encoding method of the passwords?

    Assuming your referring to the user passwords, the relevant section is in:
    .../Library/Olap/Password.cpp
    It reads:

    Source Code

    1. unsigned char omd5buf[MD5_DIGEST_LENGTH];
    2. MD5((const unsigned char *)password.c_str(), password.size(), omd5buf);
    3. hashLevel++;
    4. password = "\t"+StringUtils::convertToString(hashLevel)+"\t"+bin2Hex((const unsigned char *)omd5buf, sizeof(omd5buf));

    Where 'password' is a std::string containing the password text.

    So to answer you question, the password consists of:
    (1) a tab character
    (2) a number, representing the hash level (not sure what this is really used for)
    (3) a tab character
    (5) the password itself, which is MD5 encrypted and converted from binary into hex.
    Typically the MD5 output is a 128 digit binary which is converted into 32 hex characters. So this is fairly standard treatment.

    The MD5 encryption algorith itself is supplied by openssl. From an example earlier in the same file, "admin", with hash level 1 would be:
    \t1\t21232f297a57a5a743894a0e4a801fc3

    Wikipedia is pretty damming:
    As of 2010, the CMU Software Engineering Institute considers MD5 "cryptographically broken and unsuitable for further use",[11] and most U.S. government applications now require the SHA-2 family of hash functions.[12]

    It would probably be good if this was moved to something a bit more modern.
    Crypt/Decrypt function from source code (c#)
    sourceforge.net/p/palo/code/HE…X/XlAddin/Utils/Crypto.cs

