vector. How do I set the initialization vector?
Thanks
— Reply to this email directly or view it on GitHubhttps://github.com/benlucchesi/grails-cookie-session-v2/issues/31.
lchoy
Could you provide guidance on creating a compatible secret for the Blowfish crypto algorithm for use with this plugin? I keep getting the error "Illegal key size or default parameters". The documentation specifies that non-ECB cipher modes, such as 'Blowfish/CBC/PKCS5Padding', require an initialization vector. How do I set the initialization vector?
Thanks