    Source Code

    1. /*
    2. *
    3. * Copyright (C) 2006-2011 Jedox AG
    4. *
    5. * This program is free software; you can redistribute it and/or modify it
    6. * under the terms of the GNU General Public License (Version 2) as published
    7. * by the Free Software Foundation at http://www.gnu.org/copyleft/gpl.html.
    8. *
    9. * This program is distributed in the hope that it will be useful, but WITHOUT
    10. * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
    11. * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
    12. * more details.
    13. *
    14. * You should have received a copy of the GNU General Public License along with
    15. * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
    16. * Place, Suite 330, Boston, MA 02111-1307 USA
    17. *
    18. * You may obtain a copy of the License at
    19. *
    20. * <a href="http://www.jedox.com/license_palo_bi_suite.txt">
    21. * http://www.jedox.com/license_palo_bi_suite.txt
    22. * </a>
    23. *
    24. * If you are developing and distributing open source applications under the
    25. * GPL License, then you are free to use Palo under the GPL License. For OEMs,
    26. * ISVs, and VARs who distribute Palo with their products, and do not license
    27. * and distribute their source code under the GPL, Jedox provides a flexible
    28. * OEM Commercial License.
    29. *
    30. * \author
    31. *
    32. *
    33. */
    34. /*
    35. using System.Collections.Generic;
    36. */
    37. using System;
    38. using System.IO;
    39. using System.Security.Cryptography;
    40. using System.Text;
    41. namespace Jedox.Palo.XlAddin.Utils
    42. {
    43. class Crypto
    44. {
    45. #region Standard stuff
    46. private Crypto()
    47. { }
    48. #endregion
    49. #region Rijndael
    50. public static string Rijndaele(string inputString, string inputKey, string inputIV)
    51. {
    52. System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create();
    53. byte[] key = Encoding.UTF8.GetBytes(inputKey);
    54. byte[] IV = md5.ComputeHash(Encoding.UTF8.GetBytes(inputIV));
    55. string result = "";
    56. try
    57. {
    58. using (RijndaelManaged rijn = new RijndaelManaged())
    59. {
    60. rijn.Mode = CipherMode.CFB;
    61. rijn.Padding = PaddingMode.None;
    62. rijn.FeedbackSize = 8;
    63. using (MemoryStream msEncrypt = new MemoryStream())
    64. {
    65. using (ICryptoTransform encryptor = rijn.CreateEncryptor(key, IV))
    66. {
    67. using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
    68. using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
    69. {
    70. swEncrypt.Write(inputString.PadRight(16));
    71. }
    72. result = Convert.ToBase64String(msEncrypt.ToArray());
    73. }
    74. }
    75. rijn.Clear();
    76. }
    77. }
    78. catch
    79. { }
    80. return result;
    81. }
    82. public static string Rijndaeled(string inputString, string inputKey, string inputIV)
    83. {
    84. System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create();
    85. byte[] key = Encoding.UTF8.GetBytes(inputKey);
    86. byte[] IV = md5.ComputeHash(Encoding.UTF8.GetBytes(inputIV));
    87. string result = "";
    88. try
    89. {
    90. using (RijndaelManaged rijn = new RijndaelManaged())
    91. {
    92. rijn.Mode = CipherMode.CFB;
    93. rijn.Padding = PaddingMode.None;
    94. rijn.FeedbackSize = 8;
    95. using (MemoryStream msDecrypt = new MemoryStream(Convert.FromBase64String(inputString)))
    96. using (ICryptoTransform decryptor = rijn.CreateDecryptor(key, IV))
    97. {
    98. using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
    99. using (StreamReader swDecrypt = new StreamReader(csDecrypt))
    100. {
    101. result = swDecrypt.ReadToEnd();
    102. }
    103. rijn.Clear();
    104. }
    105. }
    106. }
    107. catch
    108. { }
    109. return result.TrimEnd();
    110. }
    111. #endregion
    112. #region DES
    113. public static string DESe(string inputString)
    114. {
    115. string resultString = "";
    116. byte[] plaintext = Encoding.ASCII.GetBytes(inputString);
    117. DES des = new DESCryptoServiceProvider();
    118. des.Mode = CipherMode.CBC;
    119. des.Key = Encoding.ASCII.GetBytes("9dab4fc5");
    120. des.IV = Encoding.ASCII.GetBytes("aa9a5c43");
    121. MemoryStream memStreamEncryptedData = new MemoryStream();
    122. memStreamEncryptedData.Write(plaintext, 0, plaintext.Length);
    123. CryptoStream encStream = new CryptoStream(memStreamEncryptedData, des.CreateEncryptor(des.Key, des.IV), CryptoStreamMode.Write);
    124. resultString = Convert.ToBase64String(memStreamEncryptedData.ToArray());
    125. encStream.Close();
    126. return resultString;
    127. }
    128. public static string DESd(string inputString)
    129. {
    130. string resultString = "";
    131. try
    132. {
    133. byte[] ciphertext = Convert.FromBase64String(inputString);
    134. DES des = new DESCryptoServiceProvider();
    135. des.Mode = CipherMode.CBC;
    136. des.Key = Encoding.ASCII.GetBytes("9dab4fc5");
    137. des.IV = Encoding.ASCII.GetBytes("aa9a5c43");
    138. MemoryStream memDecryptStream = new MemoryStream();
    139. memDecryptStream.Write(ciphertext, 0, ciphertext.Length);
    140. CryptoStream cs_decrypt = new CryptoStream(memDecryptStream, des.CreateDecryptor(des.Key, des.IV), CryptoStreamMode.Write);
    141. resultString = Encoding.ASCII.GetString(memDecryptStream.ToArray());
    142. //cs_decrypt.Close();
    143. }
    144. catch (Exception exc)
    145. {
    146. Utils.ErrorHandler.DisplayError("Error decrypting", exc);
    147. }
    148. return resultString;
    149. }
    150. #endregion
    151. #region MD5
    152. public static string MD5(string input)
    153. {
    154. // step 1, calculate MD5 hash from input
    155. System.Security.Cryptography.MD5 md5 = System.Security.Cryptography.MD5.Create();
    156. byte[] inputBytes = Encoding.ASCII.GetBytes(input);
    157. byte[] hash = md5.ComputeHash(inputBytes);
    158. // step 2, convert byte array to hex string
    159. StringBuilder sb = new StringBuilder();
    160. for (int i = 0; i < hash.Length; i++)
    161. {
    162. sb.Append(hash[i].ToString("x2"));
    163. }
    164. return sb.ToString();
    165. }
    166. #endregion
    167. #region Base64
    168. public static string Base64e(string inputString)
    169. {
    170. return Convert.ToBase64String(Encoding.UTF8.GetBytes(inputString));
    171. }
    172. public static string Base64d(string inputString)
    173. {
    174. return Convert.FromBase64String(inputString).ToString();
    175. }
    176. #endregion
    177. #region URL
    178. public static string URLe(string inputString)
    179. {
    180. return System.Web.HttpUtility.UrlEncode(inputString);
    181. }
    182. public static string URLd(string inputString)
    183. {
    184. return System.Web.HttpUtility.UrlDecode(inputString);
    185. }
    186. #endregion
    187. }
    188. }
    Of course :)

    This is C# class. If you have C# project, copy this class into your project and use DESe (encrypt function) and DESd (decrypt function).

    e.g.:
    string password = "admin";
    string encrypt_password = Crypto.DESe(password); //encrypt_password = "YWRtaW4="
    string decrypt_password = Crypto.DESd(encrypt_password ); //decrypt_password = "admin"

    Post was edited 1 time, last by “vesi” ().

    Greetings. I couldn't get this to work with ETL connection passwords. After some research, I found that I could use a small JAVA application for those:

    import org.jasypt.util.text.BasicTextEncryptor;

    public class pwdec
    {
    public static void main(String[] args)
    {
    try
    {
    String password = args[0];
    BasicTextEncryptor crypt = new BasicTextEncryptor();
    crypt.setPassword("proclos");
    password = crypt.decrypt(password);
    System.out.println(password);
    }
    catch (Exception e)
    {
    e.printStackTrace();
    }
    }
    }